Brandon Kovacs

Senior Red Team Consultant

Bishop Fox

Background

Brandon Kovacs (CRT, OSCP) is a Senior Security Consultant at Bishop Fox, where he specializes in red teaming, network penetration testing, and physical penetration testing. As a red team operator, he is adept at identifying critical attack chains that an external attacker could use to fully compromise organizations and reach high-value targets.

For example, starting from an external network perspective, Brandon identified vulnerabilities that could lead to the compromise of national railroad infrastructure. In another case, he demonstrated full takeover of a financial institution’s SWIFT controller and all computers on their network. During a physical penetration test of a firm managing billions in assets, Brandon used social engineering and covert entry techniques to masquerade as an IT vendor, access the client’s office building, and install physical implants that executed code, established network footholds, and exfiltrated any information displayed on the projector used in the boardroom.

To support physical and external testing, Brandon has built the 2023 edition of Bishop Fox’s Tastic RFID Thief to include Wi-Fi and remote control, allowing for more effective capture of RFID badges from a few feet away. He actively performs research and development into artificial intelligence for use in offensive security engagements. Brandon has presented at GISEC Global 2024 in Dubai and HackMiami 2024 about using AI and high-quality deepfakes to perform real-time social engineering.