SlideShare a Scribd company logo

Practical Industrial Control System Penetration Testing

G
GiacomoCocozziello

The pentesting of ICS cannot be compared to the typical pentesting of the IT world. Industrial plants need to be continuously available and hardly any plant operator wants to risk a production stop. Typically, security testing is performed at the lowest or second lowest aggressiveness level. So if you are hoping to pwn your device with buffer overflows, kernel exploits, privilege escalation and root shells, you are in the wrong place.

Technology
1 of 1
Practical Industrial Control System Penetration Testing

Recommended

Certificate CRTE (certified Red Team Expert).pdf
Certificate CRTE (certified Red Team Expert).pdfCertificate CRTE (certified Red Team Expert).pdf
Certificate CRTE (certified Red Team Expert).pdfGiacomoCocozziello
 
Effective classification of android malware families through dynamic features...
Effective classification of android malware families through dynamic features...Effective classification of android malware families through dynamic features...
Effective classification of android malware families through dynamic features...GiacomoCocozziello
 
ICS/SCADA Cyber Security Certificate.pdf
ICS/SCADA Cyber Security Certificate.pdfICS/SCADA Cyber Security Certificate.pdf
ICS/SCADA Cyber Security Certificate.pdfGiacomoCocozziello
 
Web Application Penetration Tester Extreme
Web Application Penetration Tester ExtremeWeb Application Penetration Tester Extreme
Web Application Penetration Tester ExtremeGiacomoCocozziello
 
Purple Teaming Fundamentals Cocozziello Giacomo.pdf
Purple Teaming Fundamentals Cocozziello Giacomo.pdfPurple Teaming Fundamentals Cocozziello Giacomo.pdf
Purple Teaming Fundamentals Cocozziello Giacomo.pdfGiacomoCocozziello
 
Secure_Wireless_LAN
Secure_Wireless_LANSecure_Wireless_LAN
Secure_Wireless_LANGiacomoCocozziello
 
OWASP API SECURITY TOP 10.pdf
OWASP API SECURITY TOP 10.pdfOWASP API SECURITY TOP 10.pdf
OWASP API SECURITY TOP 10.pdfGiacomoCocozziello
 
Network Simulation
Network SimulationNetwork Simulation
Network SimulationGiacomoCocozziello
 

Recommended

Certificate CRTE (certified Red Team Expert).pdf
Certificate CRTE (certified Red Team Expert).pdfCertificate CRTE (certified Red Team Expert).pdf
Certificate CRTE (certified Red Team Expert).pdfGiacomoCocozziello
 
Effective classification of android malware families through dynamic features...
Effective classification of android malware families through dynamic features...Effective classification of android malware families through dynamic features...
Effective classification of android malware families through dynamic features...GiacomoCocozziello
 
ICS/SCADA Cyber Security Certificate.pdf
ICS/SCADA Cyber Security Certificate.pdfICS/SCADA Cyber Security Certificate.pdf
ICS/SCADA Cyber Security Certificate.pdfGiacomoCocozziello
 
Web Application Penetration Tester Extreme
Web Application Penetration Tester ExtremeWeb Application Penetration Tester Extreme
Web Application Penetration Tester ExtremeGiacomoCocozziello
 
Purple Teaming Fundamentals Cocozziello Giacomo.pdf
Purple Teaming Fundamentals Cocozziello Giacomo.pdfPurple Teaming Fundamentals Cocozziello Giacomo.pdf
Purple Teaming Fundamentals Cocozziello Giacomo.pdfGiacomoCocozziello
 
Secure_Wireless_LAN
Secure_Wireless_LANSecure_Wireless_LAN
Secure_Wireless_LANGiacomoCocozziello
 
OWASP API SECURITY TOP 10.pdf
OWASP API SECURITY TOP 10.pdfOWASP API SECURITY TOP 10.pdf
OWASP API SECURITY TOP 10.pdfGiacomoCocozziello
 
Network Simulation
Network SimulationNetwork Simulation
Network SimulationGiacomoCocozziello
 
CyberSecurity Asset Management (CSAM).pdf
CyberSecurity Asset Management (CSAM).pdfCyberSecurity Asset Management (CSAM).pdf
CyberSecurity Asset Management (CSAM).pdfGiacomoCocozziello
 
Certificate FortiDeceptor.pdf
Certificate FortiDeceptor.pdfCertificate FortiDeceptor.pdf
Certificate FortiDeceptor.pdfGiacomoCocozziello
 
Qualys API
Qualys APIQualys API
Qualys APIGiacomoCocozziello
 
Qualys Patch Management
Qualys Patch ManagementQualys Patch Management
Qualys Patch ManagementGiacomoCocozziello
 
eLearning Junior Penetration Testing
eLearning Junior Penetration TestingeLearning Junior Penetration Testing
eLearning Junior Penetration TestingGiacomoCocozziello
 
Cyber Threat Hunting Level 1
Cyber Threat Hunting Level 1Cyber Threat Hunting Level 1
Cyber Threat Hunting Level 1GiacomoCocozziello
 
Nozomi Networks Certified Engineer
Nozomi Networks Certified EngineerNozomi Networks Certified Engineer
Nozomi Networks Certified EngineerGiacomoCocozziello
 
Mitre attack defender mad attack for cyber threat intelligence
Mitre attack defender mad attack for cyber threat intelligenceMitre attack defender mad attack for cyber threat intelligence
Mitre attack defender mad attack for cyber threat intelligenceGiacomoCocozziello
 
Nozomi Networks Level 1 Technical Certification
Nozomi Networks Level 1 Technical CertificationNozomi Networks Level 1 Technical Certification
Nozomi Networks Level 1 Technical CertificationGiacomoCocozziello
 
NSE 2 Network Security Associate
NSE 2 Network Security Associate NSE 2 Network Security Associate
NSE 2 Network Security Associate GiacomoCocozziello
 
NSE 1 Network Security Associate
NSE 1 Network Security Associate NSE 1 Network Security Associate
NSE 1 Network Security Associate GiacomoCocozziello
 
Introduction to Cybersecurity Tools and Cyber Attacks
Introduction to Cybersecurity Tools and Cyber AttacksIntroduction to Cybersecurity Tools and Cyber Attacks
Introduction to Cybersecurity Tools and Cyber AttacksGiacomoCocozziello
 
Policy Compliance
Policy Compliance Policy Compliance
Policy Compliance GiacomoCocozziello
 
Web Application Scanning
Web Application Scanning Web Application Scanning
Web Application Scanning GiacomoCocozziello
 
Vulnerability Management Detection & Response
Vulnerability Management Detection & ResponseVulnerability Management Detection & Response
Vulnerability Management Detection & ResponseGiacomoCocozziello
 
Global IT Asset Inventory and Management
Global IT Asset Inventory and Management Global IT Asset Inventory and Management
Global IT Asset Inventory and Management GiacomoCocozziello
 
PCI Compliance
PCI Compliance PCI Compliance
PCI Compliance GiacomoCocozziello
 
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...ScyllaDB
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMKumar Satyam
 
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)Paige Cruz
 
Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on ThanabotsContinuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on ThanabotsLeah Henrickson
 
Vector Search @ sw2con for slideshare.pptx
Vector Search @ sw2con for slideshare.pptxVector Search @ sw2con for slideshare.pptx
Vector Search @ sw2con for slideshare.pptxjbellis
 

More Related Content

More from GiacomoCocozziello

CyberSecurity Asset Management (CSAM).pdf
CyberSecurity Asset Management (CSAM).pdfCyberSecurity Asset Management (CSAM).pdf
CyberSecurity Asset Management (CSAM).pdfGiacomoCocozziello
 
eLearning Junior Penetration Testing
eLearning Junior Penetration TestingeLearning Junior Penetration Testing
eLearning Junior Penetration TestingGiacomoCocozziello
 
Nozomi Networks Certified Engineer
Nozomi Networks Certified EngineerNozomi Networks Certified Engineer
Nozomi Networks Certified EngineerGiacomoCocozziello
 
Mitre attack defender mad attack for cyber threat intelligence
Mitre attack defender mad attack for cyber threat intelligenceMitre attack defender mad attack for cyber threat intelligence
Mitre attack defender mad attack for cyber threat intelligenceGiacomoCocozziello
 
Nozomi Networks Level 1 Technical Certification
Nozomi Networks Level 1 Technical CertificationNozomi Networks Level 1 Technical Certification
Nozomi Networks Level 1 Technical CertificationGiacomoCocozziello
 
NSE 2 Network Security Associate
NSE 2 Network Security Associate NSE 2 Network Security Associate
NSE 2 Network Security Associate GiacomoCocozziello
 
NSE 1 Network Security Associate
NSE 1 Network Security Associate NSE 1 Network Security Associate
NSE 1 Network Security Associate GiacomoCocozziello
 
Introduction to Cybersecurity Tools and Cyber Attacks
Introduction to Cybersecurity Tools and Cyber AttacksIntroduction to Cybersecurity Tools and Cyber Attacks
Introduction to Cybersecurity Tools and Cyber AttacksGiacomoCocozziello
 
Vulnerability Management Detection & Response
Vulnerability Management Detection & ResponseVulnerability Management Detection & Response
Vulnerability Management Detection & ResponseGiacomoCocozziello
 
Global IT Asset Inventory and Management
Global IT Asset Inventory and Management Global IT Asset Inventory and Management
Global IT Asset Inventory and Management GiacomoCocozziello
 

More from GiacomoCocozziello (17)

CyberSecurity Asset Management (CSAM).pdf
CyberSecurity Asset Management (CSAM).pdfCyberSecurity Asset Management (CSAM).pdf
CyberSecurity Asset Management (CSAM).pdf
 
Certificate FortiDeceptor.pdf
Certificate FortiDeceptor.pdfCertificate FortiDeceptor.pdf
Certificate FortiDeceptor.pdf
 
Qualys API
Qualys APIQualys API
Qualys API
 
Qualys Patch Management
Qualys Patch ManagementQualys Patch Management
Qualys Patch Management
 
eLearning Junior Penetration Testing
eLearning Junior Penetration TestingeLearning Junior Penetration Testing
eLearning Junior Penetration Testing
 
Cyber Threat Hunting Level 1
Cyber Threat Hunting Level 1Cyber Threat Hunting Level 1
Cyber Threat Hunting Level 1
 
Nozomi Networks Certified Engineer
Nozomi Networks Certified EngineerNozomi Networks Certified Engineer
Nozomi Networks Certified Engineer
 
Mitre attack defender mad attack for cyber threat intelligence
Mitre attack defender mad attack for cyber threat intelligenceMitre attack defender mad attack for cyber threat intelligence
Mitre attack defender mad attack for cyber threat intelligence
 
Nozomi Networks Level 1 Technical Certification
Nozomi Networks Level 1 Technical CertificationNozomi Networks Level 1 Technical Certification
Nozomi Networks Level 1 Technical Certification
 
NSE 2 Network Security Associate
NSE 2 Network Security Associate NSE 2 Network Security Associate
NSE 2 Network Security Associate
 
NSE 1 Network Security Associate
NSE 1 Network Security Associate NSE 1 Network Security Associate
NSE 1 Network Security Associate
 
Introduction to Cybersecurity Tools and Cyber Attacks
Introduction to Cybersecurity Tools and Cyber AttacksIntroduction to Cybersecurity Tools and Cyber Attacks
Introduction to Cybersecurity Tools and Cyber Attacks
 
Policy Compliance
Policy Compliance Policy Compliance
Policy Compliance
 
Web Application Scanning
Web Application Scanning Web Application Scanning
Web Application Scanning
 
Vulnerability Management Detection & Response
Vulnerability Management Detection & ResponseVulnerability Management Detection & Response
Vulnerability Management Detection & Response
 
Global IT Asset Inventory and Management
Global IT Asset Inventory and Management Global IT Asset Inventory and Management
Global IT Asset Inventory and Management
 
PCI Compliance
PCI Compliance PCI Compliance
PCI Compliance
 

Recently uploaded

Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...ScyllaDB
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMKumar Satyam
 
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)Paige Cruz
 
Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on ThanabotsContinuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on ThanabotsLeah Henrickson
 
Vector Search @ sw2con for slideshare.pptx
Vector Search @ sw2con for slideshare.pptxVector Search @ sw2con for slideshare.pptx
Vector Search @ sw2con for slideshare.pptxjbellis
 
JavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate GuideJavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate GuidePixlogix Infotech
 
Microsoft CSP Briefing Pre-Engagement - Questionnaire
Microsoft CSP Briefing Pre-Engagement - QuestionnaireMicrosoft CSP Briefing Pre-Engagement - Questionnaire
Microsoft CSP Briefing Pre-Engagement - QuestionnaireExakis Nelite
 
Intro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptxIntro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptxFIDO Alliance
 
Navigating the Large Language Model choices_Ravi Daparthi
Navigating the Large Language Model choices_Ravi DaparthiNavigating the Large Language Model choices_Ravi Daparthi
Navigating the Large Language Model choices_Ravi DaparthiRaviKumarDaparthi
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAnitaRaj43
 
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...Skynet Technologies
 
Microsoft BitLocker Bypass Attack Method.pdf
Microsoft BitLocker Bypass Attack Method.pdfMicrosoft BitLocker Bypass Attack Method.pdf
Microsoft BitLocker Bypass Attack Method.pdfOverkill Security
 
How to Check GPS Location with a Live Tracker in Pakistan
How to Check GPS Location with a Live Tracker in PakistanHow to Check GPS Location with a Live Tracker in Pakistan
How to Check GPS Location with a Live Tracker in Pakistandanishmna97
 
State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!Memoori
 
الأمن السيبراني - ما لا يسع للمستخدم جهله
الأمن السيبراني - ما لا يسع للمستخدم جهلهالأمن السيبراني - ما لا يسع للمستخدم جهله
الأمن السيبراني - ما لا يسع للمستخدم جهلهMohamed Sweelam
 
How to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfHow to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfdanishmna97
 
(Explainable) Data-Centric AI: what are you explaininhg, and to whom?
(Explainable) Data-Centric AI: what are you explaininhg, and to whom?(Explainable) Data-Centric AI: what are you explaininhg, and to whom?
(Explainable) Data-Centric AI: what are you explaininhg, and to whom?Paolo Missier
 
Design and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data ScienceDesign and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data SciencePaolo Missier
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard37
 

Recently uploaded (20)

Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
 
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
Observability Concepts EVERY Developer Should Know (DevOpsDays Seattle)
 
Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on ThanabotsContinuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
 
Vector Search @ sw2con for slideshare.pptx
Vector Search @ sw2con for slideshare.pptxVector Search @ sw2con for slideshare.pptx
Vector Search @ sw2con for slideshare.pptx
 
JavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate GuideJavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate Guide
 
Microsoft CSP Briefing Pre-Engagement - Questionnaire
Microsoft CSP Briefing Pre-Engagement - QuestionnaireMicrosoft CSP Briefing Pre-Engagement - Questionnaire
Microsoft CSP Briefing Pre-Engagement - Questionnaire
 
Intro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptxIntro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptx
 
Navigating the Large Language Model choices_Ravi Daparthi
Navigating the Large Language Model choices_Ravi DaparthiNavigating the Large Language Model choices_Ravi Daparthi
Navigating the Large Language Model choices_Ravi Daparthi
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
Human Expert Website Manual WCAG 2.0 2.1 2.2 Audit - Digital Accessibility Au...
 
Microsoft BitLocker Bypass Attack Method.pdf
Microsoft BitLocker Bypass Attack Method.pdfMicrosoft BitLocker Bypass Attack Method.pdf
Microsoft BitLocker Bypass Attack Method.pdf
 
How to Check GPS Location with a Live Tracker in Pakistan
How to Check GPS Location with a Live Tracker in PakistanHow to Check GPS Location with a Live Tracker in Pakistan
How to Check GPS Location with a Live Tracker in Pakistan
 
State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!
 
الأمن السيبراني - ما لا يسع للمستخدم جهله
الأمن السيبراني - ما لا يسع للمستخدم جهلهالأمن السيبراني - ما لا يسع للمستخدم جهله
الأمن السيبراني - ما لا يسع للمستخدم جهله
 
How to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfHow to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cf
 
(Explainable) Data-Centric AI: what are you explaininhg, and to whom?
(Explainable) Data-Centric AI: what are you explaininhg, and to whom?(Explainable) Data-Centric AI: what are you explaininhg, and to whom?
(Explainable) Data-Centric AI: what are you explaininhg, and to whom?
 
Design and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data ScienceDesign and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data Science
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx