Normal (> 13th Jan): EUR3999
Seats Available: REGISTRATION CLOSED
Overview
ICS/SCADA systems including power plants, factories, and transportation systems are some of the most critical systems in use today. There are lots of vulnerabilities in SCADA systems that lie within not only the core protocols but also specific product vulnerabilities and and network structures could expose an installation to attacks far more complex than traditional networks. This 3-day course has everything you need to take SCADA systems apart, examine them for inherent weaknesses and plan on how to protect these facilities – many of which are ‘unpatchable’.
This three days course caters to security professionals who wish to explore ICS/SCADA systems and will take them from the fundamentals of SCADA security up to more advanced techniques. You will come away with the knowledge needed to perform real-world penetration tests against SCADA installations and find your own 0-day vulnerabilities in SCADA environments.
All subjects in this course are taught using actual SCADA products and miniaturized SCADA systems for visualization.
Who should attend
Red Team members, who want to pen-test ICS/SCADA system.
ICS/SCADA Bug Hunters, who want to write exploits for all the crashes they find.
Members of military or government cyberwarfare units.
Penetration testers tasked with bypassing air-gap
Prerequisite Knowledge
Basic knowledge of Fuzzing & System Hacking
Basic knowledge of programming (C, python) would be a plus
Understanding of network and basic knowledge of TCP/IP
Hardware / Software Requirements
A modern laptop (8gb ram and 20gb free space min)
Agenda
Day 01: Overview of ICS, Protocols & More
ICS/SCADA Architecture
ICS/SCADA Components
Scanning and Web Hacking on HMI/PLC
Incident Cases Study
Product Vulnerabilities (1-Day)
Day 02: Bypassing the Airgap
Network Protocols for ICS/SCADA
ICS Network Analysis for SCADA
Bypassing the Air Gap with HackRF, BadUSB, BadDNS and others
Pentest the power plant and rail system (0-day))
Day 03: Forensics, Fuzzing & Beyond
SCADA Network forensic
Fuzzing the ICS/SCADA Interface
Fuzzing the PLC Software
Fuzzing the ICS/SCADA Protocol
Sharing real world 0-day cases with trainees.
We will also provide trainees with access to our Cyber-War game system. This is a cyber drill simulation for ICS/SCADA hacking demonstrations and trainees will be able to evaluate their skill and knowledge with our system using our real-time ‘cyber-war’ simulation that includes a live score board! Trust us, You’ll love it!
#gallery-1 {
margin: auto;
}
#gallery-1 .gallery-item {
float: left;
margin-top: 10px;
text-align: center;
width: 50%;
}
#gallery-1 img {
border: 2px solid #cfcfcf;
}
#gallery-1 .gallery-caption {
margin-left: 0;
}
/* see gallery_shortcode() in wp-includes/media.php */