A Wild Open Door Appears

This post is for all the black team leaders out there, and also to the juniors who are just starting out, and is about one of the most common mistakes I have seen during engagements.

The first time you break into a high security building, or really any building, the adrenaline is dumping, you’re very excited and you’ve spent days, maybe weeks prepping and planning for this moment … the moment when, by chance, a secure door happens to be open, and you’re right there.

The Operational Problem

A common mistake is to optimize for the observable metric, get through the perimeter, get into the building, don’t get stopped. It is the physical equivalent of a junior operator popping a shell and immediately typing whoami, but never checking egress paths, telemetry, or whether they just lit up every alert.

Physical environments can punish that mindset even harder than digital ones because unlike being temporarily locked out of a system, inside a physical building you may find yourself locked inside.

In cyberspace, you can often disconnect, pivot, or drop the session. In the real world, your body is the payload. If you step into a space you cannot exit, you have not infiltrated, you have self detained.

And once you are stuck, you are no longer conducting an infiltration, you’ve created a rescue operation for your team.

Scenario, The Open Door Trap

You are on close range recon. You see it, an open door, no guard, no receptionist, no visible controls. The team members eyes light up. They see an invitation. They see momentum. They see the story they will tell later, “We walked right in.”

They rush inside.

Immediately, the environment changes. It is quieter. More sterile. The air feels different, a stairwell, a service corridor, an interior vestibule. The door clicks shut behind them with the soft confidence of a system doing exactly what it was designed to do.

Now comes the part juniors rarely simulate in their head, getting back out.

They try the handle, it does not open. They look for a crash bar, there is none. They scan for a badge reader, there it is, on the inside. They have entered a one way space designed to allow people in from a controlled area, but not back into the uncontrolled world. A security feature that exists precisely because people try doors.

And because the universe has a sense of humor, there is a camera. Not a dusty dome in the corner that nobody monitors. An actively placed, actively angled camera looking directly into the choke point they are now standing in, exactly where everyone stands when they realize they made a mistake.

At this point, the junior’s options collapse fast.
They cannot casually leave.
They cannot loiter without looking suspicious.
They cannot move deeper without compounding the problem.
They cannot explain their presence if challenged without improvising a cover story under the worst possible conditions, trapped, recorded, and visibly uncertain.

The engagement is now at risk because the operator is no longer controlling the narrative. The building is.

Not Only Hallways

One of the more common places I see this type of security setup is actually not hallways, but stairwells.

Most times when you find yourself inside a target building, going vertical is a requirement because the flags you are after: CEO office, VIP meeting room, etc are not on the ground floor, so elevators and stairwells become a requirement.

But take a look at this stairwell entrance. There is no locks, RFID system or security that can be seen … Perfect, lets go inside and up a few floors.

The problem is that this is what is on the other side of that door, effectively a quick way to get yourself trapped.

I highly encourage all team members to get into the habit of checking doors as they pass through them. Make it second nature to look for a few things on doors as you enter / exit:

• alarm systems

• locks

• dead latches

• strike plates

• RFID readers

• Security cameras

All of these systems will be in predictable places and after a little practice you can check all of the above in about the same time it would normally take you to simply walk through the door.

But having checked everything out, you should know if this door is safe to enter and what kinds of tools you might require to get in / out of it.

How Black Team Leaders Keep Juniors Out of This

For team leads, you need to understand the mentality of your juniors and how in such a situation, they will likely be extremely eager to “Leroy Jenkins” the situation.

It is your responsibility to ensure this doesn’t happen, and have a rescue plan in case it does.

Your ultimate goal for any engagement is to fulfill the clients requirements and improve their physical security, but in order to do this, getting inside shouldn’t be the goal, its getting persistence.

Persistence will allow you to come and go as you please, executing multiple attempts without having to always rely on something like tailgating or luck.

Ensure your teammates, and especially juniors, understand this and that rushing inside unprepared can often lead to mission failure, not success.

Conclusion

The mistake is never “they went through the door.” The mistake is that they treated entry like the objective, and stopped thinking the moment the latch clicked.

The open door, the quiet stairwell, the empty corridor, those are the places where tunnel vision turns into commitment, and commitment turns into a trap. One bad threshold decision can pin a team member under a camera, force improvisation, trigger escalation, and drag the whole engagement off mission while you burn time, cover, and credibility trying to unwind it.

So build the habit you want to see, slow is smooth at doors, ask how we get out before we go in, treat every threshold like it can lock behind you, and never let momentum substitute for a plan.

Training Resources:

For individuals looking for a hands on training that includes all of the above topics, Covert Access Team (covertaccessteam.com) provides training courses focused on physical penetration testing, lockpicking, bypassing techniques, social engineering and other essential skills.

• Covert Access Training - 5 day hands on course designed to train individuals and groups to become Covert Entry Specialists

• Physical Audit Training - 2 day course on how to setup and run a physical security audit

• Elicitation Toolbox Course - 2 day course of that primarily focuses on elicitation and social engineering as critical aspects of Black Teaming

• Strategic Operations for Lone Operators - Advanced course for those who are interested in learning how to become a one man infiltration team.

• Counter Elicitation - 2 day course on how to recognize and prevent elicitation attempts, and safegaurd your secrets.

• Cyber Bootcamp for Black Teams - 2 day course designed explicitly for physical penetration testers who need vital cyber skills to add to their toolbox.

• Private Instruction - Focused learning & training based on your needs .