Inspired by the what’s in your dms bag thread. I’d love to hear what’s in your kit that you don’t take to the space 
Mine is built around Urban exploration, grey man, and the like. So while not exactly everything is ever on my person at one time nor has it all that one needs but this does have the most useful of items.
Full list is at http://a.co/gnA8nDC
What’s in yours?
I keep everything on a multiboot usb thumb drive and just drag and drop isos on it.
http://www.easy2boot.com/
Your list is missing a clipboard, it will open more doors than a lock pick set.
lolz…
and btw, phone cameras can get rather good close ups especially with a 12x telescopic lens that one can just pocket/palm.
Your list is missing a clipboard, it will open more doors than a lock pick set.
why do you think there’s a six inch brass ruler 
I assumed he was talking about a clipboard being used in more of a “social engineering” way.
“The guy with the clipboard obviously knows what he’s doing, can someone let him into the server room?”
Most (but not all) of my kit is documented here: Red Team Entry Pack – Hacking & Coffee
I also tend to bring one or more of the following based on what RECON indicates would be best:
Cheers,
-Tails
Allegedly during some mid-level wargames an extremely persuasive corporal with a clipboard penetrated OPFOR’s HQ with a no-nonsense attitude, grim determination, and a clipboard with some indecipherable form attached.
I’ve got a couple vmware images that I’ve tweaked over the years. Komali for the easy stuff, Ubuntu with a custom set of binaries and utilities. Windows client, and a Windows Server. Then dependent upon the scope of the project, I’ll throw things in that I think I might need. Access to rainbow tables, etc are available at the shop via VPN, unless the customer is very restrictive with their Internet access.
On the physical red team front, a long sleeve button down, hard hat, camera, and a big box is all it usually takes.
Absolute easiest physical penetration is show up to the smokers area and take a picture of their badge. Print my picture on their badge format and tailgate in.
This guy social engineers.
It’s what I do for a living
For the computer side I’m way behind on writing the rest of the series, but here’s part one of my red team architecture: https://hackingand.coffee/2018/02/assessment-laptop-architecture/
Any particular reason the usual pentest/red team distros like Kali or ArchStrike aren’t on the list?
Do you actually still encounter a lot of projects where those tables actually provide much value? I usually encounter too much in the way of salting, and we have a machine we just call “The Krakken” loaded with a ton of GPUs for when we grab hashes in general.
I do this constantly; it’s now cheaper to Amazon Prime a badge printer (sometimes Prime Now) than it is to take the one we have with us… I just ship it to the hotel.
Good old spell check, Komali == Kali for pen test image. The reason why I have Ubuntu is because I have access to things how I want them for database, utilities, compilers, etc. I could make Kali do what I want, but when it’s time to update Kali, I can just update without worrying about it too much. Everyone has their own style, and I just do what makes me most efficient.
We do still have customers that we crank their hashes and provide input into better password policies.
I really enjoy red team projects, these days they’re split between physical and remote tests.
right… forgot about that one
indecipherable form attached.
what was it, a 1065B?
I have never pentested, but in geocaching, wearing a hard hat and a safety vest and carrying an aluminum box clipboard makes looking for something much less conspicuous.
