Practical Industrial Control System Penetration Testing
Empowering you with Offensive ICS/OT Cyber Security Knowledge
Course Overview
Dive into the world of Industrial Control Systems (ICS) security with our hands-on course designed for those eager to master pentesting in industrial environments. This comprehensive workshop provides you with the skills and knowledge needed to assess and protect ICS/OT systems effectively.
Description
Hacking ICS/OT on shodan or in your own company? Better not!
I believe that the best way to learn is with practical experience. ICS/OT Security is a new and important skill for all technicians and engineers working on industrial control systems. There are quite a few open source tools that can be used to investigate the cyber security of industrial control systems, but unfortunately there is no suitable training opportunity.
For learners of IT pentesting, there are plenty of opportunities like HackTheBox or VulnHub, where pentest tools and hacking skills can be tried out. Training platforms with ICS focus either don’t exist or come in the form of a boring seminar with over 1000€ participation fee.
In this workshop you will learn important pentest tools from Kali and open source tools and you can try them out in 6 interactive simulations of industrial controllers. Of course the simulations are not perfect, so I will show you the tools and techniques on two real PLCs.
The workshop has a high practical part and encourages you to participate! There are more than 30 exciting tasks waiting for you, with which you can deepen your skills bit by bit!
Important: The pentesting of ICS cannot be compared to the typical pentesting of the IT world. Industrial plants need to be continuously available and hardly any plant operator wants to risk a production stop. Typically, security testing is performed at the lowest or second lowest aggressiveness level. So if you are hoping to pwn your device with buffer overflows, kernel exploits, privilege escalation and root shells, you are in the wrong place.
Are you interested in security analysis of ICS and do you already have basic knowledge of industrial cyber security? Then this is the right place for you!
Are you currently studying for the (CEH) Certified Ethical Hacker? From v12 on knowledge in OT is required! This course offers you a hands-on introduction to understand the typical vulnerabilities of OT hardware!
Curious about safeguarding of ICS/OT devices? Join my course Assessing and Protecting Industrial Control Systems.
Please note that the software used is not mine. I can only offer limited assistance in case of problems. Please contact the publisher of the software for help. The installation instructions were created to the best of my knowledge, but the responsibility for the installation lies with the participants.
What You Will Learn
- Interactive Simulations: Engage with 6 industrial controller simulations to practice and refine your pentesting skills.
- ICS Pentest Platform: Build your own ICS pentesting environment using open-source tools.
- Typical Attack Surfaces: Understand and explore the common vulnerabilities of ICS systems.
- Hands-On Experience: Complete over 30 practical tasks to gain real-world skills.
- Tool Utilization: Learn to use key pentesting tools from Kali and other open-source platforms.
What you’ll learn
- Show your pentest skills on 6 interactive industrial controller simulations
- Build your own ICS pentest platform with open source tools
- NO exploits, privilege escalation nor root shells
- Learn the typical attack surfaces of an ICS
- Workshop with high practical part with more than 30 tasks
This course includes:
- 2 hours on-demand video
- 12 downloadable resources
- Access on mobile and TV
- Certificate of completion
Major Takeaways
- Hands-On Practice: Experience practical pentesting through interactive simulations and real-world PLCs.
- Open Source Tools: Learn to leverage powerful open-source tools for ICS security testing.
- Practical Knowledge: Develop a deep understanding of ICS attack surfaces and security testing techniques.
- Real-World Application: Apply your skills in a workshop setting with over 30 practical tasks.
- ICS-Specific Techniques: Gain insights into the unique aspects of pentesting in ICS environments, distinct from traditional IT pentesting.
Requirements
- Don’t be afraid to use the Linux command line!
- No licenses needed. All tools are open source!
- Windows 10 system with 8GB RAM and virtualization enabled.
- Basic knowledge or interest in industrial process automation.
