Unfortunately, again this year, I wasn't able to attend BSides LV / BlackHat US / DEFCON in-person. I did however try to watch a few ICS-related talks, and here are my thoughts. Please be aware that this is not an…
Author: arnaudsoullie
Remote training: the tools I use
I decided to write a short blog post describing the technical solutions I used during my BlackHat US training. All BlackHat trainings happened remotely this year, and this doesn't come without challenges. The first one is of course attendees engagement,…
Certified PLCs, secure PLCs?
Programmable Logic Controllers (PLCs) are often seen as one of the major reasons Industrial Control Systems are insecure. These devices -even today- are indeed crippled with critical vulnerabilities. Even worse, they have by design vulnerabilities, also known as forever-days. While…
S4x20: A write-up
This year, I attended the S4 conference in Miami South Beach for the second time. It is a great event, one of the very few cybersecurity events focused on ICS. I will try in this post to mention some of…
DEFCON26: Pentesting ICS 101
I was really proud to give a workshop on ICS pentesting again at DEFCON, with my colleague Alexandrine. All the materials are online at: tinyurl.com/ics101-dc26
A brand new website !
Hi ! Welcome to my new website dedicated to ICS pentesting, and especially the trainings I offer on the topic. Please take a look out my upcoming training at Hack In Paris, or get in touch if you need additional…
DEFCON ICS Village: Fun with Modbus 0x5a
Last summer, I showcased some research on the use of Modbus protocol 0x5A function by Schneider PLCs. You can watch the video here: https://www.youtube-nocookie.com/embed/A_B69Rifu1g?rel=0 The slides are on Google Slides. The tools are located on my Github.