Any given organization will undoubtedly have at least one door, cabinet, safe, device, or other asset that they will place behind a lock. You may need to find ways to circumvent these locks in order to achieve your goals. If you can't even get into an office because the front door is locked, then your physical pen test will be cut short.

First and foremost, the type of lock will influence how you get around it. There are several different types of locks. One of the most common is a standard key lock, which, as the name implies, requires the correct key in order for the lock to open. Key locks typically use pin tumblers, interchangeable cores, or wafers under springs used for tension. Bolt cutters and hacksaws may be able to destroy locks that are made from substandard materials or are designed poorly.

Other than physical destruction, you also have the option to pick the lock. Lock picking is a skill and requires practice with the right tools. Some vendors sell lock picking kits that come with an array of tools to make the job easier, but you still need to know how to use the tools properly for them to be effective. Such kits are usually designed to pick pin-tumbler locks, whereas they may not be adequate for more advanced high-security locks. The basic process of picking a pin-tumbler lock is to use a picking tool to raise or lower a pin until it is flush with the shear line (the gap between the key pin and the driver pin), then use a torsion wrench on the lock plug to hold picked pins in place. Then, you move onto the next pin and again use a pick to raise or lower the pin until it is flush with the shear line. You repeat this process until all pins are picked, at which point you use the torsion wrench to turn the lock plug, which disengages the lock.

Not all locks use keys, however. Keyless locks like combination locks, access card locks, and biometric scanners must be either destroyed or bypassed. Simple combination locks can be brute forced with enough permutations, but access card locks and biometric scanners are difficult to bypass without the proper item or biometric profile. In these cases, you may need to think outside of the box. For example, the lock may only be active during off hours, so you can bypass it entirely by trying during a certain time. In some cases you might get lucky with a biometric lock: the product might have a high false acceptance rate (false positives) and allow unauthorized people to enter. You might even encounter doors that are physically weak or not installed properly, thus rendering their locks ineffective.