Skip to content

Offensive Security Experts

Customizable solutions to educate clients, identify security risks, inform intelligent business decisions, and enable you to reduce your attack surface digitally, physically and socially.

Red Teaming®

A multi-layered attack simulation designed to measure how well a company’s people and networks, applications, and physical security controls can withstand an attack from an adversary.

Penetration Testing

Inspects your network, application, device, and physical security through the eyes of BOTH a malicious actor and an experienced cybersecurity expert.

Social Engineering

Commonly known as “people hacking,” we aim to identify venerabilities by accessing a system, device, or physical premises.

Is You're Company Compliant?

RedTeam Security are the experts in helping you meet your industry’s security compliance standards, from banking to healthcare, retail and beyond.

PCI Penetration Testing

NERC CIP Compliance

HIPAA Penetration Testing

FDIC Penetration Testing

Cryptocurrency Compliance

Physical Penetration Testing Methodology

Learn more about our methodology and the steps used in our physical security penetration testing engagements

physical-penetration-testing-methodology

Each and every physical penetration test is conducted consistently using globally accepted and industry-standard frameworks which help make up our physical pentesting methodology. In order to ensure a sound and comprehensive physical security test, RedTeam leverages industry-standard frameworks as a foundation for carrying out penetration tests. At a minimum, the underlying framework is based on the NIST Special Publication 800 Series guidance and OSSTMM but goes beyond the initial framework itself.

Physical-Pene-testing-methodology

Physical Penetration Testing Steps

The first phase in a physical penetration test is focused on collecting as much information as possible about the target. Passive Reconnaissance, aka Information Gathering, is one of the most critical steps of a physical pen test. This is done through the use of public tools, such as Google Earth. As a result, it is usually possible to learn a great deal about the target’s surroundings and environment.

Open Source Intelligence

An important step in a physical penetration test focuses on collecting information that is freely available. Open Source Intelligence Gathering can be quite telling about a target, its people and specifics about the environment. This is done through the use of a different set of public tools, such as social networks, job boards, etc. Through thorough analysis, it begins to paint a picture of the target and its primary operations.

Active Reconnaissance

Active Reconnaissance in a physical penetration test generally involves gathering information offline. This often includes telephoning, emailing or otherwise directly querying target staff or vendors of the target for material not available or impossible to obtain through online means. The information obtained will be used to build a better plan as the process progresses.

Covert Observation

Covert Observation is exactly what it sounds like. This often includes covert photography of the target up close in an effort to identify physical security controls and monitoring staff as they are coming and going.

Attack Planning

By this time, the information collected in the previous phases is beginning to coalesce. Vulnerabilities, exit points, entrance points, cameras, guards, fences, company technology, staff members and other relevant information are used to begin planning an attack.

Pretexting

Planning and intelligence gathered by various means by now have morphed into a plan of attack including. Pretexting involves setting the plan into action and ensuring the team’s equipment, transportation and personnel are synchronized and ready to execute.

Infiltration, Exploitation & Post-Exploitation

During these phases, the team carries out the plan by exploiting vulnerabilities discovered using information and intelligence captured during the earlier phases of the assessment. Post-exploitation involves penetrating further into the environment and setting up to maintain a persistent backdoor.

Secure Your Physical Assets Today.

Services Datasheet

Learn more about RedTeam Security's advanced Application, Network and Physical Penetration Testing, Social Engineering and Red Teaming services.

Services Datasheet

Penetration Testing Resources

View all

Featured On

National TV news and media outlets often consult with us for our expertise as a
boutique, high-touch ethical hacking firm highly trained in a narrow field of cyber
security. Please click on any logo below to view the featured story.