Ethically hacking an industrial control system

In recent years, the industrial cybersecurity arena has risen dramatically. Red teams must be used to continually test and exploit the security integrity of a companys people, processes, and products in order to completely safeguard critical infrastructure. This pen testing book takes a different approach than most by assisting you in gaining hands-on experience with equipment youll encounter in the field. This will allow you to comprehend how industrial equipment interacts and functions in a real-world setting.

This book begins by covering the fundamentals of industrial processes, then goes on to learn how to design and break them. It also includes obtaining open-source intelligence to develop a dangerous environment for your potential customer. Youll learn how to install and employ offensive tactics used by skilled hackers as you go. Before eventually launching assaults against systems in an industrial network, youll learn about industrial equipment, port, and service discovery, pivoting, and much more.

Youll not only know how to evaluate and navigate the nuances of an industrial control system (ICS) by the conclusion of this penetration testing book, but youll also have gained crucial offensive and defensive skills to proactively safeguard industrial networks from current assaults.

KEY FEATURES

* Learn how to defend industrial control systems from an attacking standpoint.
* Learn about industrial network protocols and threat hunting.
* Handling of tackle industrial cyber risks
* Develop offensive and defensive skills.

WHAT YOU WILL LEARN

* Set up an ICS lab with both physical and virtual equipment using a beginning kit.
* Perform pre-engagement open-source intel collection to aid in the mapping of your attack landscape.
* Learn how to do penetration testing on industrial equipment using Standard Operating Procedures (SOPs).
* Recognize the necessity of listening to customer networks and the concepts of traffic stretching.
* Learn the fundamentals of ICS communication.
* Connect engineering workstations and supervisory control
* Connect data acquisition (SCADA) software to physical operational technologies.
* Learn how to map web-based SCADA solutions using directory scanning tools.

WHO THIS BOOK IS FOR

This book is intended for an ethical hacker, penetration tester, automation engineer, or IT security expert who wants to keep industrial networks safe from intruders. Youll get the most out of this book if you have a basic grasp of cybersecurity and recent cyber incidents.

1. Using Virtualization
2. Route the Hardware
3. I Love My Bits: Lab Setup
4. Open-Source Ninja
5. Span Me If You Can
6. Packet Deep Dive
7. Scanning 101
8. Protocols 202
9. Ninja 308
10. I Can Do It 420
11. Whoot… I Have To Go Deep

Sharon Ferrone has spent over three decades working in the automation control industry, solving "red herring" difficulties. Hes dealt with a variety of challenges, including measurement discrepancies caused by flare sensor saturation, database transfer errors, and more. He is self Learned CISSP and CFE and has completed Cyber-Security, Cyber-Forensic, International Cyber Law, Fraud Control from the Asian School of Cyber Law.