Summary: <p>On a recent security assessment I was thrown for a loop and given the opportunity to do a two-part physical pentest/SE exercise - with about 5 minutes notice(!). Yes, it had me pooping my pants, but in retrospect it was an amazing experience. This is the mission I was given:</p> <ul> <li> <p><strong>See if you can get the front desk staff to plug in a USB drive</strong> - I posed as <a href="https://twitter.com/strandjs" rel="nofollow noreferrer noopener" target="_blank">John Strand</a> and armed myself with a fake resume. And as I approached the front desk I suddenly panicked and thought, "What if the front desk person is a <a href="https://bhis.co" rel="nofollow noreferrer noopener" target="_blank">BHIS</a> fan?!?!?"</p> </li> <li> <p><strong>Break into a door with weak security and steal equipment</strong> - I was given a plastic shiv and asked to try and get into a secure area in the middle of a busy office morning. No pressure, right?</p> </li> </ul><p>Was I successful? Was I arrested? Find out in today's episode!</p>
