14. Find a backdoor: Existence of valid users in the system that were
not in the documentation.
• guest / *****
• test / ****
• demo / ****
1
Attack vector
Read access to BMS: Access to the BMS only with read
permissions.
2
15. Access to BMS configuration: Access with read permissions to
system users and their encrypted passwords.
3
Attack vector
16. Identification of libraries: Access and download of BMS core
libraries with encryption and decryption functions.
4
Attack vector
29. Advanced actions
Signal alteration
Automation of all actions
Access to industrial network of the building
Access to internal network of company
Launch advanced and targeted attacks on a city
32. The Red Team exercise is the most specialized intrusion service that simulate a targeted
attack from an adversary mindset. The exercises allows the company to identify their global
security level, as well as the level of prevention and protection against targeted threats.
The only way to identify the global security and the Blue Team capabilities
is simulate a real but controlled attack
Red Team Operations
DIGITALSECURITY
SOCIAL ENGINEERING
PHYSICALSECURITY
OFFENSIVE INTELLIGENCE