Overview What You Will Learn Curriculum Instructor

Course Overview

For learners of IT pen-testing, there are plenty of opportunities like HackTheBox or VulnHub, where pentest tools and hacking skills can be tried out. Training platforms with ICS focus either don't exist or come in the form of a boring seminar with over 1000€ participation fee.

In this course, you will learn important pentest tools from Kali and open-source tools, and you can try them out in 6 interactive simulations of industrial controllers. Of course, the simulations are not perfect, so I will show you the tools and techniques of two real PLCs. This course has a highly practical part and encourages you to participate! There are more than 30 exciting tasks waiting for you, with which you can deepen your skills bit by bit! Important: The pen-testing of ICS cannot be compared to the typical pen-testing of the IT world. Industrial plants need to be continuously available and hardly any plant operator wants to risk a production stop. Typically, security testing is performed at the lowest or second-lowest aggressiveness level. So if you are hoping to pwn your device with buffer overflows, kernel exploits, privilege escalation, and root shells, you are in the wrong place.

Are you interested in security analysis of ICS and do you already have basic knowledge of industrial cyber security? Then this is the right place for you! Are you currently studying for the (CEH) Certified Ethical Hacker? From v12 on knowledge of OT is required! This course offers you a hands-on introduction to understanding the typical vulnerabilities of OT hardware!

Note from the author: Please note that the software used is not mine. I can only offer limited assistance in case of problems. Please contact the publisher of the software for help. The installation instructions were created to the best of my knowledge, but the responsibility for the installation lies with the participants.

What You Will Learn

  • Show your pentest skills on 6 interactive industrial controller simulations.
  • Build your own ICS pentest platform with open-source tools.
  • NO exploits
  • privilege escalation nor root shells.
  • Learn the typical attack surfaces of an ICS.
  • Workshop with high practical part with more than 30 tasks.

Program Curriculum

  • Welcome and Introduction to the Workshop
  • IT x OT
  • ICS are Easy Targets for Attackers
  • Typical ICS Attack Surface
  • Default Credentials and Exposed ICS Webservers
  • Typical OT Pentest Scenarios and Focus of this Workshop
  • Classification of a Pentest
  • Understanding Security Goals of IT and OT
  • IPv4 Address and Subnetting
  • $7 Million Cybersecurity Scholarship by EC-Council
  • Chapter 01 Quiz

  • Welcome to the Section
  • Default Credentials in ICS
  • Google Dorks for Finding Exposed ICS
  • Shodan
  • Find and Scan Public IP Address Ranges with Shodan
  • Hunt for Vulnerabilities with CISA
  • Chapter 02 Quiz

  • Welcome to the Section
  • Introduction to Your Lab and Virtual Machines
  • Installation of Virtual Box
  • Downloading the Kali Linux VM
  • Installation of Ubuntu Server
  • Setting up the ICS Simulations
  • Setting up Kali Linux and Installation of Open-source Tools
  • Chapter 03 Quiz

  • Welcome to the Section
  • Starting a Simple Honeypot and Kali Linux
  • Host Discovery with netdiscover
  • Fingerprinting with Nmap
  • Enumeration with snmp-check
  • Metasploit: The Pentesters Toolkit
  • Open-source Tools
  • Chapter 04 Quiz

  • Welcome to the Section and Preparation of the VM
  • Shodan Task
  • Shodan Solution
  • Google Dorks Task
  • Google Dorks Solution
  • Default Credentials Task
  • Default Credentials Solution
  • Starting the Simulation and Host Discovery Task
  • Host Discovery Solution
  • Nmap Task
  • Nmap Solution
  • Snmp Enumeration Task
  • Snmp Enumeration Solution
  • Chapter 05 Quiz

  • Welcome to the Section
  • Starting the Simulation and Host Discovery Task
  • Host Discovery Solution
  • Nmap Task
  • Nmap Solution
  • Nmap NSE Task
  • Nmap NSE Solution
  • plcscan Task
  • plcscan Solution
  • Search Exploits in Metasploit and Exploit DB
  • Adding External Exploits to the Metasploit Framework
  • Attacking the Simulation Task
  • Attacking the Simulation Solution
  • SiemensScan
  • Chapter 06 Quiz

  • Welcome to the Section
  • Recon and Fingerprinting with Nmap
  • Enumeration and Exploitation with Metasploit
  • Enumeration and Exploitation with Open-source Tools
  • Chapter 07 Quiz

  • Welcome to the Section
  • Shodan Task
  • Shodan Solution
  • Starting the Simulation and Host Discovery Task
  • Host Discovery Solution
  • Nmap Task
  • Nmap Solution
  • Nmap NSE Task
  • Nmap NSE Solution
  • OSINT Task
  • OSINT Solution
  • Attack Task
  • Attack Solution
  • Chapter 08 Quiz

  • Welcome to the Section
  • Shodan Search Task
  • Shodan Search Solution
  • Google Dorks Task
  • Google Dorks Solution
  • Default Credentials Task
  • Default Credentials Solution
  • Starting the Simulation and Host Discovery Task
  • Host Discovery Solution
  • Nmap Task
  • Nmap Solution
  • Finding Metasploit Modules Task
  • Finding Metasploit Modules Solution
  • Running Metasploit Modules against the Target Task
  • Running Metasploit Modules against the Target Solution
  • Chapter 09 Quiz

  • Welcome to the Section
  • Starting the Simulation and Nmap Scan Task
  • Nmap Scan Solution
  • Metasploit Task
  • Metasploit Solution
  • Read Memory Blocks Task
  • Read Memory Blocks Solution
  • Manipulate Memory Blocks Task
  • Manipulate Memory Blocks Solution
  • Chapter 10 Quiz

  • Welcome to the Section
  • Recon and Fingerprinting with Nmap
  • Enumeration and Exploitation-trial with Metasploit
  • Enumeration and Exploitation with Open-source Tools
  • Chapter 11 Quiz

  • Welcome to the Section and Preparation of the VM
  • Your Red Team Assignment
  • Hint: Methodology and Steps (No Spoilers)
  • Step 1 Solution: Recon and Fingerprinting
  • Step 2 Solution: Enumeration
  • Step 3 Solution: Triggering the Shutdown
  • Chapter 12 Quiz
Load more modules

Instructor

Marcel Rick-Cen

Marcel Rick-Cen is an OT Security Consultant with years of experience in the field of automation technology. He holds a master's degree in automation engineering and has a strong background in fixing mechanical, electrical, and software problems on the shopfloor. Marcel has worked on the shopfloor in various international locations, gaining firsthand experience in the challenges of keeping OT systems running. Additionally, as an ethical hacker, he spends his nights trying open-source exploits against real industrial hardware in his ICS homelab. Marcel's unique blend of technical expertise and real-world experience makes him an invaluable contributor to the OT security field. In his courses and workshops, he teaches newcomers exciting basics about the possibilities to attack and defend an ICS/OT system and places special emphasis on practicality.

Join over 1 Million professionals from the most renowned Companies in the world!

certificate

Empower Your Learning with Our Flexible Plans

Invest in your future with our flexible subscription plans. Whether you're just starting out or looking to enhance your expertise, there's a plan tailored to meet your needs. Gain access to in-demand skills and courses for your continuous learning needs.

Monthly Plans
Annual Plans
Save 20% with our annual plans!

Pro

Ideal for continuous learning, offering extensive resources with 600+ courses and diverse Learning Paths to enhance your skills.

$ 499.00
Billed annually or $59.00 billed monthly
Get Started Now
Start your 7-day trial for $1

What is included

  • 700+ Premium Short Courses
  • 50+ Structured Learning Paths
  • Validation of Completion with all courses and learning paths
  • New Courses added every month
Early Access Offer

Pro +

Experience immersive learning with Practice Labs, CTF Challenges, and exclusive EC-Council certifications for comprehensive skill-building.

$ 599.00
Billed annually or $69.00 billed monthly
Get Started Now
Start your 7-day trial for $1

Everything in Pro and

  • 800+ Practice Lab exercises with guided instructions
  • 150+ CTF Challenges with detailed walkthroughs
  • New Practice Labs and Challenges added every month
  • 3 Official EC-Council Essentials Certifications¹ (retails at $897!)
    Exclusive Bonus with Annual Plans

¹This plan includes Digital Forensics Essentials (DFE), Ethical Hacking Essentials (EHE), and Network Defense Essentials (NDE) certifications. No other EC-Council certifications are included.

Related Courses

  • OSINT: Unmasking Online Scams and Fraud

    OSINT: Unmasking Online Scams and Fraud

    Short Course

    OSINT: Unmasking Online Scams and Fraud

    Cybersecurity

    Master OSINT Techniques to Detect Online Scams, Phishing, Fak...

    $0.00

    Beginner

  • Implementing and Administering Cisco Solutions: CCNA 200-301

    Implementing and Administering Cisco Solutions: CCNA 200-301

    Short Course

    Implementing and Administering Cisco Solutions: CCNA 200-301

    Cybersecurity

    Gain the core skills within the field of Network Engineering ...

    $69.99

    Beginner

    10 hr 30 m

  • WordPress Security - Secure Your Site Against Hackers

    WordPress Security - Secure Your Site Against Hackers

    Short Course

    WordPress Security - Secure Your Site Against Hackers

    Cybersecurity

    Learn how to protect and secure you Wordpress Website

    $59.99

    Beginner

    2 hr 30 m

  • OSINT - Open-source Intelligence

    OSINT - Open-source Intelligence

    Short Course

    OSINT - Open-source Intelligence

    Cybersecurity

    Learn about OSINT (Open-source intelligence) from a hacker's ...

    $69.99

    Beginner

    5 hr 59 m

  • Ultimate Privacy by Design Master Course (GDPR, CCPA, Etc.)

    Ultimate Privacy by Design Master Course (GDPR, CCPA, Etc.)

    Short Course

    Ultimate Privacy by Design Master Course (GDPR, CCPA, Etc.)

    Cybersecurity

    Learn the Privacy by Design process to increase the Privacy p...

    $69.99

    Beginner

    5 hr 30 m

  • Malware Analysis Fundamentals

    Malware Analysis Fundamentals

    Short Course

    Malware Analysis Fundamentals

    Cybersecurity

    Explore how to find, analyze, and reverse engineer malware.

    $59.99

    Beginner

    4 hr 22 m

  • Digital Footprinting

    Digital Footprinting

    Short Course

    Digital Footprinting

    Cybersecurity

    A Practical Introduction to Digital Footprint Analysis

    $69.99

    Beginner

    4 hr 0 m

  • CVE's for Ethical Hacking Bug Bounties & Penetration Testing

    CVE's for Ethical Hacking Bug Bounties & Penetration Testing

    Short Course

    CVE's for Ethical Hacking Bug Bounties & Penetration T...

    Cybersecurity

    Complete Practical Course on CVEs for Ethical Hacking Penetra...

    $69.99

    Beginner

    7 hr 20 m

1 8