Add on of Physical Security for the
Vulnerability Assessment and Penetration Test service

We comprehensively test
the physical security of your company

We want to offer a complete professional security service. This is why we cannot overlook attacks that exploit social engineering techniques and physical tampering with systems . Through these add-ons to the Vulnerability Assessment and Penetration Test services, we put 360 ° test the security of your company, testing its resilience to physical security attacks.

Some of the physical security services offered

Sicurezza fisica Social Engineer

Social Engineer

The art of fooling people through empathy or outright scams could be your company's fatal weakness

sicurezza fisica Rogue AP

Rogue AP

Corrupt access points that are mistaken for legitimate. Sometimes it's not enough to be connected to a certain wifi line to be safe

sicurezza fisica attacchi in loco

Capture data from the network

Are communications on the network really secure? Is the corporate VPN working properly? Do employees always use it?

sicurezza fisica dumpster diving

Dumpster Diving

One hardly ever pays attention to what is thrown into the garbage can, instead it is the case to pay attention to what and how this happens

sicurezza fisica attacchi in loco

Attacks on the spot

Not everything goes through the network. Some attacks could exploit physical weaknesses of the building or the lightness with which employees use their logins.

Social Engineering

It is much easier and more convenient to hack a person than a machine. social engineering is the art of manipulating people into providing confidential information. The types of information can vary and include passwords, banking information, or information to log into a remote computer. Let’s see some of the more common attack methods to watch out for.
Social Engineering in person
Unusual encounters

With encounters that may seem casual, requests for help that point to empathy, or verbal scams, social hackers can have important information about the company revealed. Not necessarily sensitive information like passwords, but also information about the company structure that can then be used to carry out the attack.

Social Engineering phone
Inquiries by telephone

Large companies, which have tens or hundreds of employees, perhaps divided into different locations, should pay close attention to the information that is communicated by telephone. There are known cases of hackers who, pretending to be new employees from other offices, managed to have access passwords or security codes revealed.

Social Engineering via web
Online assistance

These techniques fall within the field of phishing , for which we have a dedicated service. These are emails, web pages or otherwise websites that look like legitimate portals, but are instead the work of hackers, who through these copies are able to trick users into downloading malware or entering their credentials.

How to prevent

Fortunately, protection for this type of attack is not complicated and does not cost much, you need to focus on training employees and business users in general. We can help you by testing your business and revealing weaknesses. It will then be easier to put a proactive prevention strategy into practice. Contact us for more information!

Rogue Access Point installation

One of the most common wireless security threats is the rogue access point, which is used in many attacks.
Rogue AP concept
By definition, a rogue AP presents itself as a wireless access point that is not part of the network, but may have the same name as the corporate network. One of the most common uses of a Rogue AP is to replace the corporate line with an identical (or seemingly legitimate) SSID. In this way the computers connect to it thinking they are in the safe line of the company and behave accordingly, letting their guard down. The risk is that these access points could be used for the theft of sensitive information, such as passwords and user data. This stolen data can then be used to access the real corporate network for targeted attacks.
With our intervention we can identify and analyze the Rogue APs and then take measures to mitigate the risk.

Capture of sensitive data on the network

With the increasing use of public or home networks, the risk of offering your data unknowingly has increased a lot. Without a corporate VPN or in any case a communication encryption, the theft of data from communications between devices is a real risk. .
sicurezza fisica man in the middle
Man in the Middle

Man in the Middle refers to a type of attack in which the hacker retransmits or alters messages between two users or machines, obtaining sensitive data from responses.

Sicurezza fisica Wireless sniffing
Wireless Sniffing

Similar to Man in the middle attacks, the sniffing of a wifi network intercepts packets between connected computers and the access point and then tries to decrypt them to obtain sensitive data.

In both cases, we at SOD offer a test service in response to this type of attack. But we don’t just try to implement these attacks. Among the test services with on-site attacks, we also offer a test on devices connected only to internal networks, such as closed circuit wifi cameras and other IoT devices.

On-site attacks
Network tampering, Tailgating, Shoulder surfing

It is not only wifi networks that protect a company, but also the physical infrastructure . These types of attacks exploit weaknesses in surveillance personnel, in the security of network controllers but also in the way in which IT devices are used by employees.
Network tampering

Businesses are connected to the telephone and internet networks like any other building. If you can have access to the control units and therefore to the physical connections of the cables, it is possible to install data interception devices passing through a specific cable. Access to the cable can take place by forcing or by using tailgating.


This technique, widely used in the London and New York subways, consists in entering a building by queuing up with an employee and taking advantage of the very short period of time in which the door is closing to avoid using bells or badge. Once inside, the possibilities of attack become manifold.

Shoulder Surfing

This technique involves spying on a user who types a password or access code and then re-uses it later. For example: If company doors are protected by a code, it may be easy to wait for an employee to enter it and look at what digits make up the code.

It is usually not enough to practice one technique to complete an attack, but it is not difficult to use more than one to achieve amazing results. To fully protect your company, we must also think about this type of attack which can be extremely subtle and difficult to intercept , leveraging employee empathy and weakness physical companies. With the physical penetration tests offered by SOD, you identify the weak points to take action.

Dumpster diving

dumpster diving , also called trashing or information diving , is the practice of sifting through waste for sensitive documents or data that can then be used to carry out cyber attacks.
When it comes to physical security , this is a factor that is often forgotten, but every official document contains confidential information such as personal address, bank account number, social security number or other. With this type of information it is not difficult to steal the identity of the victim from whom they have been stolen. What if it happens in the company? What could happen if bank details, security codes or other confidential and valuable information fell into the wrong hands? Wouldn’t it be nice to find out.
Sicurezza fisica dumpster diving
This possibility is also taken into consideration with our additional services to the Vulnerability Assessment and Penetration Test.

Contact us for more information

We are available to answer your questions and evaluate your situation together to offer you the best services.