Chapter 7: Scanning 101

In the last chapter, we discussed how packets are structured and relate to the OSI model, set up capture filters with Wireshark, and used display filters to analyze industrial control system (ICS) lab packet captures (pcaps) that we downloaded from Netresec, using and practicing these skills to further our knowledge and sharpen our pentesting skills.

In this chapter, we are going to install Ignition SCADA and connect our Koyo Click PLC lab to it. We then will look at a number of tools for enumerating and scanning industrial networks, from port scanning with NMAP and RustScan to web application scanning with human machine interfaces (HMIs), SCADA operator screens, PLC control screens, and flow computer web portals with ...

Get Pentesting Industrial Control Systems now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.