Pentesting Industrial Control Systems : an Ethical Hacker's Guide to Analyzing, Compromising, Mitigating, and Securing Industrial Processes / Paul Smith.

Format:

Book

Author/Creator:

Smith, Paul, author.

Language:

English

Subjects (All):

Penetration testing (Computer security).

Industries--Security measures.

Industries.

Computer networks--Security measures.

Computer networks.

Automation--Security measures.

Automation.

Physical Description:

1 online resource (450 pages)

Place of Publication:

Birmingham : Packt Publishing, 2021.

Summary:

Discover modern tactics, techniques, and procedures for pentesting industrial control systems Key Features Become well-versed with offensive ways of defending your industrial control systems Learn about industrial network protocols, threat hunting, Active Directory compromises, SQL injection, and much more Build offensive and defensive skills to combat industrial cyber threats Book Description The industrial cybersecurity domain has grown significantly in recent years. To completely secure critical infrastructure, red teams must be employed to continuously test and exploit the security integrity of a company's people, processes, and products. This pentesting book takes a slightly different approach than most by helping you to gain hands-on experience with equipment that you'll come across in the field. This will enable you to understand how industrial equipment interacts and operates within an operational environment. You'll start by getting to grips with the basics of industrial processes, and then see how to create and break the process, along with gathering open source intel to create a threat landscape for your potential customer. As you advance, you'll find out how to install and utilize offensive techniques used by professional hackers. Throughout the book, you'll explore industrial equipment, port and service discovery, pivoting, and much more, before finally launching attacks against systems in an industrial network. By the end of this penetration testing book, you'll not only understand how to analyze and navigate the intricacies of an industrial control system (ICS), but you'll also have developed essential offensive and defensive skills to proactively protect industrial networks from modern cyberattacks. What you will learn Set up a starter-kit ICS lab with both physical and virtual equipment Perform open source intel-gathering pre-engagement to help map your attack landscape Get to grips with the Standard Operating Procedures (SOPs) for penetration testing on industrial equipment Understand the principles of traffic spanning and the importance of listening to customer networks Gain fundamental knowledge of ICS communication Connect physical operational technology to engineering workstations and supervisory control and data acquisition (SCADA) software Get hands-on with directory scanning tools to map web-based SCADA solutions Who this book is for If you are an ethical hacker, penetration tester, automation engineer, or IT security professional looking to maintain and secure industrial networks from adversaries, this book is for you. A basic understanding of cybersecurity and recent cyber events will help you get the most out of this book.

Contents:

Cover

Title page

Copyright and Credits

Contributors

Table of Contents

Preface

Section 1

Getting Started

Chapter 1: Using Virtualization

Technical requirements

Understanding what virtualization is

Discovering what VMware is

Turning it all on

How to install Fusion

How to install ESXi

How to install Hypervisor

Spinning up Ubuntu as a pseudo-PLC/SCADA

Spinning up Windows Engineering Workstation

Spinning up Kali Linux

Routing and rules

Summary

Chapter 2: Route the Hardware

Installing the Click software

Setting up Koyo Click

Configuring communication

Chapter 3: I Love My Bits

Lab Setup

Writing and downloading our first program

Overriding and wiring the I/O

Testing control

Section 2

Understanding the Cracks

Chapter 4: Open Source Ninja

Understanding Google-Fu

Searching LinkedIn

Experimenting with Shodan.io

Investigating with ExploitDB

Traversing the NVD

Chapter 5: Span Me If You Can

Installing Wireshark

macOS

Linux distros

Windows 10

Using a TAP during an engagement

Navigating IDS security monitoring

Node license saturation

Alert exhaustion

Other protocol or uncommon port

Encrypted protocol usage

Living off the land

Chapter 6: Packet Deep Dive

How are packets formed?

The Application layer

The Presentation layer

The Session layer

The Transport layer

The Network layer

The Data Link layer

The Physical layer

Capturing packets on the wire

Capture filters

Display filters

Analyzing packets for key information

Summary

Section 3

I'm a Pirate, Hear Me Roar

Chapter 7: Scanning 101

Installing and configuring Ignition SCADA

Introduction to NMAP

Port scanning with RustScan

Installing RustScan

Introduction to Gobuster

Installing Gobuster

Web application scanning with feroxbuster

Chapter 8: Protocols 202

Industry protocols

Modbus crash course

Establishing a Modbus server

Turning lights on with Ethernet/IP

Establishing the EthernetIP server

Chapter 9: Ninja 308

Technical requirements

Installing FoxyProxy

Running BurpSuite

Building a script for brute-forcing SCADA

Chapter 10: I Can Do It 420

Installing corporate environment elements

Installing and configuring the domain controller

Adding and installing the DNS server

Adding and installing the DHCP server

Adding and installing network file sharing

Configuring Kerberos

Installing and configuring workstations

Kali Linux tools

Discovering and launching our attacks

Getting shells

Chapter 11: Whoot ... I Have To Go Deep

Notes:

Configuring a firewall.

Description based on: online resource; title from PDF information screen (Worldcat, viewed March 17, 2023).

ISBN:

9781523142163

1523142162

9781800202382

1800202385

OCLC:

1285171069