Jack Recider

He couldn't get high-quality close-up photos of the badges being that far away, but it was enough to allow them to replicate it in Photoshop so that if someone is walking by or from a distance, they wouldn't know the difference. So the team all met up at a coffee shop to put the right logo on the badge and to write the data onto the key card.

He couldn't get high-quality close-up photos of the badges being that far away, but it was enough to allow them to replicate it in Photoshop so that if someone is walking by or from a distance, they wouldn't know the difference. So the team all met up at a coffee shop to put the right logo on the badge and to write the data onto the key card.

Well, this was mostly a success. They needed to demonstrate access to sensitive equipment in areas that they were able to get into the building and take pictures of them touching this equipment and stuff they just shouldn't be able to get to. But since this guy really wasn't buying their story, they decided to leave.

Well, this was mostly a success. They needed to demonstrate access to sensitive equipment in areas that they were able to get into the building and take pictures of them touching this equipment and stuff they just shouldn't be able to get to. But since this guy really wasn't buying their story, they decided to leave.

Because as a penetration tester, when you get caught, you want to see if you can get out of that situation. Try to leave and get out of there. See what happens. Is this guy going to stop them from leaving? So they walked out and got to the parking lot. And they could get in their cars and go, but there was another building in this parking lot that they also needed to test.

Because as a penetration tester, when you get caught, you want to see if you can get out of that situation. Try to leave and get out of there. See what happens. Is this guy going to stop them from leaving? So they walked out and got to the parking lot. And they could get in their cars and go, but there was another building in this parking lot that they also needed to test.

So might as well walk over to that and see what happens. They thought this guy might be watching them though. So they walked across the parking lot to the other building and made it very clear in case he was watching them that they had badges that they were using to get in the building.

So might as well walk over to that and see what happens. They thought this guy might be watching them though. So they walked across the parking lot to the other building and made it very clear in case he was watching them that they had badges that they were using to get in the building.

These were working badges, and if the guy was watching them, he could see they had valid key cards to get in the building. Don't forget, on top of that, they have a jacket and a hat with the company logo on it.

These were working badges, and if the guy was watching them, he could see they had valid key cards to get in the building. Don't forget, on top of that, they have a jacket and a hat with the company logo on it.

Deviant and his crew were caught. All the windows of opportunity to lie their way out of it were closed. The game was over. So time to come clean and show the get out of jail free card. See, here's the thing. When you're paid by a company to break into their building, it's possible it could all go wrong.

Deviant and his crew were caught. All the windows of opportunity to lie their way out of it were closed. The game was over. So time to come clean and show the get out of jail free card. See, here's the thing. When you're paid by a company to break into their building, it's possible it could all go wrong.

So you need a letter of authorization from the company, preferably someone real high up that can vouch for you, that when you call them, they will say, yes, we did hire them to do a security test on the building. And you print this agreement out and put it on a piece of paper and carry it with you at all times when you're doing a physical penetration test like this.

So you need a letter of authorization from the company, preferably someone real high up that can vouch for you, that when you call them, they will say, yes, we did hire them to do a security test on the building. And you print this agreement out and put it on a piece of paper and carry it with you at all times when you're doing a physical penetration test like this.

And this is what's known as the get out of jail free card. Now, what some penetration testers do is they print off a fake one. It's got the right name of the head of security, but with a phone number to someone waiting in the parking lot who would act like that person if they got called.

And this is what's known as the get out of jail free card. Now, what some penetration testers do is they print off a fake one. It's got the right name of the head of security, but with a phone number to someone waiting in the parking lot who would act like that person if they got called.

Deviant saw that this guy had everyone's number in his phone already and thought the fake get out of jail free card isn't going to work here. So he gave him his real one. And this was the first and only time Deviant has ever been caught to the point that he had to show this paper and come clean like this.

Deviant saw that this guy had everyone's number in his phone already and thought the fake get out of jail free card isn't going to work here. So he gave him his real one. And this was the first and only time Deviant has ever been caught to the point that he had to show this paper and come clean like this.

Brilliant. He did not trust the number on the paper that Deviant handed him. Instead, he looked up the name's number himself. And this was the right thing to do. And sure enough, the head of security vouched for them and said, good job catching them. And yes, we did hire them, and they are supposed to be there.

Brilliant. He did not trust the number on the paper that Deviant handed him. Instead, he looked up the name's number himself. And this was the right thing to do. And sure enough, the head of security vouched for them and said, good job catching them. And yes, we did hire them, and they are supposed to be there.