For years the LAMP (Linux, Apache, MySQL, PHP) stack was the de facto for a large portion of the web applications powering the internet. However, times change and it is being replaced by a new stack utilizing MongoDB, ExpressJS, AngularJS, and NodeJS (MEAN). The MEAN stack makes traditional vulnerabilities hard to exploit and even non-existent, but with new technology comes new vulnerabilities. In this workshop we look at various issues that affect these frameworks and how to test for them.
Industrial Control Systems (ICS) are the silent machines that control the world all around us. ICS systems are used to control elevators, subways, building HVAC systems and the electricity we use. The convergence of information technology (IT) and operational technology (OT) in the ICS marketplace has been taking place over the last 20 years. This convergence, while increasing ICS operational efficiency, is also increasing cyber risk. In this course, you will learn about how to identify the protocols being used in OT networks, how to decode them and the tools and procedures to perform network assessments on these networks.
AGENDA:
1. Control System Defined
2. Control System Networks vs IT Networks (CIA vs AIC)
3. Overview of Control System vendors/protocols
4. What's available for ICS Systems in Wireshark and Kali Linux?
5. LAB: How to Decode Modbus
6. LAB: Sniffing and Assessing an ICS Network
REQUIREMENTS: Students should bring the a Llaptop with VM Workstation and Wireshark installed.