Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Pentesting Industrial Control Systems

You're reading from   Pentesting Industrial Control Systems An ethical hacker's guide to analyzing, compromising, mitigating, and securing industrial processes

Arrow left icon
Product type Paperback
Published in Dec 2021
Publisher Packt
ISBN-13 9781800202382
Length 450 pages
Edition 1st Edition
Languages
Arrow right icon
Author (1):
Arrow left icon
Paul Smith Paul Smith
Author Profile Icon Paul Smith
Paul Smith
Arrow right icon
View More author details
Toc

Table of Contents (19) Chapters Close

Preface 1. Section 1 - Getting Started
2. Chapter 1: Using Virtualization FREE CHAPTER 3. Chapter 2: Route the Hardware 4. Chapter 3: I Love My Bits – Lab Setup 5. Section 2 - Understanding the Cracks
6. Chapter 4: Open Source Ninja 7. Chapter 5: Span Me If You Can 8. Chapter 6: Packet Deep Dive 9. Section 3 - I’m a Pirate, Hear Me Roar
10. Chapter 7: Scanning 101 11. Chapter 8: Protocols 202 12. Chapter 9: Ninja 308 13. Chapter 10: I Can Do It 420 14. Chapter 11: Whoot… I Have To Go Deep 15. Section 4 -Capturing Flags and Turning off Lights
16. Chapter 12: I See the Future 17. Chapter 13: Pwned but with Remorse 18. Other Books You May Enjoy

What this book covers

Chapter 1, Using Virtualization, will walk you through the basic building blocks of virtualization, and then progress into building out a hypervisor that will support our virtual ICS lab.

Chapter 2, Route the Hardware, covers the principles of setting up a Programmable Logic Controller (PLC), and then moves on to the fundamentals of connecting that PLC to a virtual machine on our newly minted hypervisor.

Chapter 3, I Love My Bits – Lab Setup, takes us through the steps of writing, downloading, and uploading our first program to our PLC.

Chapter 4, Open Source Ninja, teaches you about the power of Google-Fu, oversharing on LinkedIn, exposed devices on Shodan.io, navigating ExploitDB, and finally, leveraging the national vulnerability database.

Chapter 5, Span Me If You Can, teaches you about SPANs and TAPs and how they can be leveraged in a pentesting engagement, and then we will take a deep dive into intrusion detection systems.

Chapter 6, Packet Deep Dive, walks through the structure of a typical packet, teaching you how to capture packets from the wire, and then analyzing those packets for key information.

Chapter 7, Scanning 101, starts out by building a live SCADA system, and then moves on to using NMAP, RustScan, Gobuster, and feroxbuster to perform scanning techniques on our live SCADA system.

Chapter 8, Protocols 202, takes a deep dive into Modbus and Ethernet/IP and the ways we can utilize these protocols to perform pentesting tasks inside the ICS.

Chapter 9, Ninja 308, leverages FoxyProxy and Burp Suite to analyze and attack the SCADA user interface.

Chapter 10, I Can Do It 420, starts off by installing and configuring a corporate-side firewall to provide a more holistic lab setup. Then, we continue on to scanning, exploiting, and then landing reverse shells.

Chapter 11, Whoot… I Have To Go Deep, now that we have the shells, looks at running post-exploitation modules to glean data from inside the network. We will escalate privileges on the machines that we compromise, and then pivot down to the lower segments.

Chapter 12, I See the Future, looks at the dangers of credential reuse by taking you through the steps of leveraging credentials discovered in previous steps and then accessing the SCADA interface for ultimate control of the system.

Chapter 13, Pwnd but with Remorse, discusses the core deliverable, the report. If there is no evidence, did a test actually occur? We will prepare a template for future assessments/pentests, then discuss the critical information that lands inside the report, and then finally, document recommendations that can be used by the blue team to protect their systems into the future.

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime