ICS cybersecurity academy

Industrial Control Systems cybersecurity training & resources

SHACK Singapore [30th March – 1st April 2020]

I will deliver the 3-day version of my Pentesting ICS training at SHACK in Singapore in March !

Please follow the link for more information, or look at the training outline below.

https://www.coseinc.com/shack/training

Training Dates

30th March – 1st April 2020

Description

On this intense 3 – day training, you will learn everything you need to start pentesting Industrial Control Systems . We will cover the basics to help you understand the most common ICS vulnerabilities. We will then spend some time learning and exploiting Windows & Active Directory weaknesses, as most ICS are controlled by Windows systems.

We will cover the most common ICS protoco ls (Modbus, S7, OPC – UA…), analyze packet captures and learn how to use these protocols to talk to Programmable Logic Controllers (PLCs). You will learn how to program a PLC, to better understand how to exploit them.

The training will end with a challenging hands – on exercise: The first CTF in which you capture a real flag! Using your newly acquired skills, you will try to compromise a Windows Active Directory, pivot to an ICS setup to take control of a model train and robotic arms.

Class Content

Day 1

  • Module 1: Introduction to ICS
  • Module 2: Pentesting Basics & tools
  • Module 3: Windows basics and pentesting Windows
  • Module 4: Common ICS vulnerabilities

Day 2

  • Module 5: ICS protocols
  • Module 6: Introduction to safety for security pros
  • Module 7: Programming PLCs
  • Module 8: Pentesting ICS

Day 3

  • Module 9: Securing ICS
  • Module 10: Case study
  • Module 11: Capture The Flag

Requirements

Student

  • This class is suited for security people wanting to discover the world of Industrial Control Systems or automation engineers that want to understand in-depth what are the ICS security issues. An understanding of TCP/IP networking, the ability to work with virtual machines and a command line is required.
  • No previous pentesting or industrial control systems experience is required.

Hardware

  • Students must bring a laptop capable of running 64-bit VMs (8gb RAM, 50gb free disk space)

Software

  • All required software is provided in 3 VMs that each attendee will receive on a USB drive

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

%d bloggers like this: