Physical Access Control Systems: Practical Hacking and Defense of RFID PACS [2-Day]

Physical Access Control Systems: Practical Hacking and Defense of RFID PACS [2-Day]

Regular price $3,340.00 Sale

Practical security is the foundation of any security model.

Beyond firewalls and network hardening, government and enterprise alike must consider how security infrastructure safeguards digital, material, and human assets. Physical security is foundational to the ability to resist unauthorized access or malicious threat.

In this training developed by world-renowned access-control expert Babak Javadi, students will be immersed in the mysteries of PACS tokens, RFID credentials, readers, alarm contacts, tamper switches, door controllers, and backhaul protocols that underpin Physical Access Control Systems (PACS) across the globe. The course provides a holistic and detailed view of modern access control and outlines common design limitations that can be exploited. Penetration testers will gain a practical understanding of what PACS looks like in the field, and how to intercept, clone, downgrade, replay, and bypass one's way through the system. Defenders, designers, and directors will come with away with best practices and techniques that will resist attacks.

Every registrant receives a custom hardware package available only from Red Team Alliance

Participation will include hands-on practical experience with tools, exploits, and refined methods for compromising modern Physical Access Control Systems.

Course Curriculum

  • Fundamentals of Modern PACS Designs
  • Sensor Manipulation and Bypass Methods
  • Historical and Modern Security Tokens Including,
    • Magnetic Stripe
    • 125KHz RFID Technologies including Prox, Indal, ioProx, EM, and others
    • 13.56MHz and NFC RFID Technologies including iCLASS, Legic Prime, MIFARE, DESFire, ISO1443A, ISO1443B, ISO15693, and others.
  • Understanding and Use of "Magic" RFID Credentials in Cloning Operations
  • Biometric Authentication
  • Practical Instruction, Understanding, and Use of the Proxmark3 RFID Research and Attack Tool
  • Reader Weaponization and Extended-Range RFID Cloning
  • Tech Downgrade Attacks: Techniques for Identifying Vulnerable System Configurations of SEOS and DESFire EV1/EV2
  • Principal Methods of Operation of Door Controllers, Control Panels, and their Associated Weaknesses
  • Deploying Denial of Service Attacks
  • Wiegand Protocol Sniffing, Interception, and Replay

Students will be well-prepared for real-world red team scenarios and learn how to exploit access control technology with the latest attack hardware.  There are also modules detailing the back-end of these systems, allowing Man in the Middle and Denial of Service attacks.

The exclusive hardware package includes...

  • The RFID Door Simulator: Colloquially known as the "Building in a Box", this unique piece of equipment is a self-contained unit intended to simulate authentication operations performed by a paired RFID credential reader and an upstream door controller. It features a unique multi-technology RFID credential reader, an integrated door controller, an OLED display, and a power supply. Enrolled students will practice interacting with a wide array of credential technologies and get hands-on experience with the tools, techniques, and procedures necessary for executing multiple kinds of attacks against PACS environments in the field.
  • Proxmark3 RDV 4.01 Retail Package
  • Professional PACS Credential Demo Pack: A comprehensive collection of specially configured PACS credentials representing the top technologies used worldwide.
  • Penetration Tester's Blank Credential Pack: A comprehensive and practical selection of special-purpose credentials that can be reprogrammed to emulate a wide variety of credentials, including 125KHz, 134KHz, and 13.56MHz technologies.
  • ESPKey Wiegand Interception Tool: A stamp-sized man-in-the middle attack tool that can be deployed against most systems to intercept, replay, and manipulate credential data in-transit.

** EXCLUSIVE BUNDLE OFFER FOR VIRTUAL STUDENTS **

Students taking both the 5-Day CMoE and 2-Day PACS virtual trainings can receive a $1200 hardware kit discount by adding both classes to their cart! Offer is only valid for one student, and student will receive only one PACS hardware kit to cover both courses.

Course Schedule

Class is delivered online in virtual format

Date:            As Selected Above




North America West

North America East

Late EU Trainings

Melbourne, Australia

9:00AM - 5:00PM US Pacific Time

9:00AM - 5:00PM US Eastern Time

3:00PM - 11:00PM Central European Time

9:00AM - 5:00PM Local Time (GMT+11)

 (Including Coffee and Lunch Breaks)

Special Notes for Australian Students: Hardware for on-site students in Melbourne, Australia will be shipped directly to the student prior to class. Students are asked to bring all hardware to class.  Monash University is not involved in the content or delivery of the course.

Student Prerequisites

  • Windows 10 or Windows 11 x64 w/ Administrative Rights
  • Webcam and Microphone
  • Appropriate Firewall / Security Access

Students will be required to be ready to participate with a computer natively running Windows 10 or Windows 11 with local administrative rights.  Laptops that are restricted from running software due to corporate security policies or the use of Windows "S Mode" may not work during class.

Virtual Machines and other operating systems have performed inconsistently. Students may bring a Linux or MacOS system as well, but those doing so should ensure that they have ready access to a native Windows machine.

Students must ensure local security polices or firewalls do not block any necessary access.