Sign up to save your podcasts
Or
Share Pentesting Industrial Control Systems
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Pentesting Industrial Control Systems
This summary is talking about the Book "Pentesting Industrial Control Systems".
This document provides an ethical hacker's guide to analyzing, compromising, mitigating, and securing industrial control systems (ICS). The book begins with a section on virtualization, guiding the reader through setting up a virtual lab with VMware to mimic an ICS environment. It then progresses to hardware, including setting up and configuring a programmable logic controller (PLC) and connecting it to the virtual lab. The next section focuses on open source intelligence gathering, teaching readers how to use Google, LinkedIn, Shodan, ExploitDB, and the NVD to research a company, facility, process, control, contract, or other form of publicly shared information to build a profile of the target. Following this, the document discusses SPAN/mirroring and TAPs, explaining how they are used for out-of-band network monitoring and analyzing network traffic. The book then explores Modbus and Ethernet/IP protocols, explaining how these protocols are used in ICS environments, and demonstrating how to leverage them for pentesting purposes. It also provides a comprehensive guide to using various security tools like NMAP, RustScan, Gobuster, and feroxbuster for scanning and enumerating networks and web applications. The document further covers the use of Burp Suite, FoxyProxy, and other web pentesting tools for intercepting, analyzing, and manipulating web traffic, and also includes a section on configuring a corporate environment with AD, DNS, and DHCP. Finally, it explores various techniques for launching attacks on a corporate network, including privilege escalation and pivoting, as well as how to use Empire and mimikatz for post-exploitation activities. The document concludes with a detailed guide on creating a pentesting report, including sections on documenting attack vectors, privilege escalation, lateral movement, and mitigation strategies.
You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cyber_security_summary
Get the Book now from Amazon:
https://www.amazon.com/Pentesting-Industrial-Control-Systems-compromising/dp/1800202385?&linkCode=ll1&tag=cvthunderx-20&linkId=d99e7084a66ab3d655a1ce67cf1fb5d4&language=en_US&ref_=as_li_ss_tl
Discover our free courses in tech and cybersecurity, Start learning today:
https://linktr.ee/cybercode_academy
This document provides an ethical hacker's guide to analyzing, compromising, mitigating, and securing industrial control systems (ICS). The book begins with a section on virtualization, guiding the reader through setting up a virtual lab with VMware to mimic an ICS environment. It then progresses to hardware, including setting up and configuring a programmable logic controller (PLC) and connecting it to the virtual lab. The next section focuses on open source intelligence gathering, teaching readers how to use Google, LinkedIn, Shodan, ExploitDB, and the NVD to research a company, facility, process, control, contract, or other form of publicly shared information to build a profile of the target. Following this, the document discusses SPAN/mirroring and TAPs, explaining how they are used for out-of-band network monitoring and analyzing network traffic. The book then explores Modbus and Ethernet/IP protocols, explaining how these protocols are used in ICS environments, and demonstrating how to leverage them for pentesting purposes. It also provides a comprehensive guide to using various security tools like NMAP, RustScan, Gobuster, and feroxbuster for scanning and enumerating networks and web applications. The document further covers the use of Burp Suite, FoxyProxy, and other web pentesting tools for intercepting, analyzing, and manipulating web traffic, and also includes a section on configuring a corporate environment with AD, DNS, and DHCP. Finally, it explores various techniques for launching attacks on a corporate network, including privilege escalation and pivoting, as well as how to use Empire and mimikatz for post-exploitation activities. The document concludes with a detailed guide on creating a pentesting report, including sections on documenting attack vectors, privilege escalation, lateral movement, and mitigation strategies.
You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cyber_security_summary
Get the Book now from Amazon:
https://www.amazon.com/Pentesting-Industrial-Control-Systems-compromising/dp/1800202385?&linkCode=ll1&tag=cvthunderx-20&linkId=d99e7084a66ab3d655a1ce67cf1fb5d4&language=en_US&ref_=as_li_ss_tl
Discover our free courses in tech and cybersecurity, Start learning today:
https://linktr.ee/cybercode_academy
View all episodes
By CyberSecurity Summary
2.2
55 ratings
This summary is talking about the Book "Pentesting Industrial Control Systems".
This document provides an ethical hacker's guide to analyzing, compromising, mitigating, and securing industrial control systems (ICS). The book begins with a section on virtualization, guiding the reader through setting up a virtual lab with VMware to mimic an ICS environment. It then progresses to hardware, including setting up and configuring a programmable logic controller (PLC) and connecting it to the virtual lab. The next section focuses on open source intelligence gathering, teaching readers how to use Google, LinkedIn, Shodan, ExploitDB, and the NVD to research a company, facility, process, control, contract, or other form of publicly shared information to build a profile of the target. Following this, the document discusses SPAN/mirroring and TAPs, explaining how they are used for out-of-band network monitoring and analyzing network traffic. The book then explores Modbus and Ethernet/IP protocols, explaining how these protocols are used in ICS environments, and demonstrating how to leverage them for pentesting purposes. It also provides a comprehensive guide to using various security tools like NMAP, RustScan, Gobuster, and feroxbuster for scanning and enumerating networks and web applications. The document further covers the use of Burp Suite, FoxyProxy, and other web pentesting tools for intercepting, analyzing, and manipulating web traffic, and also includes a section on configuring a corporate environment with AD, DNS, and DHCP. Finally, it explores various techniques for launching attacks on a corporate network, including privilege escalation and pivoting, as well as how to use Empire and mimikatz for post-exploitation activities. The document concludes with a detailed guide on creating a pentesting report, including sections on documenting attack vectors, privilege escalation, lateral movement, and mitigation strategies.
You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cyber_security_summary
Get the Book now from Amazon:
https://www.amazon.com/Pentesting-Industrial-Control-Systems-compromising/dp/1800202385?&linkCode=ll1&tag=cvthunderx-20&linkId=d99e7084a66ab3d655a1ce67cf1fb5d4&language=en_US&ref_=as_li_ss_tl
Discover our free courses in tech and cybersecurity, Start learning today:
https://linktr.ee/cybercode_academy
This document provides an ethical hacker's guide to analyzing, compromising, mitigating, and securing industrial control systems (ICS). The book begins with a section on virtualization, guiding the reader through setting up a virtual lab with VMware to mimic an ICS environment. It then progresses to hardware, including setting up and configuring a programmable logic controller (PLC) and connecting it to the virtual lab. The next section focuses on open source intelligence gathering, teaching readers how to use Google, LinkedIn, Shodan, ExploitDB, and the NVD to research a company, facility, process, control, contract, or other form of publicly shared information to build a profile of the target. Following this, the document discusses SPAN/mirroring and TAPs, explaining how they are used for out-of-band network monitoring and analyzing network traffic. The book then explores Modbus and Ethernet/IP protocols, explaining how these protocols are used in ICS environments, and demonstrating how to leverage them for pentesting purposes. It also provides a comprehensive guide to using various security tools like NMAP, RustScan, Gobuster, and feroxbuster for scanning and enumerating networks and web applications. The document further covers the use of Burp Suite, FoxyProxy, and other web pentesting tools for intercepting, analyzing, and manipulating web traffic, and also includes a section on configuring a corporate environment with AD, DNS, and DHCP. Finally, it explores various techniques for launching attacks on a corporate network, including privilege escalation and pivoting, as well as how to use Empire and mimikatz for post-exploitation activities. The document concludes with a detailed guide on creating a pentesting report, including sections on documenting attack vectors, privilege escalation, lateral movement, and mitigation strategies.
You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cyber_security_summary
Get the Book now from Amazon:
https://www.amazon.com/Pentesting-Industrial-Control-Systems-compromising/dp/1800202385?&linkCode=ll1&tag=cvthunderx-20&linkId=d99e7084a66ab3d655a1ce67cf1fb5d4&language=en_US&ref_=as_li_ss_tl
Discover our free courses in tech and cybersecurity, Start learning today:
https://linktr.ee/cybercode_academy
More shows like CyberSecurity Summary
View all
The Joe Rogan Experience
228,737 Listeners
Hidden Brain
43,588 Listeners
Hacked
188 Listeners
Security Now (Audio)
2,010 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
372 Listeners
LINUX Unplugged
268 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
652 Listeners
CyberWire Daily
1,024 Listeners
Smashing Security
319 Listeners
Click Here
418 Listeners
Darknet Diaries
8,052 Listeners
Cybersecurity Today
181 Listeners
Hacking Humans
314 Listeners
Think Fast Talk Smart: Communication Techniques
796 Listeners
Cyber Security Headlines
140 Listeners