Open this lesson in your favourite AI. It'll walk you through the why, explain the demo, and quiz you on the try-it list.
Software pentesting assumes the attacker stays on the network side of the perimeter. Hardware pentesting drops that assumption — once the attacker has physical access (or proximity), the entire defensive stack reshapes. A $35 Raspberry Pi in a ceiling tile sees the inside of the corporate VLAN. A Flipper Zero in a pocket clones a badge in three seconds. A USB cable in a charging port becomes a keyboard. The hardware track is what separates a competent web pentester from a red-team operator.
Same building, two attackers. A spends six weeks phishing. B walks in behind a delivery driver, drops a Pi Zero W into a printer's surge strip, and is on the internal network in 45 seconds. Both succeed; B is on a different cost curve.
Use these three in order. Each builds on the one before.
In one paragraph, explain why hardware-enabled attacks bypass software defences entirely.
Walk me through how a Pi drop box on the internal network changes detection requirements.
For a building you've never visited, design a 30-minute hardware-recon plan for an authorised red-team engagement.