Reddit reviews Practical Lock Picking: A Physical Penetration Tester's Training Guide
We found 18 Reddit comments about Practical Lock Picking: A Physical Penetration Tester's Training Guide. Here are the top ones, ranked by their Reddit score.
Syngress Publishing
Wow, 24 hours and no replies?!
Fine, you know what? FUCK IT!
Alright, first off - While you can concentrate on physical, understanding the basics of the digital side of things will make you more valuable, and arguably more effective. I'll take this opportunity to point you at Metasploit and tell you to atleast spend an hour or so each week working to understand it. I'm not saying you have to know it backwards or inside-out, just get a basic understanding.
But you said you want to go down the physical path, so fuck all that bullshit I said before, ignore it if you want, I don't care. It's just a suggestion.
Do you pick locks? Why not? Come on over to /r/Lockpicking and read the stickied post at the top. Buy a lockpick set. You're just starting so you can go a little crazy, or be conservative. Get some locks (Don't pick locks you rely on!) at a store, and learn the basics of how to pick.
Your fingers will get sore. Time to put down the picks and start reading:
That reading list right there gives you over 2000 pages to read. Read. Read More.
Tired of Reading? Have you been listening to the Social-Engineer.org Podcasts? 53 quality podcasts right there. Time to catch up!
Tired of listening? Take a break! And by "Take a break" I mean grab your lockpicks, a lock, and start picking while you relax with a Jayson Street video. He's fun to watch, and will hopefully distract you while you try picking a lock. Also, he highlights how you don't have to be a computer-genius to be good at PenTesting. Go watch more of his videos while you pick locks - It's entertaining at least, and informative/educational at best. Now go watch Deviant Ollam's videos if you're done with Jayson Street.
Sounds like a lot? It's not. You'll spend a bit of money getting started with picks, locks, and books. It's the nature of the game, no good way around it. It's time-consuming. You may have to give up playing your favourite games for a while. But the things you learn and skills you develop will pay more than that game did. By the time you're halfway through any one of those books you'll have a much better idea of what questions you want or need to ask in order to progress further and faster every day.
Go to Security Cons. DerbyCon is awesome, and happens in late September, plenty of time to start saving money and making reservations. Talk to people, ask questions, and make connections. You will learn more in those 4 days than some people learn in months or years and you'll have tons of fun.
If you can swing it, attend Deviant Ollam's "Physical Security Skills for Penetration Testers" class. The things you will learn in that class will make it worth every damned penny, and you'll feel like a bad-ass at the end of it.
Is this what you wanted?
Random thoughts:
Deviant Ollam has a great book that explains everything.
http://www.amazon.com/Practical-Lock-Picking-Second-Edition/dp/1597499897/
Either this or this make a good starter set.
For books, I highly recommend Practical Lockpicking; Deviant Ollam. Read that cover to cover, and you'll have a strong foundation to start on.
If you want a good re-keyable practice lock, I like this one, personally. Get the 6 pin, non-cutaway, Kwik-set version.
You can get a really basic pick set from a site like SouthOrd.
My first set was their Pagoda set: http://www.southord.com/Lock-Pick-Tools/Lock-Pick-Set-Pagoda-Metal-Handles-BPXS-12.html
What that made me realize was at my skill level I only really use the short hook and S-rake.
Beyond that I was having issues getting my head around the theory of the inner workings, even with the videos available. I tend to learn really well academically so I picked up "Practical Lock Picking": https://smile.amazon.com/Practical-Lock-Picking-Second-Penetration/dp/1597499897/ref=sr_1_1?ie=UTF8&qid=1501560843&sr=8-1&keywords=practical+lock+picking
From there I picked up a few padlocks at garage sales, then ordered some specifically tiered towards the belt ranking setup here, and I've found them very progressive and enjoyable.
I actually reached out to some friends about 3D printing gear so I can do tear downs (I've got my Master 931 picked pretty well, I just need to tear it down for my next rank and don't want to lose everything).
Spend what you're comfortable spending (you wont be pick bound for fun or skill initially, at least I haven't been thus far), and follow the progression theories posted here, they've done really well by me.
Most importantly:
Don't fiddle with locks that aren't yours, even if you start realizing how much of the world is barred merely by a Master No3.
Don't fiddle with locks that you rely on for protection.
If you plan on carrying around gear verify your local laws.
Good luck and have fun, I'm really enjoying it so far.
https://www.amazon.com/Practical-Lock-Picking-Second-Penetration/dp/1597499897/ref=sr_1_7?ie=UTF8&qid=1472750161&sr=8-7&keywords=lock+picking
That's a decent book. I bought a copy and read a bit but never bought the tools and locks to practice.
Honestly, this book is a bit basic. I bought it a few weeks ago on RiftRecon's site because it was only $14 and I wanted to see if I was missing a technique or tactic. I wasn't. It's really meant to supplement their red team kit and comes across as such.
That being said, if you are unfamiliar with alternative entry techniques beyond lockpicking, it could be worth it, though Deviant Ollam's book is just a tad over double the amount for this little book and covers some other entry techniques besides lockpicking. http://www.amazon.com/gp/aw/d/1597499897/ref=mp_s_a_1_1?qid=1395334556&sr=8-1&pi=SY200_QL40
I would recommend picking Master locks to start - Like this They're ridiculously easy to pick, and you'll be able to get a good handle on manipulating single pins and even basic raking.
ITS Tactical generally has some pretty informative posts on lock picking/locksport from time to time. I would recommend these to get started:
Lastly this book is absolutely worth every penny.
His book looks pretty good too. (I haven't read it, but I've heard from others that it's very helpful, explains things in plain english, and is pretty humorous, which makes sense if you've ever met him or listened to one of his talks):
http://www.amazon.com/Practical-Lock-Picking-Second-Edition/dp/1597499897/ref=sr_1_3?ie=UTF8&qid=1345646056&sr=8-3&keywords=deviant+ollam
There is a ton of info in the sidebar. The wiki is your friend on free materials.
I highly recommend Lockpicking - Detail Overkill. The Author /u/derpserf used to poke his head in this sub a while back. Really in depth shit. (he would want me to use an expletive)
As far as printed media, I am a huge fan of Deviant Ollam. (Disclaimer: I have hung out with him at Defcon and have a bit of a man crush). He is a super nice guy who is very passionate about teaching what he loves to do. His two books (one about [picking and how locks operate(http://www.amazon.com/Practical-Lock-Picking-Second-Edition/dp/1597499897) and another on impressioning & bypass methods) are awesome.
Hope that helps.
Edit: added links
This one was mentioned in another post a week or so ago: https://www.amazon.com/Practical-Lock-Picking-Second-Penetration/dp/1597499897.
SouthOrd offers one called Easy Pickings with a few of their sets too. I've seen that one and it gives a very basic overview of locks and techniques to pick them. Much less information than can be found in the PDFs.
From this Amazon listing stating "Publication Date: October 8, 2012", and talking with Deviant on Twitter.
This, his second book (on bypassing locks WITH a key) on "the topics of impressioning, master key escalation, skeleton keys, and bumping attacks", also comes out shortly.
These books combined with the eBooks / resources in the stickied post will keep you busy for the next 10 years or so.
After your picks,here is your next purchase :)
Practical Lock Picking, Second Edition: A Physical Penetration Tester's Training Guide https://www.amazon.com/dp/1597499897/ref=cm_sw_r_awd_6qXLub1VB4HEA
> Fully patched. For Linux, this means the latest version of the kernel and the latest version of all critical software (e.g. web browsers, FTP, SSH, etc.)
So you make sure to update your device before entering the con? Is that because hackers have found exploitations in previous versions?
> The certificate allows you to do two things: 1.) authenticate the network, so you know for sure that you're on the network you think you are, talking to the router/access point you expect. 2.) Exchange a cryptographic key with that endpoint to ensure that all of your communications are free from tampering and eavesdropping. Key exchange mechanisms and certificate validation are huge topics. If you're interested, a good (though heavy) text to start with would be Schneier's "Applied Cryptography". There are also a number of good introduction to crypto courses, most of which will cover key exchange and cert authentication, available on Coursera and other online lecture sites.
That makes sense! So it's a security blanket for your device to make sure you're not on an unsafe network where who knows what could happen.
I did learn a bit about cryptography and cert/key exchange mechanisms in an AP computer science class, but forgot most of it, haha.
Is Applied Cryptography meant for those who already have a background/knowledge in cryptography?
> If this leads to binding while a tool is in there, then it can be a bad time. Your tools can also sometimes bend or break small springs or other internals on certain kinds of locks.
Gotcha, definitely gonna use clear locks first so I can at least get a feel for when something is mucking up.
> Other good beginner guides: I like Deviant Ollam's "Practical Lockpicking": https://www.amazon.com/Practical-Lock-Picking-Second-Penetration/dp/1597499897/
> The MIT Lockpicking Guide is also pretty good (available free online).
I'm curious, do these do a good job of both explaining the mechanisms behind the locks, terminology, and how to pick a lock for beginners? I just want to make sure before I start reading them (or at least when I do start reading them).
> Other than that, if you can get old locksmithing manuals or references, they can really help fill in knowledge once you get the basics. New ones are HEINOUSLY expensive (the economics of rare, valuable knowledge get super weird),
I think I have one locksmith nearby me, so I might stop by and see what they have lying around.
Is there a reason new ones are notoriously expensive?
> Hacking is a huge topic and means different things to different people. It has a huge number of specialties, so it's hard to get a start sometimes. It also helps to learn by doing. Hackers often develop their skills by doing wargames and "CTFs" that pose hacking related problems. A couple of good intro ones are OverTheWire (especially the "Bandit" set of problems) and HackThisSite.
So would these websites introduce me to the world of online/computer hacking (apologies if that's the wrong terminology)? I'm somewhat spoiled/misguided by media sources like Mr. Robot, so I don't know what's true and what's fictitious/common in today's world.
> Expect that when you're starting out, you won't know a lot. Google is your friend. Other hackers are your friend. Most of the WarGame sites have IRC channels, so you can ask questions and get help.
If you don't know the answer to this, totally understandable: are most hackers willing to help out new-to-the-scene hackers? I know some communities (not related to hacking, but in general) are very quick to judge and ridicule newcomers to the scene.
> There's also some introduction courses, but be wary of any of them that aren't oriented to hands-on doing. Hacking is about messing with things and breaking them in creative ways. Watching a lecture about hacking is a little bit like reading a recipe when you're hungry: a good start, but it won't do you much good unless you act on it.
Knowing me, watching a lecture wouldn't be the worst thing in the world. I'm fine with watching and learning concepts as long as it's interesting, y'know?
> Where you can, try stuff out that you see (learn how to set up a virtual machine to play with so that when you break your box (and you will, if you're doing it right) you can just restore and not actually lose anything important.) Over time you'll learn more. If there's a particular area you get interested in, ask other hackers that you know or people you've met how to learn more.
I do have a Virtual Box set up for both Linux and Windows 7 (I think), so luckily I already have a playpen set up. I just hope that I can find some way of starting out hacking, since it does seem fun.
> It's too chaotic and creative and fast-moving, so you really have to find your own way in it. As a result, hackers (the decent ones anyway) tend to be pretty good about helping each other out.
When you mean chaotic and fast-moving, do you mean that there's always new techniques and ideas coming out? I'm always a little nervous to step into a fast-moving scene in fear of focusing too much on something that has the potential to be outdated by the time I've finished learning it, y'know?
> And if/when you fall down the rabbit hole and learn a bunch and someone else is looking for more information and comes to you with questions, then it'll be your turn to help them out.
That'll be the day; I'd love to help someone in the future who's in my shoes today.
I believe this might be from, or related to "Practical Lock Picking" by Deviant Olam.
Edit: Amazon
Or buy his book about lockpicking. It's really good. I've recommended it several times on /r/lockpicking
http://www.amazon.com/Practical-Lock-Picking-Second-Edition/dp/1597499897/ref=sr_1_1?ie=UTF8&qid=1372053094&sr=8-1&keywords=deviant+ollam
> When you mean fully patched, do you mean fully updated, fully protected, or something else?
Fully patched. For Linux, this means the latest version of the kernel and the latest version of all critical software (e.g. web browsers, FTP, SSH, etc.)
> So DefCon, in laymen's terms, gives you a cert that allows you to protect yourself from people messing with your traffic and eavesdropping (through microphones and cameras?), and lets you use the secured wifi? This sounds super interesting, but I have no clue how any of it works, haha.
The certificate allows you to do two things: 1.) authenticate the network, so you know for sure that you're on the network you think you are, talking to the router/access point you expect. 2.) Exchange a cryptographic key with that endpoint to ensure that all of your communications are free from tampering and eavesdropping. Key exchange mechanisms and certificate validation are huge topics. If you're interested, a good (though heavy) text to start with would be Schneier's "Applied Cryptography". There are also a number of good introduction to crypto courses, most of which will cover key exchange and cert authentication, available on Coursera and other online lecture sites.
> Are clear-body locks commonly sold/available? If so, they sound right up my ally!
Yep. Easily available on Amazon. Here's a set of 6 different styles for <$40: https://www.amazon.com/MICG-Transparent-Practice-Training-Locksmith/dp/B01H1MM1O2/
Here's the most common kind of lock (basic pin-tumbler) in a padlock form-factor on sale for $10 right now: https://www.amazon.com/BESTOPE-Professional-Practice-Beginners-Locksmith/dp/B00UF76C1Y/
> Is it normal to have stuff fall off and start messing with the internals of the locks?
Not as such, but most lockpicking tools are steal or titanium. Very often the internals of the lock are a copper alloy of some kind which is softer. Harder metal scraping on softer metal leads to flaking and pitting. Over time, the pits lead to binding and the flakes stick in the lock body and gum up the works. So things don't just break usually, but it can mess up the lock over time. If this leads to binding while a tool is in there, then it can be a bad time. Your tools can also sometimes bend or break small springs or other internals on certain kinds of locks.
Other good beginner guides: I like Deviant Ollam's "Practical Lockpicking": https://www.amazon.com/Practical-Lock-Picking-Second-Penetration/dp/1597499897/
The MIT Lockpicking Guide is also pretty good (available free online). Other than that, if you can get old locksmithing manuals or references, they can really help fill in knowledge once you get the basics. New ones are HEINOUSLY expensive (the economics of rare, valuable knowledge get super weird), but sometimes you can find old ones for cheaper on eBay. Some people have also had lock with going-out-of-business sales for locksmiths or even just walking in and asking if they have any they'd like to get rid of. (Also sometimes works for old busted locks to practice on.) But at least in my area the locksmiths tend to sell their manuals online and junk their old locks for scrap, so I haven't personally had much luck there.
Hacking is a huge topic and means different things to different people. It has a huge number of specialties, so it's hard to get a start sometimes. It also helps to learn by doing. Hackers often develop their skills by doing wargames and "CTFs" that pose hacking related problems. A couple of good intro ones are OverTheWire (especially the "Bandit" set of problems) and HackThisSite.
http://overthewire.org/wargames/
https://www.hackthissite.org/
Expect that when you're starting out, you won't know a lot. Google is your friend. Other hackers are your friend. Most of the WarGame sites have IRC channels, so you can ask questions and get help.
There's also some introduction courses, but be wary of any of them that aren't oriented to hands-on doing. Hacking is about messing with things and breaking them in creative ways. Watching a lecture about hacking is a little bit like reading a recipe when you're hungry: a good start, but it won't do you much good unless you act on it.
A lot of the talks from hacker cons are available for free on YouTube. Search for DefCon talks and just watch a few and try and follow along. Google terms or concepts you're not familiar with. Where you can, try stuff out that you see (learn how to set up a virtual machine to play with so that when you break your box (and you will, if you're doing it right) you can just restore and not actually lose anything important.) Over time you'll learn more. If there's a particular area you get interested in, ask other hackers that you know or people you've met how to learn more.
> Before I forget, I want to thank you for all of your help. This is all really informative and great stuff, and I really appreciate taking the time to answer all of my questions!
Happy to help. I got a ton of help from random hackers when I was getting started and I still do even now. Hacking isn't like other disciplines. It's too chaotic and creative and fast-moving, so you really have to find your own way in it. As a result, hackers (the decent ones anyway) tend to be pretty good about helping each other out.
And if/when you fall down the rabbit hole and learn a bunch and someone else is looking for more information and comes to you with questions, then it'll be your turn to help them out.