Hi, I'm Robert Wallhead

This is my portfolio of security & software development work

  • All
  • Security tools
  • Training tools
  • Other projects

Verne

Key origination clamp for Lockwood depth keys

Available for purchase at the end of 2025.

Intro video (YouTube)

Falcon

Key duplication clamp for the Lishi pliers

Lockwood & Schlage key duplication clamp, compatible with Lishi key cutting pliers. Available for purchase at the end of 2025.

Free printable model files (Thingiverse) | Demo video (YouTube)

RFID reader prop

Replica operational RFID reader prop, from the movie Die Hard

Scratch-built operational prop, with custom PCB, as used to control the floor 30 vault at Nakatomi Plaza in Die Hard.

Project page (Hackaday.io) | Mid-build video (YouTube)

Covert REX trigger 2: Push to Enter

An improved request-to-exit trigger, disguised as an 8mm thick sign

Hidden within a Push sign is a remote-controlled actuator to trigger request to exit buttons, for physical security penetration testing/red teaming. The idea is you install it when visit the target during normal hours, as a tour, or under the guise of a facilities employee/contractor, then return at night to trigger it to open a door from the inside.

Project page (Hackaday.io) | Demo video (YouTube)

Deadbolt display

Printable cutaway for training or display of deadbolt locks.

A training or display stand designed for the Lockwood Paradigm 005 Double Cylinder Deadbolt, but should work for a range of similar deadbolts. The inner diameter hole is 53mm, and the width is 36mm.

Free printable model files (Thingiverse)

Covert REX trigger

The original request-to-exit trigger, disguised as an emergency door release

Disguising a mechanical "Useless Machine"-style mechanism in a ubiquitous wall box to release a Request-to-Exit button on demand, for physical penetration testing.

Project page (Hackaday.io) | Early iteration test video (YouTube)

PACS training lab

Training lab for Physical Access Control Systems

Designed to be a standalone trainer for the Flipper Zero, and originally part of an IT/OT training lab, this is a simple training lab teaches (mis-)use of various Flipper Zero-supported protocols and technologies (RFID, RF, IR, Wiegand and Modbus) to open up a cash box.

Project page (GitHub)

Locksport training door

For training and vulnerability demonstration

Freestanding scale door with interchangeable full size lockset hardware, for locksport practice and training in basic lock bypass techniques.

Demo latch-slipping video (YouTube)

IT/OT Hack lab

Sandboxed IT/OT hack lab/ICS cyber range

A cyclic factory automation, operated by a PLC and other supporting systems and hardware. The automation continuously inflates and drains a blue balloon within the tank, simulating a rising and falling liquid level. Successful compromise of the environment (overfilling the tank) causes the balloon to pop, signalling success.

Project page (GitHub)

Ergonomic lock core gripper

Ergonomic core gripper for locksport practice

A 3D-printable holder originally designed for the Red Team Tools' Progressive Training Lock Set, but should work with any similar lock core. Allows for ergonomic (and fatigue-reducing) top-of-the-keyway picking.

Free printable model files (Thingiverse) | Loading the lock (YouTube) | Picking demo (YouTube)

Agenda printer

Hard copy agendas every morning as the ultimate TODO-list and GTD approach

This project prints out a daily agenda of tasks (and some other bits and pieces) to keep me focussed on the important stuff. It brings together some observations from a Wired article, Adam Savage's approach to tracking progress on tasks, and a number of other changes I wanted to make to how I manage my time.

Project page (GitHub)

VENTOLIN inhaler helper

Assistive device for people with limited grip strength

This assistive device allows a person with severe grip strength issues to still use a VENTOLIN inhaler, as they only have to pull two long levers together, with no strong gripping action required. Developed and tested for and with a family member.

Free printable model files (Thingiverse)

Software projects

These are some of the software and platforms that I've built, open-sourced or meaningfully contributed to (there are many more on my GitHub).

GeoScanner

Multi-use "mapping" Red Team reconnaissance prop.

Visit

LockPickingLookup

Quickly search LockPickingLawyer and BosnianBill videos.

Visit

chrome-decrypt.ps1

PowerShell-powered Chrome password extractor for Windows.

Project repository

loaduck

PowerShell script bootstrapper for the Hak5 USB Rubber Ducky.

Project repository

dnstwister.report

Anti-phishing DNS search and monitoring platform, launched in 2015 and sold in 2024.

Visit

CTI Toolkit

(contributor)

Assisted CERT Australia (now ASD ACSC) open-source a suite of Threat Intelligence tools.

Project repository

Resume

This is a subset of my training, qualification and employment history, with more detail available on my LinkedIn.

Summary

Robert Wallhead

Security professional & software developer, with a passion for physical and cyber security, software and hardware development, problem solving and interesting projects!

Qualifications

Covert Entry Associate

2025

Red Team Certification Group, Nevada, USA

Following completion of their Covert Methods of Entry and Physical Access Control Systems: Practical Hacking and Defence of RFID PACS courses in 2023 and 2024.

SABSA Chartered Security Architect, Foundation Level

2022

ALC Training, New South Wales, Australia

Bachelor of Computing

2010

University of Tasmania, Tasmania, Australia

Professional experience

Security Architect

2021 - Present

Tasmania/Victoria, Australia

  • Wide-ranging Security Architecture role at Hydro Tasmania, including physical security assurance.
  • Established formal physical security assurance function, leading numerous cyber and physical security assessments (both hands-on and theoretical).
  • Developed secure architectures and architecture governance for critical infrastructure uplift and compliance (including AESCSF and SOCI).
  • Experienced in the application SABSA, AESCSF, IEC62443 and other frameworks to system and business security architecture.

Software Developer

2008 - Present

Tasmania/Victoria, Australia

  • Founded (in 2025) a successful security alerting SaaS platform (dnstwister.report), operating it until it was sold in 2024.
  • Employed as a software developer (2016-2021), developing C# .NET web, complex desktop, and service applications, progressing to Senior in 2017 with multiple periods spent leading a team.
  • Freelance software development - predominantly in Python - since the mid-2000s, with over 100 published repositories covering topics from robotics and computer vision to embedded systems and web applications.