Book description
Discover modern tactics, techniques, and procedures for pentesting industrial control systems
Key Features
- Become well-versed with offensive ways of defending your industrial control systems
- Learn about industrial network protocols, threat hunting, Active Directory compromises, SQL injection, and much more
- Build offensive and defensive skills to combat industrial cyber threats
Book Description
The industrial cybersecurity domain has grown significantly in recent years. To completely secure critical infrastructure, red teams must be employed to continuously test and exploit the security integrity of a company's people, processes, and products. This pentesting book takes a slightly different approach than most by helping you to gain hands-on experience with equipment that you'll come across in the field. This will enable you to understand how industrial equipment interacts and operates within an operational environment.
You'll start by getting to grips with the basics of industrial processes, and then see how to create and break the process, along with gathering open source intel to create a threat landscape for your potential customer. As you advance, you'll find out how to install and utilize offensive techniques used by professional hackers. Throughout the book, you'll explore industrial equipment, port and service discovery, pivoting, and much more, before finally launching attacks against systems in an industrial network.
By the end of this penetration testing book, you'll not only understand how to analyze and navigate the intricacies of an industrial control system (ICS), but you'll also have developed essential offensive and defensive skills to proactively protect industrial networks from modern cyberattacks.
What you will learn
- Set up a starter-kit ICS lab with both physical and virtual equipment
- Perform open source intel-gathering pre-engagement to help map your attack landscape
- Get to grips with the Standard Operating Procedures (SOPs) for penetration testing on industrial equipment
- Understand the principles of traffic spanning and the importance of listening to customer networks
- Gain fundamental knowledge of ICS communication
- Connect physical operational technology to engineering workstations and supervisory control and data acquisition (SCADA) software
- Get hands-on with directory scanning tools to map web-based SCADA solutions
Who this book is for
If you are an ethical hacker, penetration tester, automation engineer, or IT security professional looking to maintain and secure industrial networks from adversaries, this book is for you. A basic understanding of cybersecurity and recent cyber events will help you get the most out of this book.
Table of contents
- Pentesting Industrial Control Systems
- Contributors
- About the author
- About the reviewer
- Preface
- Section 1 - Getting Started
- Chapter 1: Using Virtualization
- Chapter 2: Route the Hardware
- Chapter 3: I Love My Bits – Lab Setup
- Section 2 - Understanding the Cracks
- Chapter 4: Open Source Ninja
- Chapter 5: Span Me If You Can
- Chapter 6: Packet Deep Dive
- Section 3 - I’m a Pirate, Hear Me Roar
- Chapter 7: Scanning 101
- Chapter 8: Protocols 202
- Chapter 9: Ninja 308
- Chapter 10: I Can Do It 420
- Chapter 11: Whoot… I Have To Go Deep
- Section 4 -Capturing Flags and Turning off Lights
- Chapter 12: I See the Future
- Chapter 13: Pwned but with Remorse
- Other Books You May Enjoy
Product information
- Title: Pentesting Industrial Control Systems
- Author(s):
- Release date: December 2021
- Publisher(s): Packt Publishing
- ISBN: 9781800202382
You might also like
book
Cybersecurity for Industrial Control Systems
As industrial control systems (ICS) become Internet-facing, they expose crucial services to attack. Explaining how to …
book
Industrial Cybersecurity - Second Edition
A second edition filled with new and improved content, taking your ICS cybersecurity journey to the …
book
Cybersecurity of Industrial Systems
How to manage the cybersecurity of industrial systems is a crucial question. To implement relevant solutions, …
book
Industrial Network Security, 2nd Edition
As the sophistication of cyber-attacks increases, understanding how to defend critical infrastructure systems—energy production, water, gas, …