DC416 Physical Security Workshop with Lock Bypass Village

Event Information

Share this event

Date and Time



EY Tower

100 Adelaide Street West

31st Floor

Toronto, ON M6J 2L3


View Map

Refund Policy

Refund Policy

No Refunds

Event description
Join us for a 2 day workshop to advance your physical security knowledge and red-team skills led by the DEF CON Lock Bypass Village Team!

About this Event

About this Event

DEFCON Toronto is excited to bring to you a two day Physical Security workshop with hands on and theoretical components facilitated by the DEF CON Lock Bypass Village team and hosted at the EY Tower at Bay/Adelaide!

This workshop is sponsored by EY!

Individuals of all skill levels are encouraged to attend.

Lunch and refreshments will be provided.

Message from EY About Career Opportunities

Looking for a career in Cybersecurity? EY Canada is hiring! We are actively seeking Red Teamers, Cloud Security Specialists, Identity and Access Management professionals, as well as Cyber Generalists at all levels! Bring your resume and have a quick chat with our HR team to ask questions and learn more at this workshop about how EY can help you take your career to the next level!

Bio on Workshop Facilitators

This workshop is run by a team of physical security experts from GGR Security, a Toronto based physical security and pen testing firm, with extensive experience performing physical red team engagements, researching and hacking all aspects of physical security, and securing facilities against these exploits. The team also does a lot of security education and outreach: most notably, running the Lock Bypass Village at DEF CON. They come from a wide range of backgrounds including cybersecurity, telecom, management consulting, financial crime fighting, military, engineering and law enforcement.

Workshop Details

This 2-day intensive workshop focuses on all the ways that security affects the physical world, and in particular protection of facilities. Through a hacker’s mindset, it looks at not only traditional physical security hacking like lock picking, lock bypass, social engineering and alarms, but also at real-life threat models such as forcible entry, and advanced blue-team concepts to keep facilities secure. There will be countless hands-on activities and exercises at the workshop that you can try your hand at to truly gain a feel for how these attacks are carried out.

You will receive your own your own Lock pick set and shove it tool for loiding latches from this workshop.

Background on Lock Bypass Village

DEF CON’s Lock Bypass Village explores all the ways you can hack physical security that don't involve lockpicking. Village attendees can try their hand at door hardware bypass techniques, disabling alarm systems and cameras, and applying a hacker mindset to secured physical spaces. Come learn advanced methods for physical red-teaming in today's world - or just learn the ropes (and we mean that literally, too)!

Who is this workshop for?

This workshop is geared towards anyone who works in, or is interested in, hacking or security in general; it will assume comfort with basic infosec concepts and will work from the ground up on physical security. We will be covering a large amount of content in a fast-paced, hands-on manner: come prepared to learn! Laptops are not required but you may appreciate having one for some of the activities and note taking.

Day 1 Workshop Schedule

8:00AM-8:30AM - Registration & Breakfast

8:30AM-10:30AM - Intro & Lock Bypass. There are loads of ways to get through a door without actually attacking the lock itself, including using the egress hardware, access control hardware, and countless other techniques to gain entry. Try these out for yourself on a wide range of practise doors we’ll bring in to the workshop!

10:30AM-10:45AM - Bio Break

10:45AM-12:15 Alarm Systems & Access Control Hacking. First you’ll get an overview of all hardware and systems involved in access controlled doors and alarm systems, and a multitude of attack vectors to defeat them; then try your hand at a number of these attacks.

11:45AM-12:15 - Lockpicking. Learn to pick locks.

12:15PM-1PM - Lunch is Served

1PM-1:45PM - Lockpicking. (continued; practise time)

1:45PM-2:45PM - Keying Systems Hacking. Learn about how master keying works, how to derive a master key from low-level keys, or from nothing at all, and how to get the key to a lock from photographs and other covert methods.

2:45PM-3PM - Bio Break

3PM-3:45PM - Forcible Entry. Learn about the common methods of forcible entry employed by firefighters, police/military, locksmiths and criminals, and try some out for yourself.

3:45-5PM Security of Utilities & Critical Infrastructure. We take our infrastructure for granted, including in the security field. When one goes down the operating environment changes, and new vulnerabilities open up; learn about these, all about utilities both within a building and upstream, and how to protect them and make facilities resilient to utility failure.

Day 2 Workshop Schedule

8:00AM-830AM - Check in & Breakfast

8:30AM-9:00AM – Intro, Recap of Day One, & Intelligence Gathering & Reconnaissance. Before engaging on a physical red team operation, the team should scout out the site and collect information on their operation, security controls, layout and vulnerabilities. This module will cover intelligence doctrine, useful OSINT, IMINT and HUMINT techniques, and how to apply them to a red team engagement.

9:00AM-10:30AM - Social Engineering. The greatest weapon is the mind. Successful red teamers have learned to extract the greatest benefit from a situation through the power of social engineering. Learn the psychology behind how to smoothly navigate a high risk scenario and the most effective communication principles in the art of hacking humans.

1030AM-10:45AM - Bio Break

1045AM-11:15AM - Insider Threats. The largest weakness for most secured facilities is their people. Go beyond what makes a person susceptible to social engineering, into all of the ways one of your insiders could be willfully working against you, and the controls you can put in place to detect and stop it, including personnel screening and classification/clearance models.

11:15AM-11:45AM - Security Guards. There is much more to defeating security guards than social engineering – learn about avoiding detection, avoiding intervention, making them work for you, and various physical and legal limitations of guards that make hacking them easier for a red team. We’ll cover the blue-team side too: how to effectively manage a guard force to actually protect a facility.

11:45AM-12:15AM - Elevator Hacking. Elevator floor lockouts are often used as an additional, or the only, layer of security. This module will focus on how to hack elevators for the purpose of getting to locked out floors – including using special operating modes, tricking the controller into taking you there, and hoistway entry.

12:15PM-1PM – Lunch is Served

1:00PM-1:30PM - Intruder / Response Timing Analysis. Despite the techniques covered in social engineering and alarm bypass, for highly secured facilities it is not realistic to avoid detection entirely: red team success is instead defined by whether the team can gain entry and carry out their tasks fast enough, before responding parties can catch up. Learn how to analyse timing of sensors, delays and response capability from the perspective of both a red team infiltrator, and a blue team responder.

1:30PM-2PM - Gym for Redteamers. Physical security and red teaming usually focuses on what your average person can do. What's often overlooked is the methods that are only accessible to those who are at a high level of physical fitness; climbing, brute force, and other methods will be discussed, and how you can train to be able to accomplish them.

2:00PM-2:30PM - Residential Security. You may not be in charge of security at any highly-secured top-secret facilities with a sophisticated nation-state backed threat horizon (or maybe you are?)… but you are in charge of security at your own home. Learn how all of the exploits discussed over the weekend apply in a residential setting, and what the typical home invasion threat model is: so you can walk away from the weekend and start putting your new knowledge to use!

2:30PM-3PM - Telecom Security. Take an in depth look into telecom related security vulnerabilities at both the ISP, and facility infrastructure levels. Of course, no talk on telecom security would be complete without a healthy dose of phreaking as well! After the talk you will walk away with a basic understanding of how to minimize telecom vulnerabilities in your facilities.

3PM-3:15PM - Bio Break

3:15PM-4:15PM - Exercises. Chance to practice skills learned and do some real recon and discuss findings after.

4:15PM-4:45PM - Forensics. All of the techniques covered over the weekend leave a forensic trace: find out how to detect them and determine after the fact what methods of entry were attempted, whether they were successful, when they were employed and who did it.

4:45-5 Conclusion and closing remarks

Registration Info

Registration will take place between 8:00am and 8:45am in the EY Tower lobby of 100 Adelaide St. on Feb 8th. Note: Late arrivals after 8:45AM will not be admitted to the event.

How to Get to the workshop?

EY Tower is located at 100 Adelaide St W. in between Bay and York and the workshop will be held on the 31st floor. Please note that you will need an EY staff member to escort you up the elevator from the ground floor.

1. Public Transit Options

• Walk 5-minutes from St. Andrew Subway Station

• Walk 10 minutes from Union station.

2. Parking Options

• First Canadian Place/Exchange tower – 118 York St - Weekend (per 24h) $12.00≠&facility&valet&general=&displayFullCity=0

• Bay Adelaide Centre – 333 Bay St - $10.00 weekend max,-79.38318429999998&zoom=15&_ga=2.43147621.1183964430.1568221765-925920117.1568221765#details=9,149

• Richmond Adelaide Centre – 130 Adelaide St W. - Weekend $12.00 flat rate,-79.38318429999998&zoom=15&_ga=2.43147621.1183964430.1568221765-925920117.1568221765#details=9,324

• Bell Trinity Square - 483 Bay Street - Weekend $9.00 (per 12hr),235

Share with friends

Date and Time


EY Tower

100 Adelaide Street West

31st Floor

Toronto, ON M6J 2L3


View Map

Refund Policy

No Refunds

Save This Event

Event Saved