Today I am chatting about RFID cloning, the typical equipment that you will use on engagements and audits, as well as the pros and cons of each piece of gear. I give my opinion on what type of gear a physical pentester or auditor should get, when to use each and how to best utilize them to accomplish your objectives.
We also discuss how you might go about deciding ahead of time, what equipment to bring with you on engagements to maximize success and why some devices are better than others in some situations.
I walk through war stories on how to actually go about cloning RFID cards in the field by performing embedded recon, combining social engineering with specific equipment and even how to use redundancies to ensure success.
Share this post