As penetration testers and security professionals- we need ways to ensure that we can gain persistent access to secured areas and facilities during our testing. What we need is a way to gather cards during penetration tests that won’t alert our targets that we’ve copied their cards. In order to be discreet- we must copy their cards from a short distance with a normal looking bag. During this time we will talk about how we have overcome these challenges with a weaponized HID reader. We’ll also talk about how we use this during our ongoing penetration tests to gain access on some of our most physically secure clients- as well as provide details on card systems and how they work. Finally- we’ll also share the design and process for our device- the RavenHID- which improves on some previous garage reader designs allowing the gathering of badges from up to two feet directly to a mobile phone.