I’m currently a penetration tester. I identity weaknesses and misconfigurations in client enterprise computer networks via hacking / using tooling. The clients are typically larger organisations such as finance institutions , mining orgs and other listed companies. We do red team exercises which involve testing more than just the IT, such as the people and the processes in place. This includes social engineering and trying to bypass physical security controls and then providing recommendations to clients.
The bypassing is typically ‘find an unlocked door, tailgating, convince someone to let you in, get close to a cloneable badge with a proxmark etc
The role is full time and leaves limited time for much else. I guess I’m wondering whether I could gain much from locksmithing to assist in identifying poor practices for larger organisations.
Are there regular weaknesses or bad practices that experienced locksmith come across?
Is this something I could learn doing on Saturday’s (enough to be useful) if I found someone willing to take on a volunteer.
An aspect of the assessment is that the IT team and physical security are not made aware of the engagement and as such we attempt to gain access to the nominated location undetected. Is locksmithing realistically going to help achieve this?
Any other thoughts on the topic?