While this list is not all encompassing, some of the techniques that an engineer may use on a physical penetration test include:

•   RFID-Cloning – Using an RFID-cloner, the engineer will attempt to get close enough to employee’s badges to read and copy them. Once a valid card is obtained, the engineer will use it to attempt to gain access to the facility.

•   Tailgating – Tailgating simply means using social engineering to try to get an employee to hold the door open for you or just grab the door before it closes. This works far more often than it should.

•   Circumventing access controls – Many times, other techniques are used to gain access such as crawling under or over fences, using a metal rod to reach under the door and pull the handle, etc.

•   Lock Picking – Most modern doors have protections that make it difficult to pick the lock and gain access. However, many times shredding services do not, and gaining access to shred bins can be relatively easy and fruitful for an attacker.


Watch some interesting videos we found on the NET :