The Covert Access Training (CAT) is a 5-day immersive program designed to equip participants with the skills to breach physical security systems in real-world environments.
Led by covert access expert Brian Harris and hosted by Exploit Labs, the training combines theory with intensive hands-on exercises. Participants learn techniques in lockpicking, badge cloning, surveillance evasion, social engineering, and physical intrusion planning.
The course culminates in a live Black Team engagement, where students apply their skills under realistic conditions. Graduates earn the CAT certification, validating their readiness to assess and exploit physical security as part of Red Team or security audit operations.
Why Attend?
✅ Taught by Brian Harris — One of the world's foremost covert access experts
✅ Live, immersive format — Includes lockpicking, badge cloning, physical intrusion simulations
✅ Regulator-relevant — Aligned to TIBER-EU, DORA, CRE, NIS2, and UAE physical access requirements
✅ Skills you can apply — From Red Team ops to executive protection to corporate security audits
What You’ll Learn
The Covert Access Training is not theory — it’s a hands-on, black-team skillset designed to prepare you for real-world engagements. Over the course of the program, you will learn how to plan, execute, and report physical intrusions with the same precision as professional red teams and covert operators.
Core skills include:
-
Lockpicking & Bypassing – Manipulate mechanical locks and barriers with specialized tools for discreet entry.
-
Key Systems & Impressioning – Understand master-keyed environments, create working duplicates, and establish persistent access without detection.
-
Doors, Windows & Alarms – Exploit weaknesses in physical barriers and identify methods to bypass or disable alarm systems.
-
Electronic Access Control – Attack RFID cards, PACS readers, and ID badge systems to gain undetected entry.
-
Reconnaissance – Conduct long-range, on-site, and embedded surveillance to map target sites and uncover exploitable gaps.
-
Black Team Operations – Learn how to plan and execute full covert access engagements while maintaining stealth and operational security.
-
Social Engineering & Elicitation – Influence people, extract sensitive information, and recognize attempts at counter-elicitation.
-
Advanced Covert Techniques – Deploy bugging devices, overcome physical obstacles, and, when necessary, apply destructive entry methods.
By the end of this training, participants will have executed a complete covert access operation — from reconnaissance and entry to intelligence collection — and will be prepared to apply these skills in high-stakes red team or security assessment scenarios.
Who Should Attend?
-
Red Team Operators
-
Penetration Testers (looking to upskill into physical engagement)
-
CISOs & Physical Security Managers
-
Government & Defense Personnel
-
Security-minded Facility Ops Leaders
Must have basic understanding of cybersecurity or physical security. No prior red teaming experience required.
Get Certified as a Covert Access Specialist (CAS)
Graduates of the Covert Access Training course who earn the CAS certification validate their capability to plan and execute full-spectrum physical intrusion operations.
Certified specialists have completed a successful Black Team engagement, showcasing hands-on proficiency in lockpicking, bypassing intrusion defenses, and navigating electronic access control systems such as RFID. They are trained to analyze surveillance environments, evade or disable cameras and sensors, and exploit human factors through advanced social engineering. The CAT credential affirms a practical, tested ability to assess physical infrastructure, identify critical vulnerabilities, and breach them with precision.
Full course outline
