Ethically Hacking an Industrial Control System: Analyzing, Exploiting, Mitigating, and Safeguarding Industrial Processes for an Ethical Hacker

  • 3h 6m
  • Sharon Ferrone
  • BPB Publications
  • 2022


  • Learn how to defend industrial control systems from an attacking standpoint.
  • Learn about industrial network protocols and threat hunting.
  • Handling of tackle industrial cyber risks
  • Develop offensive and defensive skills.


In recent years, the industrial cybersecurity arena has risen dramatically. Red teams must be used to continually test and exploit the security integrity of a company's people, processes, and products in order to completely safeguard critical infrastructure. This pen testing book takes a different approach than most by assisting you in gaining hands-on experience with equipment you'll encounter in the field. This will allow you to comprehend how industrial equipment interacts and functions in a real-world setting.

This book begins by covering the fundamentals of industrial processes, then goes on to learn how to design and break them. It also includes obtaining open-source intelligence to develop a dangerous environment for your potential customer. You'll learn how to install and employ offensive tactics used by skilled hackers as you go. Before eventually launching assaults against systems in an industrial network, you'll learn about industrial equipment, port, and service discovery, pivoting, and much more.

You'll not only know how to evaluate and navigate the nuances of an industrial control system (ICS) by the conclusion of this penetration testing book, but you'll also have gained crucial offensive and defensive skills to proactively safeguard industrial networks from current assaults.


  • Set up an ICS lab with both physical and virtual equipment using a beginning kit.
  • Perform pre-engagement open-source intel collection to aid in the mapping of your attack landscape.
  • Learn how to do penetration testing on industrial equipment using Standard Operating Procedures (SOPs).
  • Recognize the necessity of listening to customer networks and the concepts of traffic stretching.
  • Learn the fundamentals of ICS communication.
  • Connect engineering workstations and supervisory control
  • Connect data acquisition (SCADA) software to physical operational technologies.
  • Learn how to map web-based SCADA solutions using directory scanning tools.


This book is intended for an ethical hacker, penetration tester, automation engineer, or IT security expert who wants to keep industrial networks safe from intruders. You'll get the most out of this book if you have a basic grasp of cybersecurity and recent cyber incidents.

About the Author

Sharon Ferrone has spent over three decades working in the automation control industry, solving "red herring" difficulties. He's dealt with a variety of challenges, including measurement discrepancies caused by flare sensor saturation, database transfer errors, and more. He is self Learned CISSP and CFE and has completed Cyber-Security, Cyber-Forensic, International Cyber Law, Fraud Control from the Asian School of Cyber Law.

In this Book

  • Preface
  • Errata
  • Using Virtualization
  • Route the Hardware
  • Installation and Lab Setup
  • Open-Source Ninja
  • SPANs and TAP
  • Packet Deep Dive
  • Scanning 101
  • Protocols 202
  • Ninja 308
  • I Can Do It 420
  • Whoot… I Have To Go Deep