Skip to content

Lab401 Workshop: Physical Pentesting with Covert Entry

Lab401 Workshop: Physical Pentesting with Covert Entry


Physical penetration without infraction is a cornerstone of penetration testing.
Clients of all experience levels will leave this workshop proficient physical penetration testers.

Focused on hands-on training, clients will pick locks, bypass deadbolts and safety doors, mold keys, decode keys from a picture, learn privilege escalation on simple and advanced masterkey systems, identify and duplicate RF and RFID credentials...

After three days training, clients will have the skills and tools necessary to audit and enter a vast array of locations, including public (hotels, etc), commercial (offices, headquarters, warehouses) and industrial sites (critical infrastructure: power, security, etc)

Alexandre Triffault

Physical Security Expert

Security trainer for pentesters, computer scientists and the military for 10 years, Alexandre Triffault ( @Frenchkey_FR ) is developing tools and techniques to circumvent physical security devices ( . Specialized in 3D printing Keys and Tools, his work consists in finding and exploiting the flaws in access control systems, electronic or mechanical.

He is World Champion in impressioning technique (LockCon 2016). He is also a Research Associate at the Virology and Cryptology Lab at ESIEA and gives physical security classes in several IT Schools, and delivers training and consulting to multiple governmental and private organizations in Europe. He has lectured his research over the years at various international conferences and workshops, such as Nuit du Hack (FR), Defcon Lockpick Village (US), Hackito Ergo Sum (FR), LockCon (NL), SigSegV1 (FR), IT Defense (DE), GS Days (FR)...

Intended Public

  • Pentesters
  • Red-teamers
  • CISO
  • Security Professionals
  • Law enforcement / government


  • No previous knowledge of locks, keys or lockpicking is required.
  • An interest in physical security
  • Clients can bring their own locks, keys and tools if desired

Take-home materials

  • Detailed training manual.
  • Lockpicking Kit
  • Bypass Kit
  • RFID/RF Recon tools

Upcoming Dates

  • πŸ“… June 15-17, 2020 πŸ“ Paris, France πŸ‡«πŸ‡·/πŸ‡¬πŸ‡§
  • πŸ“… July 15-17, 2020 πŸ“ Paris, France πŸ‡«πŸ‡·/πŸ‡¬πŸ‡§
Signup for an upcoming workshop
Signup for workshop
Subscribe for event updates

Detailed Course Overview

Day One

Physical Entry Introduction + Attacks on popular office locks

Day 1 is an overwiew of the possible targets and scenarios available to the attacker in the real world, and the first lockpicking session of the training.

Physical intrusion vectors
  • Social Engineering
  • Climbing
  • Access opening
Discover physical security
  • The different types of locks
  • How they work
  • How to identify them
Introduction to scenarios
  • Casual intruder (opportunist)
  • Organized burglar team
  • Industrial espionage
Wafer locks
  • Identification
  • Lockpicking
  • Decoding
  • Jigglers
Tubular locks
  • Identification
  • Self-impressioning
  • Lockpicking

Day Two

Pin tumblers locks + Padlocks (Combination and with keys)

Day 2 focuses on learning and practicing various lockpicking and bypass techniques on pin tumblers locks, padlocks and combinations.

Pin tumbler locks lockpicking
  • Raking/Single Pin Picking
  • Specific Tools
  • Technique
  • Tips and tricks
Lockpick guns
  • Mechanical Pickgun
  • Electronic Pickgun
  • Tension Tools in depth
Keyed Padlocks
  • Lockpicking
  • Combs
  • Shims (where possible)
  • Blade bypass (where compatible)

Day Three

The Key, the Door, the RF and the RFID vectors

Day 3 is the time to think outside of the box with mutliple additional attack vectors available to the pentester.

Key Duplication
  • Molding
  • Filing
  • Photo decoding
  • Special techniques
Bump keys
  • Identification
  • Fabrication
  • Different techniques (push/pull)
Dictionary Attacks
  • Introduction
  • Identification
  • Compatible locks
Non Destructive Entry
  • Day-latches
  • Via Latches
  • Via Handles
  • Under-door
  • Emergency / pushbar doors
  • Identification
  • Attack vectors
  • Vulnerable systems
  • Introduction
  • Identification
  • Attack vectors

Workshop Conclusion

  • Summary: Attack Vectors
  • Summary: Tools & Techniques
  • Possible counter-measures
  • Homework: How to develop skills
  • Legal: Don't go to jail

How to participate?

Workshops are regularly scheduled, with the additional possibility of private sessions if required. To stay informed about upcoming workshop dates, subscribe to our Workshop mailing list.

Signup for an upcoming workshop
Signup for workshop
Subscribe for event updates