Ethical Hacking Matrix

Estimated reading time: 7 minutes

Ethical hacking means the application for good of hacking techniques. The term “hacker” was coined in the 1960s at the Massachusetts Institute of Technology (MIT) to describe experts who used their skills to re-develop mainframe systems, increasing their efficiency and allowing them to perform more tasks.

Nowadays, the term normally describes experienced programmers who gain unauthorized access to computer systems by exploiting weaknesses or using bugs, motivated by bad intentions. For example, a hacker could create algorithms to crack passwords, break into networks, or even interrupt network services.

Ethical Hacking Laptop

With the rise in popularity of the Internet and e-commerce, negative hacking has become the most commonly known form. An image reinforced by its representation in various forms of news and entertainment. Typically, the main thrust of malicious / unethical hacking is the theft of valuable information or financial gain.

That said, not all hacking is bad . In fact, there is a second type of hacking: ethical hacking. It could be argued that this is the original type of hacking. In fact, the first hackers did not have any negative intent, rather, their purpose was to optimize and improve existing systems.

What is ethical hacking and why do we need it?

Ethical Hacking is the authorized practice of bypassing the security of a system to identify potential data breaches and threats on a network . The company that owns the system or network allows ethical engineers / hackers to perform such activities in order to test the system’s defenses . So, unlike malicious hacking, ethical hacking is planned, approved, and most importantly, legal .

Ethical hackers are meant to investigate your system or network for weaknesses that malicious hackers could exploit or destroy. They collect and analyze information to understand how to strengthen system / network / application security. By doing so, they can improve security so that it can better resist attacks or mitigate them .

Ethical hackers are hired by organizations to prevent data breaches . In essence, this is the reasoning: to understand how a thief could enter your house, the best thing is to pretend to be thieves and use their techniques.

Note that the reasoning implies that those who perform ethical hacking do not know the state of the system they are about to breach , so they will not be influenced in any way in carrying out certain activities or breaching only certain parts of the system . For the company, this means that the best ethical hacker they can find is someone outside the security team.

The activity of ethical hackers

Ethical hacking controls key vulnerabilities that include many aspects of the computer system such as: changes in security settings, exposure of sensitive data, breach of authentication protocols, etc.

Of course, every business infrastructure is made up of a potentially unique combination of tools, hardware and software. For this, the ethical hacker must field a lot of knowledge, customized tools and specific procedures that are almost never the same from project to project. This is good, because, just like malicious hackers, the ethical hacker is also pushed to stay up to date on industry news, test new techniques and study new ways to mitigate the risk.

Types of hackers

The practice of ethical hacking is called “white hat” hacking and those who perform it are called white hat hackers . In contrast to ethical hacking, “Black Hat” describes practices that involve security breaches. black hat hackers use illegal techniques to compromise systems or breach data.

Unlike white hat hackers, hackers “ Gray Hat do not ask for permission before entering the system , but their motives do not I’m malevolent. In fact, gray hats are also different from Black Hats in that they do not hack for personal or third party advantage. These hackers break into systems for fun, usually informing the owner of any threats they find . Gray hat and black hat hacking are both illegal because they both constitute an unauthorized breach of the system, even if the intentions are profoundly different.

The intentions

The best way to distinguish between white hats and black hats is to take a look at their motives . black hats are motivated by personal gain, profit or harassment; while white hats (ethical hackers) seek and remediate vulnerabilities, so as to prevent other hackers from taking advantage of them.

Let’s look at other differences between the two types of hackers together.

Techniques used

Ethical hacking duplicates the techniques and methods used by malicious hackers in order to uncover the flaws in the system. By replicating all the steps of cyber criminals, you can find out how an attack on the system happened or could happen . If they find a weakness in the system or network, they report it immediately and fix the flaw. These types of services are usually called vulnerability assessment and penetration testing , and are also offered by SOD.


Even if the ethical hacker follows the same techniques and methods as the black hat hacker , only one practice is legally acceptable . Hackers usually break the law by breaking into systems without consent, while ethical hackers get permission from system owners who hire them to test infrastructure.


Ethical Hackers are employed by organizations to break into their systems and detect security problems. The black hat hackers do not own the system or work for someone who owns it.

Ethical Hacking White Hat

Benefits of ethical hacking

Learning ethical hacking involves studying the mentality and techniques of black hat hackers to learn how to identify and correct vulnerabilities within networks. The study ethical hacking can be applied by security professionals in all industries and in a multitude of sectors. This sphere includes the network defender , the risk management and the quality assurance tester .

However, the most obvious benefit of learning ethical hacking is its potential to inform and improve and defend corporate networks. The primary security threat to any organization is a hacker . Learning, understanding and implementing how these criminals operate can help security officers prioritize potential risks and learn how to best remedy them.

It should be noted that hacking must not be understood as relating only to IT infrastructures but to the entire technological apparatus of a company . Social engineering , for example, leverages the human factor to gain access to places, physical or virtual, where valuable data is stored. Furthermore, through phishing campaigns , it is possible to trick users of a system into providing their passwords and “giving” access to malicious people.

SOD services for the security of your company

Every company that handles sensitive customer data must ensure that the procedures and systems used are sufficiently secure. As mentioned before, having internal personnel carry out tests and vulnerability tests could be a weapon double-edged. Even if you have a security expert, you have to consider that having to violate systems that he may have set up himself, increases the risk of a false positive.

For this reason, companies like SOD provide services geared towards the evaluation and testing of corporate security measures.

From the classic Vulnerability Assessment and Penetration Test , designed to test network hardware and software , you can switch to services that physically test corporate security or even the management procedures of sensitive data.

With the physical security addons techniques are put in place to gain access to offices , try to reach network control units or servers, but also attempts to tamper with or install unauthorized hardware.

As regards the human factor, a ethical phishing service is also available, through which a phishing campaign is launched towards the company and employee reactions are tested . This identifies the weak points that will then be used to organize an ad hoc training path.

As you can see, SOD provides companies with complete security services. Please feel free to contact us to request further information or ask us any questions you may have.

Cos'e' il phishing - Cover

Estimated reading time: 7 minutes

Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers . Occurs when an attacker, disguised as a trusted entity , tricks a victim into opening an email, instant message, or text message.

The recipient is then tricked into clicking on a malicious link, which can lead to malware installation , system freezing as part of an attack ransomware or the disclosure of sensitive information.

An attack can have devastating results . For individuals, this includes unauthorized purchases, fund theft or identity theft.

What is phishing - Concept

What is Phishing for Business?

Even more damaging, phishing is also used to gain an entry point into corporate or government networks as part of a larger attack , such as a persistent advanced threat event (APT – Advanced Persistent Threat). In the latter scenario, employees are compromised in order to bypass security perimeters , distribute malware within a closed environment, or gain privileged access to protected data.

An organization that succumbs to such an attack typically suffers severe financial losses, as well as a decline in market share, reputation and consumer confidence. Depending on the scope, a phishing attempt could escalate into a security incident that a company will have difficulty recovering from .

What a phishing attack looks like

Knowing what phishing is often isn’t enough to protect yourself . The best thing to do is work on resilience to attacks and understand how to spot them before falling victim to them.

As we mentioned earlier, the consequences can be enormous. But, if it seems simple to do when it comes to a single individual, what if there is an entire company to protect? SOD offers a service geared towards just that : train entire companies to recognize and mitigate the risk of phishing attacks.

Through a first controlled attack, we are able to understand which are the points to work on . Subsequently, training proposals for employees are organized. They are taught how to recognize threats before they become problematic. To find out more, visit the service page .

But let’s see what a generic attack looks like.

Attack example

1. A bogus email ostensibly from is being distributed en masse to as many faculty members as possible.

2. The email claims that the user’s password is about to expire . Instructions are given to go to the link to renew their password within 24 hours.

Various things can happen by clicking on the proposed link.

The user is redirected to , a fake page that looks exactly like the real renewal page, where both the new password are requested than the existing one. The attacker, monitoring the page, hijacks the original password to – gain access to secure areas of the university network.

– The user is sent to the real password renewal page. However, while being redirected, a malicious script runs in the background to hijack the user’s session cookie. This results in a Cross Site Scripting attack, giving the author privileged access to the university network.

What is phishing - Concept

Logic of an attack

Email phishing is a big game . An attacker who sends thousands of fraudulent messages can obtain significant information and sums of money, even if only a small percentage of recipients fall into the scam .

Hackers go to great lengths to design messages for a phishing attack by mimicking real emails from a disguised organization. Using the same phrasing, the same typefaces, the same logos and the same signatures, the messages appear legitimate .

Also, another thing to watch out for is that attackers usually try to push users into action by creating a sense of urgency. For example, as shown above, an email could threaten account expiration and put the recipient in urgency . Applying this pressure leads the user to be less diligent and more prone to error.

Finally, the links within the messages resemble their legitimate counterparts, but typically have a misspelled domain name or extra subdomains. In the above example, the URL has been changed to . The similarities between the two addresses give the impression of a secure connection , making the recipient less aware that an attack is in progress.

What is spear phishing

What is phishing - Spear phishing

Spear phishing targets a specific person or company , as opposed to casual users. It’s a more in-depth version of phishing that requires special knowledge of an organization, including its power structure.

An attack could take place like this:

– A hacker searches for employee names within an organization’s marketing department and gains access to the latest project invoices.
Posing as the director of marketing , The attacker sends an email to a project manager in the department using a subject that says: Updated invoice for Q3 campaigns . The included text, style, and logo duplicate the organization’s standard email template.
– A link in the email redirects to a password-protected internal document, which is actually a forged version of a stolen invoice .
– The marketing director is required to login to view the document. The attacker steals his credentials , gaining full access to sensitive areas within the organization’s network.

By providing the attacker with valid login credentials, spear phishing is an effective way to carry out the first phase of a ransomware attack.

What is whale phishing

whale phishing , or whaling , is a form of spear phishing that targets very big fish: CEOs or other high-value targets . Many of these scams target members of a company’s board of directors, who are considered particularly vulnerable. Indeed, they have great authority within the company, but because they are not full-time employees, they often use personal email addresses for business-related correspondence , which does not have the protections offered by email business.

whale phishing , or whaling , is a form of spear phishing that targets very big fish: CEOs or other high-value targets . Many of these scams target members of a company’s board of directors, who are considered particularly vulnerable. Indeed, they have great authority within the company, but because they are not full-time employees, they often use personal email addresses for business-related correspondence , which does not have the protections offered by email business.

How to defend yourself

Protecting against a phishing attack requires action by both users and businesses.

For users, vigilance is the key . A forged message often contains subtle errors that expose its true nature. These can include misspellings or changes to domain names , as seen in the example of the preceding URL. Users should be wondering why they are receiving a certain email .

What is phishing - Defense

For businesses, a number of measures can be taken to mitigate both phishing and spear phishing attacks:

Two-factor authentication (2FA) is the most effective method of thwarting phishing attacks, as adds an extra layer of verification when accessing sensitive applications . 2FA is based on users having two things: something they know , like a password and username, and something they have with them , like their smartphone . Even when employees are compromised, 2FA prevents the use of their compromised credentials, as these alone are not enough to get in .

In addition to the use of 2FA, companies should apply strict password management policies . For example, employees should be required to change their passwords frequently and not be allowed to reuse a password for multiple applications .

Finally, educational campaigns can also help decrease the threat of phishing attacks by enforcing safe practices , such as not clicking on external links to emails. In this regard, I would like to mention the ethical phishing service of SOD , which has the very intent of testing the company and organizing targeted training to mitigate the risks .

It’s not enough to know what phishing is, you also need to know how to recognize it.

Useful links:


Mitre Att&ck

Double extortion ransomware