Pentesting Industrial Control Systems

An ethical hacker's guide to analyzing, compromising, mitigating, and securing industrial processes

By: Paul Smith

Write A Review

eText | 9 December 2021 | Edition Number 1

At a Glance

Format
ePUB

eText

$57.19

or 4 interest-free payments of $14.30 with

Instant online reading in your Booktopia eTextbook Library *

Why choose an eTextbook?

Instant Access *

Purchase and read your book immediately

Read Aloud

Listen and follow along as Bookshelf reads to you

Study Tools

Built-in study tools like highlights and more

* eTextbooks are not downloadable to your eReader or an app and can be accessed via web browsers only. You must be connected to the internet and have no technical issues with your device or browser that could prevent the eTextbook from operating.

Discover modern tactics, techniques, and procedures to pentest industrial control systems

Key Features

Get well-versed with offensive ways of defending your industrial control systems
Learn about industrial network protocols, threat hunting, Active Directory compromises, SQL injection, and more
Build your offensive and defensive skills against industrial cyber threats

Book Description

The industrial cybersecurity industry has grown significantly in recent years. To truly secure today's critical infrastructure, red teams must be employed to continuously test and exploit the security integrity of a company's people, processes, and products. This pentesting book takes a slightly different approach than most by helping you to gain hands-on experience with equipment that you'll come across in the field. This will enable you to understand how industrial equipment interacts and operates within an operational environment.

The book begins by helping you get to grips with the basics of industrial processes, and then shows you how to create and break the process, along with gathering open source intel to create a threat landscape for your potential customer. As you advance, you'll find out how to install and utilize offensive techniques used by professional hackers. Throughout the book, you'll explore industrial equipment, open source intel gathering, port and service discovery, pivoting, and finally launch attacks against systems in an industrial network.

By the end of this penetration testing book, you'll not only understand how to analyze and navigate the intricacies of an industrial control system (ICS) but will also gain essential offensive and defensive skills to proactively protect industrial networks from modern cyber attacks.

What you will learn

Set up a starter-kit ICS lab with both physical and virtual equipment
Perform open-source intel-gathering pre-engagement to help map your attack landscape
Get to grips with the SOPs for engaging in a penetration test on industrial equipment
Understand the principles of traffic spanning and the importance of listening to customer networks
Gain fundamental knowledge of ICS communication
Connect physical operational technology to engineering workstations and supervisory control and data acquisition (SCADA) software
Get hands-on experience with directory scanning tools to map web-based SCADA solutions

Who This Book Is For

If you are an ethical hacker, penetration tester, automation engineer, or IT security professional looking to maintain and secure industrial networks from adversaries, then this book is for you. Basic understanding of cybersecurity and recent cyber events will help you get the most out of this book.