SlideShare a Scribd company logo

Practical Industrial Control System Penetration Testing

G
GiacomoCocozziello

The pentesting of ICS cannot be compared to the typical pentesting of the IT world. Industrial plants need to be continuously available and hardly any plant operator wants to risk a production stop. Typically, security testing is performed at the lowest or second lowest aggressiveness level. So if you are hoping to pwn your device with buffer overflows, kernel exploits, privilege escalation and root shells, you are in the wrong place.

Technology
1 of 1
Practical Industrial Control System Penetration Testing

Recommended

Certificate CRTE (certified Red Team Expert).pdf
Certificate CRTE (certified Red Team Expert).pdfCertificate CRTE (certified Red Team Expert).pdf
Certificate CRTE (certified Red Team Expert).pdfGiacomoCocozziello
 
Effective classification of android malware families through dynamic features...
Effective classification of android malware families through dynamic features...Effective classification of android malware families through dynamic features...
Effective classification of android malware families through dynamic features...GiacomoCocozziello
 
ICS/SCADA Cyber Security Certificate.pdf
ICS/SCADA Cyber Security Certificate.pdfICS/SCADA Cyber Security Certificate.pdf
ICS/SCADA Cyber Security Certificate.pdfGiacomoCocozziello
 
Web Application Penetration Tester Extreme
Web Application Penetration Tester ExtremeWeb Application Penetration Tester Extreme
Web Application Penetration Tester ExtremeGiacomoCocozziello
 
Purple Teaming Fundamentals Cocozziello Giacomo.pdf
Purple Teaming Fundamentals Cocozziello Giacomo.pdfPurple Teaming Fundamentals Cocozziello Giacomo.pdf
Purple Teaming Fundamentals Cocozziello Giacomo.pdfGiacomoCocozziello
 
Secure_Wireless_LAN
Secure_Wireless_LANSecure_Wireless_LAN
Secure_Wireless_LANGiacomoCocozziello
 
OWASP API SECURITY TOP 10.pdf
OWASP API SECURITY TOP 10.pdfOWASP API SECURITY TOP 10.pdf
OWASP API SECURITY TOP 10.pdfGiacomoCocozziello
 
Network Simulation
Network SimulationNetwork Simulation
Network SimulationGiacomoCocozziello
 

Recommended

Certificate CRTE (certified Red Team Expert).pdf
Certificate CRTE (certified Red Team Expert).pdfCertificate CRTE (certified Red Team Expert).pdf
Certificate CRTE (certified Red Team Expert).pdfGiacomoCocozziello
 
Effective classification of android malware families through dynamic features...
Effective classification of android malware families through dynamic features...Effective classification of android malware families through dynamic features...
Effective classification of android malware families through dynamic features...GiacomoCocozziello
 
ICS/SCADA Cyber Security Certificate.pdf
ICS/SCADA Cyber Security Certificate.pdfICS/SCADA Cyber Security Certificate.pdf
ICS/SCADA Cyber Security Certificate.pdfGiacomoCocozziello
 
Web Application Penetration Tester Extreme
Web Application Penetration Tester ExtremeWeb Application Penetration Tester Extreme
Web Application Penetration Tester ExtremeGiacomoCocozziello
 
Purple Teaming Fundamentals Cocozziello Giacomo.pdf
Purple Teaming Fundamentals Cocozziello Giacomo.pdfPurple Teaming Fundamentals Cocozziello Giacomo.pdf
Purple Teaming Fundamentals Cocozziello Giacomo.pdfGiacomoCocozziello
 
Secure_Wireless_LAN
Secure_Wireless_LANSecure_Wireless_LAN
Secure_Wireless_LANGiacomoCocozziello
 
OWASP API SECURITY TOP 10.pdf
OWASP API SECURITY TOP 10.pdfOWASP API SECURITY TOP 10.pdf
OWASP API SECURITY TOP 10.pdfGiacomoCocozziello
 
Network Simulation
Network SimulationNetwork Simulation
Network SimulationGiacomoCocozziello
 
CyberSecurity Asset Management (CSAM).pdf
CyberSecurity Asset Management (CSAM).pdfCyberSecurity Asset Management (CSAM).pdf
CyberSecurity Asset Management (CSAM).pdfGiacomoCocozziello
 
Certificate FortiDeceptor.pdf
Certificate FortiDeceptor.pdfCertificate FortiDeceptor.pdf
Certificate FortiDeceptor.pdfGiacomoCocozziello
 
Qualys API
Qualys APIQualys API
Qualys APIGiacomoCocozziello
 
Qualys Patch Management
Qualys Patch ManagementQualys Patch Management
Qualys Patch ManagementGiacomoCocozziello
 
eLearning Junior Penetration Testing
eLearning Junior Penetration TestingeLearning Junior Penetration Testing
eLearning Junior Penetration TestingGiacomoCocozziello
 
Cyber Threat Hunting Level 1
Cyber Threat Hunting Level 1Cyber Threat Hunting Level 1
Cyber Threat Hunting Level 1GiacomoCocozziello
 
Nozomi Networks Certified Engineer
Nozomi Networks Certified EngineerNozomi Networks Certified Engineer
Nozomi Networks Certified EngineerGiacomoCocozziello
 
Mitre attack defender mad attack for cyber threat intelligence
Mitre attack defender mad attack for cyber threat intelligenceMitre attack defender mad attack for cyber threat intelligence
Mitre attack defender mad attack for cyber threat intelligenceGiacomoCocozziello
 
Nozomi Networks Level 1 Technical Certification
Nozomi Networks Level 1 Technical CertificationNozomi Networks Level 1 Technical Certification
Nozomi Networks Level 1 Technical CertificationGiacomoCocozziello
 
NSE 2 Network Security Associate
NSE 2 Network Security Associate NSE 2 Network Security Associate
NSE 2 Network Security Associate GiacomoCocozziello
 
NSE 1 Network Security Associate
NSE 1 Network Security Associate NSE 1 Network Security Associate
NSE 1 Network Security Associate GiacomoCocozziello
 
Introduction to Cybersecurity Tools and Cyber Attacks
Introduction to Cybersecurity Tools and Cyber AttacksIntroduction to Cybersecurity Tools and Cyber Attacks
Introduction to Cybersecurity Tools and Cyber AttacksGiacomoCocozziello
 
Policy Compliance
Policy Compliance Policy Compliance
Policy Compliance GiacomoCocozziello
 
Web Application Scanning
Web Application Scanning Web Application Scanning
Web Application Scanning GiacomoCocozziello
 
Vulnerability Management Detection & Response
Vulnerability Management Detection & ResponseVulnerability Management Detection & Response
Vulnerability Management Detection & ResponseGiacomoCocozziello
 
Global IT Asset Inventory and Management
Global IT Asset Inventory and Management Global IT Asset Inventory and Management
Global IT Asset Inventory and Management GiacomoCocozziello
 
PCI Compliance
PCI Compliance PCI Compliance
PCI Compliance GiacomoCocozziello
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 

More Related Content

More from GiacomoCocozziello

CyberSecurity Asset Management (CSAM).pdf
CyberSecurity Asset Management (CSAM).pdfCyberSecurity Asset Management (CSAM).pdf
CyberSecurity Asset Management (CSAM).pdfGiacomoCocozziello
 
eLearning Junior Penetration Testing
eLearning Junior Penetration TestingeLearning Junior Penetration Testing
eLearning Junior Penetration TestingGiacomoCocozziello
 
Nozomi Networks Certified Engineer
Nozomi Networks Certified EngineerNozomi Networks Certified Engineer
Nozomi Networks Certified EngineerGiacomoCocozziello
 
Mitre attack defender mad attack for cyber threat intelligence
Mitre attack defender mad attack for cyber threat intelligenceMitre attack defender mad attack for cyber threat intelligence
Mitre attack defender mad attack for cyber threat intelligenceGiacomoCocozziello
 
Nozomi Networks Level 1 Technical Certification
Nozomi Networks Level 1 Technical CertificationNozomi Networks Level 1 Technical Certification
Nozomi Networks Level 1 Technical CertificationGiacomoCocozziello
 
NSE 2 Network Security Associate
NSE 2 Network Security Associate NSE 2 Network Security Associate
NSE 2 Network Security Associate GiacomoCocozziello
 
NSE 1 Network Security Associate
NSE 1 Network Security Associate NSE 1 Network Security Associate
NSE 1 Network Security Associate GiacomoCocozziello
 
Introduction to Cybersecurity Tools and Cyber Attacks
Introduction to Cybersecurity Tools and Cyber AttacksIntroduction to Cybersecurity Tools and Cyber Attacks
Introduction to Cybersecurity Tools and Cyber AttacksGiacomoCocozziello
 
Vulnerability Management Detection & Response
Vulnerability Management Detection & ResponseVulnerability Management Detection & Response
Vulnerability Management Detection & ResponseGiacomoCocozziello
 
Global IT Asset Inventory and Management
Global IT Asset Inventory and Management Global IT Asset Inventory and Management
Global IT Asset Inventory and Management GiacomoCocozziello
 

More from GiacomoCocozziello (17)

CyberSecurity Asset Management (CSAM).pdf
CyberSecurity Asset Management (CSAM).pdfCyberSecurity Asset Management (CSAM).pdf
CyberSecurity Asset Management (CSAM).pdf
 
Certificate FortiDeceptor.pdf
Certificate FortiDeceptor.pdfCertificate FortiDeceptor.pdf
Certificate FortiDeceptor.pdf
 
Qualys API
Qualys APIQualys API
Qualys API
 
Qualys Patch Management
Qualys Patch ManagementQualys Patch Management
Qualys Patch Management
 
eLearning Junior Penetration Testing
eLearning Junior Penetration TestingeLearning Junior Penetration Testing
eLearning Junior Penetration Testing
 
Cyber Threat Hunting Level 1
Cyber Threat Hunting Level 1Cyber Threat Hunting Level 1
Cyber Threat Hunting Level 1
 
Nozomi Networks Certified Engineer
Nozomi Networks Certified EngineerNozomi Networks Certified Engineer
Nozomi Networks Certified Engineer
 
Mitre attack defender mad attack for cyber threat intelligence
Mitre attack defender mad attack for cyber threat intelligenceMitre attack defender mad attack for cyber threat intelligence
Mitre attack defender mad attack for cyber threat intelligence
 
Nozomi Networks Level 1 Technical Certification
Nozomi Networks Level 1 Technical CertificationNozomi Networks Level 1 Technical Certification
Nozomi Networks Level 1 Technical Certification
 
NSE 2 Network Security Associate
NSE 2 Network Security Associate NSE 2 Network Security Associate
NSE 2 Network Security Associate
 
NSE 1 Network Security Associate
NSE 1 Network Security Associate NSE 1 Network Security Associate
NSE 1 Network Security Associate
 
Introduction to Cybersecurity Tools and Cyber Attacks
Introduction to Cybersecurity Tools and Cyber AttacksIntroduction to Cybersecurity Tools and Cyber Attacks
Introduction to Cybersecurity Tools and Cyber Attacks
 
Policy Compliance
Policy Compliance Policy Compliance
Policy Compliance
 
Web Application Scanning
Web Application Scanning Web Application Scanning
Web Application Scanning
 
Vulnerability Management Detection & Response
Vulnerability Management Detection & ResponseVulnerability Management Detection & Response
Vulnerability Management Detection & Response
 
Global IT Asset Inventory and Management
Global IT Asset Inventory and Management Global IT Asset Inventory and Management
Global IT Asset Inventory and Management
 
PCI Compliance
PCI Compliance PCI Compliance
PCI Compliance
 

Recently uploaded

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 

Recently uploaded (20)

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365