Pentesting Industrial Control Systems : an Ethical Hacker's Guide to Analyzing, Compromising, Mitigating, and Securing Industrial Processes.

Discover modern tactics, techniques, and procedures for pentesting industrial control systems Key Features Become well-versed with offensive ways of defending your industrial control systems Learn about industrial network protocols, threat hunting, Active Directory compromises, SQL injection, and mu...

Full description

Saved in:
Bibliographic Details
Main Author: Smith, Paul.
Format: eBook
Language: English
Published: Birmingham : Packt Publishing, Limited, 2021.
Subjects:
ISBN: 9781800207288
180020728X
9781800202382
Physical Description: 1 online resource (450 pages)

Cover

Table of contents

LEADER 07555cam a22004457i 4500
001 kn-on1285171069
003 OCoLC
005 20240717213016.0
006 m o d
007 cr cn|||||||||
008 211113s2021 enk o 000 0 eng d
040 |a EBLCP  |b eng  |e rda  |e pn  |c EBLCP  |d UKMGB  |d OCLCF  |d N$T  |d ORMDA  |d OCLCO  |d AKP  |d OCLCO  |d YDX  |d UKAHL  |d OCLCQ  |d IEEEE  |d OCLCO  |d OCLCL 
020 |a 9781800207288  |q electronic book 
020 |a 180020728X  |q electronic book 
020 |z 9781800202382  |q paperback 
035 |a (OCoLC)1285171069  |z (OCoLC)1283852238 
100 1 |a Smith, Paul. 
245 1 0 |a Pentesting Industrial Control Systems :  |b an Ethical Hacker's Guide to Analyzing, Compromising, Mitigating, and Securing Industrial Processes. 
264 1 |a Birmingham :  |b Packt Publishing, Limited,  |c 2021. 
300 |a 1 online resource (450 pages) 
336 |a text  |b txt  |2 rdacontent 
337 |a computer  |b c  |2 rdamedia 
338 |a online resource  |b cr  |2 rdacarrier 
505 0 |a Cover -- Title page -- Copyright and Credits -- Contributors -- Table of Contents -- Preface -- Section 1 -- Getting Started -- Chapter 1: Using Virtualization -- Technical requirements -- Understanding what virtualization is -- Discovering what VMware is -- Turning it all on -- How to install Fusion -- How to install ESXi -- How to install Hypervisor -- Spinning up Ubuntu as a pseudo-PLC/SCADA -- Spinning up Windows Engineering Workstation -- Spinning up Kali Linux -- Routing and rules -- Summary -- Chapter 2: Route the Hardware -- Technical requirements -- Installing the Click software 
505 8 |a Setting up Koyo Click -- Configuring communication -- Summary -- Chapter 3: I Love My Bits -- Lab Setup -- Technical requirements -- Writing and downloading our first program -- Overriding and wiring the I/O -- Testing control -- Summary -- Section 2 -- Understanding the Cracks -- Chapter 4: Open Source Ninja -- Technical requirements -- Understanding Google-Fu -- Searching LinkedIn -- Experimenting with Shodan.io -- Investigating with ExploitDB -- Traversing the NVD -- Summary -- Chapter 5: Span Me If You Can -- Technical requirements -- Installing Wireshark -- macOS -- Linux distros 
505 8 |a Windows 10 -- Using a TAP during an engagement -- Navigating IDS security monitoring -- Node license saturation -- Alert exhaustion -- Other protocol or uncommon port -- Encrypted protocol usage -- Living off the land -- Summary -- Chapter 6: Packet Deep Dive -- Technical requirements -- How are packets formed? -- The Application layer -- The Presentation layer -- The Session layer -- The Transport layer -- The Network layer -- The Data Link layer -- The Physical layer -- Capturing packets on the wire -- Capture filters -- Display filters -- Analyzing packets for key information -- Summary 
505 8 |a Section 3 -- I'm a Pirate, Hear Me Roar -- Chapter 7: Scanning 101 -- Technical requirements -- Installing and configuring Ignition SCADA -- Introduction to NMAP -- Port scanning with RustScan -- Installing RustScan -- Introduction to Gobuster -- Installing Gobuster -- Web application scanning with feroxbuster -- Summary -- Chapter 8: Protocols 202 -- Technical requirements -- Industry protocols -- Modbus crash course -- Establishing a Modbus server -- Turning lights on with Ethernet/IP -- Establishing the EthernetIP server -- Summary -- Chapter 9: Ninja 308 -- Technical requirements 
505 8 |a Installing FoxyProxy -- Running BurpSuite -- Building a script for brute-forcing SCADA -- Summary -- Chapter 10: I Can Do It 420 -- Technical requirements -- Installing corporate environment elements -- Installing and configuring the domain controller -- Adding and installing the DNS server -- Adding and installing the DHCP server -- Adding and installing network file sharing -- Configuring Kerberos -- Installing and configuring workstations -- Kali Linux tools -- Discovering and launching our attacks -- Getting shells -- Summary -- Chapter 11: Whoot ... I Have To Go Deep -- Technical requirements 
500 |a Configuring a firewall. 
506 |a Plný text je dostupný pouze z IP adres počítačů Univerzity Tomáše Bati ve Zlíně nebo vzdáleným přístupem pro zaměstnance a studenty 
520 |a Discover modern tactics, techniques, and procedures for pentesting industrial control systems Key Features Become well-versed with offensive ways of defending your industrial control systems Learn about industrial network protocols, threat hunting, Active Directory compromises, SQL injection, and much more Build offensive and defensive skills to combat industrial cyber threats Book Description The industrial cybersecurity domain has grown significantly in recent years. To completely secure critical infrastructure, red teams must be employed to continuously test and exploit the security integrity of a company's people, processes, and products. This pentesting book takes a slightly different approach than most by helping you to gain hands-on experience with equipment that you'll come across in the field. This will enable you to understand how industrial equipment interacts and operates within an operational environment. You'll start by getting to grips with the basics of industrial processes, and then see how to create and break the process, along with gathering open source intel to create a threat landscape for your potential customer. As you advance, you'll find out how to install and utilize offensive techniques used by professional hackers. Throughout the book, you'll explore industrial equipment, port and service discovery, pivoting, and much more, before finally launching attacks against systems in an industrial network. By the end of this penetration testing book, you'll not only understand how to analyze and navigate the intricacies of an industrial control system (ICS), but you'll also have developed essential offensive and defensive skills to proactively protect industrial networks from modern cyberattacks. What you will learn Set up a starter-kit ICS lab with both physical and virtual equipment Perform open source intel-gathering pre-engagement to help map your attack landscape Get to grips with the Standard Operating Procedures (SOPs) for penetration testing on industrial equipment Understand the principles of traffic spanning and the importance of listening to customer networks Gain fundamental knowledge of ICS communication Connect physical operational technology to engineering workstations and supervisory control and data acquisition (SCADA) software Get hands-on with directory scanning tools to map web-based SCADA solutions Who this book is for If you are an ethical hacker, penetration tester, automation engineer, or IT security professional looking to maintain and secure industrial networks from adversaries, this book is for you. A basic understanding of cybersecurity and recent cyber events will help you get the most out of this book. 
590 |a Knovel  |b Knovel (All titles) 
650 0 |a Penetration testing (Computer security) 
650 0 |a Industries  |x Security measures. 
650 0 |a Computer networks  |x Security measures. 
650 0 |a Automation  |x Security measures. 
655 7 |a elektronické knihy  |7 fd186907  |2 czenas 
655 9 |a electronic books  |2 eczenas 
776 0 8 |i Print version:  |a Smith, Paul.  |t Pentesting Industrial Control Systems.  |d Birmingham : Packt Publishing, Limited, ©2021 
856 4 0 |u https://proxy.k.utb.cz/login?url=https://app.knovel.com/hotlink/toc/id:kpPICS000E/pentesting-industrial-control?kpromoter=marc  |y Full text