🚪
Physical Penetration Testing
Real-world building access attempts and physical security assessment
root@omniforge:~/services
root@omniforge:~/services# █
root@omniforge:~/services# cat overview.md
We simulate real-world physical intrusion attempts to test your building security, access controls, and staff awareness. Our physical penetration tests include tailgating, lock picking, badge cloning, social engineering, and after-hours infiltration. Every test is conducted safely with no property damage, and documented with photo/video evidence. You'll receive a detailed report showing exactly how we gained access and what an attacker could reach.
root@omniforge:~/services# ./list-capabilities --format=grid
✓Building perimeter security assessment
✓Access control bypass (tailgating, mantrap defeat)
✓Lock picking & physical bypass techniques
✓Badge cloning & RFID/NFC attacks
✓In-person social engineering & pretexting
✓Security camera evasion & blind spot analysis
✓Dumpster diving & physical OSINT
✓After-hours infiltration attempts
✓Server room & restricted area access
✓Physical device planting (USB, network taps)
✓Security guard interaction testing
✓Alarm system assessment
root@omniforge:~/services# ./show-toolkit --category=opensource
Lock Picking Tools (Sparrows, Peterson)RFID/NFC Cloners (Proxmark3, Flipper Zero)Hidden Cameras (Button, Pen)Covert Recording DevicesBash Bunny/USB Rubber DuckyNetwork Implants (Raspberry Pi, WiFi Pineapple)Thermal ImagingOSINT FrameworksSocial Engineering ToolkitCustom Tools & Techniques
root@omniforge:~/services# ./pricing --display=tiers
Basic Physical Assessment
R18,000 - 35,000/engagement
$ ./physpentest --target=office --duration=1day --stealth=low
- →Single-location assessment
- →Perimeter security testing
- →Access control bypass attempts
- →Tailgating & social engineering
- →Basic lock picking attempts
- →Security camera assessment
- →Photo/video evidence
- →Detailed report with remediation
Most Popular
Comprehensive Testing
R45,000 - 85,000/engagement
$ ./physpentest --target=headquarters --stealth=high --duration=5days
- →Multi-day engagement (2-5 days)
- →Advanced lock picking & bypass
- →Badge cloning & RFID attacks
- →In-person social engineering
- →After-hours infiltration attempts
- →Dumpster diving & OSINT
- →Physical access device planting
- →Security guard interaction testing
- →Detailed video documentation
- →Executive debrief presentation
- →Remediation roadmap
Combined Physical + Digital
R75,000 - 150,000/engagement
$ ./physpentest --mode=redteam --attack=fullchain --stealth=extreme
- →Physical penetration testing
- →Network penetration from inside
- →USB/Bash Bunny deployment
- →Rogue AP & evil twin attacks
- →Physical keylogger installation
- →Server room access attempts
- →Red team full-chain attack
- →Domain compromise simulation
- →Multi-vector attack scenarios
- →C-suite briefing
- →Board-level reporting
- →Comprehensive remediation plan
root@omniforge:~/services# ./methodology --show=steps
[1]
Reconnaissance & Planning
// OSINT gathering, facility observation, entry point identification, and attack scenario planning
[2]
Access Attempts
// Tailgating, badge cloning, lock picking, social engineering, and perimeter bypass testing
[3]
Internal Exploitation
// Network access from inside, device planting, sensitive data access, and escalation attempts
[4]
Reporting & Remediation
// Video evidence compilation, detailed findings report, risk assessment, and security improvements roadmap
root@omniforge:~/services# ./use-cases --list
- ▸Testing new facility security before occupancy
- ▸Compliance validation (ISO 27001 physical controls)
- ▸Post-incident security verification
- ▸Merger & acquisition security due diligence
- ▸High-value asset protection validation
- ▸Executive protection program testing
- ▸Data center physical security audit
- ▸Retail loss prevention assessment