Pentesting Industrial Control Systems an Ethical Hacker's Guide to Analyzing, Compromising, Mitigating, and Securing Industrial Processes
Discover modern tactics, techniques, and procedures for pentesting industrial control systems Key Features Become well-versed with offensive ways of defending your industrial control systems Learn about industrial network protocols, threat hunting, Active Directory compromises, SQL injection, and mu...
| Otros Autores: | |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Birmingham :
Packt Publishing
2021.
|
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009639600606719 |
Tabla de Contenidos:
- Cover
- Title page
- Copyright and Credits
- Contributors
- Table of Contents
- Preface
- Section 1
- Getting Started
- Chapter 1: Using Virtualization
- Technical requirements
- Understanding what virtualization is
- Discovering what VMware is
- Turning it all on
- How to install Fusion
- How to install ESXi
- How to install Hypervisor
- Spinning up Ubuntu as a pseudo-PLC/SCADA
- Spinning up Windows Engineering Workstation
- Spinning up Kali Linux
- Routing and rules
- Summary
- Chapter 2: Route the Hardware
- Technical requirements
- Installing the Click software
- Setting up Koyo Click
- Configuring communication
- Summary
- Chapter 3: I Love My Bits
- Lab Setup
- Technical requirements
- Writing and downloading our first program
- Overriding and wiring the I/O
- Testing control
- Summary
- Section 2
- Understanding the Cracks
- Chapter 4: Open Source Ninja
- Technical requirements
- Understanding Google-Fu
- Searching LinkedIn
- Experimenting with Shodan.io
- Investigating with ExploitDB
- Traversing the NVD
- Summary
- Chapter 5: Span Me If You Can
- Technical requirements
- Installing Wireshark
- macOS
- Linux distros
- Windows 10
- Using a TAP during an engagement
- Navigating IDS security monitoring
- Node license saturation
- Alert exhaustion
- Other protocol or uncommon port
- Encrypted protocol usage
- Living off the land
- Summary
- Chapter 6: Packet Deep Dive
- Technical requirements
- How are packets formed?
- The Application layer
- The Presentation layer
- The Session layer
- The Transport layer
- The Network layer
- The Data Link layer
- The Physical layer
- Capturing packets on the wire
- Capture filters
- Display filters
- Analyzing packets for key information
- Summary
- Section 3
- I'm a Pirate, Hear Me Roar
- Chapter 7: Scanning 101
- Technical requirements
- Installing and configuring Ignition SCADA
- Introduction to NMAP
- Port scanning with RustScan
- Installing RustScan
- Introduction to Gobuster
- Installing Gobuster
- Web application scanning with feroxbuster
- Summary
- Chapter 8: Protocols 202
- Technical requirements
- Industry protocols
- Modbus crash course
- Establishing a Modbus server
- Turning lights on with Ethernet/IP
- Establishing the EthernetIP server
- Summary
- Chapter 9: Ninja 308
- Technical requirements
- Installing FoxyProxy
- Running BurpSuite
- Building a script for brute-forcing SCADA
- Summary
- Chapter 10: I Can Do It 420
- Technical requirements
- Installing corporate environment elements
- Installing and configuring the domain controller
- Adding and installing the DNS server
- Adding and installing the DHCP server
- Adding and installing network file sharing
- Configuring Kerberos
- Installing and configuring workstations
- Kali Linux tools
- Discovering and launching our attacks
- Getting shells
- Summary
- Chapter 11: Whoot ... I Have To Go Deep
- Technical requirements
