OT_Resource_List

My personal OT resource list, gathered through research and internet adventures.

Information

If you are here to search for resources and mass information on different protocols and concepts, I advise you to go directly to the sections ics_ressource_pcap_dataset_collection, ICS_Lab_Setup_And_Hacking_Tutorial, and ICS_news_outlet.

The rest is just a compilation of my own research. If you are interested, an HTML bookmark file, usable on Firefox, is available.

Sections:

OT_Resource_List
- Information
- Sections:

ICS_challenge

Title	Description
Labtainer Lab Summary - Center for Cybersecurity and Cyber Operations - Naval Postgraduate School
SANS Dragos CTF 2023 Event
Play Now with BOTS Partner Experiences: Dragos Splunk
WRITE UP: Color Plant 1+2 (Misc) - FCSC2022
Hack a Sat challenge

ICS_OSINT

Title	Description
Shadowservers world map of OT equipment 1
ICSRANK	Query for search ICS equipent on public ip vrowse

public ip browser

Title	Description
Hunto IP browser	shodan like IP browser but chinese
FOFA IP brower	Little browser of shodan
Shodan
Zoomeye	best IP search engine on the east side of the world
censys
Onyphe	French shodan like , that is really interesting

IP browser api automations tool

Title	Description
API base cli search for zoomeye
API base cli search for FOFA
API base cli search for IP browser
API base cli search for shodan and other

ICS_CERT

Title	Description
CERT Siemens
CERT ABB Group
CERT Schneider
Dragos CVE disclosure	Dragos CVE Discosure

ICS_Protocol

Title	Description
IEC 61131-3 - Wikipedia
TCF - Eclipsepedia
ascolab GmbH
Wireshark Foundation / wireshark · GitLab
BACnet stack - open source BACnet protocol stack
Current list of all used apps with OPC UA compliance
Industrial Cyber, Efficiently monitor the cybersecurity posture of your IC environment	Pascal Ackerman, Packet editions
Overall Ethernet protocol usage and specifications for Allan Bradley PLC
Official page for programming parameters of snap 7 on the LOGO! 8

ics_ressource_pcap_dataset_collection

Title	Description
Resource collections for beginners	Security-oriented list of resources about industrial network protocols
ICSCSI - Library of Resources for Industrial Control System Cyber Security
Orange-Cyberdefense/awesome-industrial-protocols
PCAP Archive ICS Defense
MITRE ICS matrix
OpenPLC Project
Traffic captures between STEP7 WinCC and S7-300/S7-400 PLCs
Electra dataset, aggregations of multiple big PCAP
OPC UA DATASET	The OPC UA CSV source file can be downloaded here. You can also find it in the IEEE DataPort.The generation of the dataset containing OPC UA traffic was possible due to the setup and execution of a laboratory CPPS testbed. This CPPS uses OPC UA standard for horizontal and vertical communications. Regarding the CPPS testbed setup, it consists on seven nodes in the network, as represented in the next Figure.
OPC UA DARASET	Dataset to "Easing the Conscience with OPC UA: An Internet-Wide Study on Insecure Deployments"
Cloudshark mofbus bcap	online pcap containng modbus and ICP protocol

ICS_Security_paper_and_conference

Title	Description
The Spear To Break The Security Wall Of S7CommPlus
Europe's 2022 Energy Sector: the Cyber Threats landscape - Citalid
SANS ICS Security - Control Systems Are a Target.pdf
Principles of Information Security, 5th ed. - Principles of Information Security (PDFDrive)
Industrial Control System Security - Top 10 Threats and Countermeasures 2016
ICS Honeypot System (CamouflageNet) Based on Attacker's Human Factors - ScienceDirect
CCE-Phase-1-4-Reference-Document.pdf
DEF CON 26 - Thiago Alves - Hacking PLCs and Causing Havoc on Critical Infrastructures - YouTube
Reverse of a Schneider network protocol by Biero Llagas - Medium
Grehack - Paper - Industrial Control Systems Dynamic Code Injection.pdf

AMNESIA:33 How TCP/IP Stacks Breed Critical Vulnerabilities in IoT, OT and IT Devices
Towards High-Interaction Virtual ICS Honeypots-in-a-Box
Pwn2Own Miami 2022: OPC UA .NET Standard Trusted Application Check Bypass
Siemens Trust Center PKI
HTB ICS network segmentation	Learn about the Purdue Model of ICS network segmentation from Hack The Box's ICS expert Barry "8balla" Murrell.
CVE-2019-12480 article releated	article on how they have discover the vulnerability (spoiler by fuzzing)
Article by forescout	Clearing the Fog of War – A critical analysis of recent energy sector cyberattacks in Denmark and Ukraine
Paper on PLC attack detections and forensic	A Survey on Programmable Logic Controller Vulnerabilities, Attacks, Detections, and Forensics
Compromising Industrial Processes using Web-Based Programmable Logic Controller Malware
CWE Industrial Control System and Operational Technology Special Interest Group	While IT has an extant body of work related to identifying and classifying security weaknesses, IT and ICS/OT are different, and existing IT classifications are not always useful in describing and managing security weaknesses in ICS/OT systems. Addressing this gap will help all stakeholders communicate more efficiently and effectively and promote a unity of effort in identifying and mitigating ICS/OT security weaknesses, especially in critical infrastructure.

ICS_Tool_And_PLC_Emulator

Title	Description
FUXA: Web-based Process Visualization (SCADA/HMI/Dashboard) software
ScadaBR
ControlThings.io - Tools
NetToPLCSim download SourceForge.net
MHJ-Software EN - comdrvs7
DNP3 OPC Server Configuration Guide
IOServer - Interface to multiple protocols through a single OPC Server
OpenPLC V3 - Docker Image Docker Hub
HoneyPLC: High-interaction Honeypot for PLCs and Industrial Control Systems
Parallel DNP3 slave simulator
Download Free Trial Version – DNP3, MODBUS, OPC Client & Server Simulator
OpenPLC Server - Docker Image Docker Hub
The World's Most Popular Allen-Bradley PLC Simulator
Modifier Conpot of multiple ICS protocols
ICS Development Kits.	Downloadable SDK for multiple Protocol (very cool)

ICS_Lab_Setup_And_Hacking_Tutorial

Title	Description
How to connect Open PLC with Factory I/O - YouTube
Virtual Industrial Cybersecurity Lab archivos - Rodrigo Cantera
How to set up an OT analysis lab. by biero llagas Medium
Let’s Call It a Day — Virtual SCADA Hacking with GRFICSv2 Part 1
Fortiphyd Logic - YouTube
Going Out With a Bang — Virtual SCADA Hacking with GRFICSv2 Part 2
PLC Hacking (Pt. 1) Redfox Security
Rapid SCADA website	Rapid SCADA is an open source industrial automation platform. The out of the box software provides tools for rapid creation of monitoring and control systems. In case of large implementation, Rapid SCADA is used as a core for development of custom SCADA and MES solutions for a Customer.
Investigations challenge on ICS equipement	investigate dammage related ICS cyberattack

Hardware

Title	Description
https://falstad.com/circuit/circuitjs.html
IC Logos Elnec
An Affordable And Programmable PLC Hackaday

ICS_Training

Title	Description
ICS Training Calendar CISA
ICS 301v Review · Aaron Hoffmann
HOME Dean Parsons
Assessing and exploiting control systems IIOT
Global Industrial Cyber Security Professional (GICSP)
ICS Cyber conference	Some conference for ICS

ICS_General_Information

Title	Description
Industrial Automation Abbreviation Acronyms – PLC Tutorial Point
Major PLC manufacturers and PLC Software’s List – PLC Tutorial Point
MrM8BRH GitHub user resource list

ICS_Protocol_Parameter

Title	Description
M256-Automation/PLCnext-Useful-Commands: A list of useful commands on PLCnext terminal
Modbus functions code explanations

ICS_job

Title	Description
GRIMM company job board

ICS_book

Title	Description
ISC security monitoring from Packt (second edition)	ICS security from Packt written by Pascal Ackerman, second edition
ICS field book	basic but useful stuff
Industrial Network Security : Securing critical infrastructure network	The best book you can find yet (from personal experience)
SCADA for Relay Technicians

ICS_news_article

Title	Description
OPC UA Deep Dive: A Complete Guide to the OPC UA Attack Surface - Claroty
Evil PLC Attack: Weaponizing PLCs - Claroty
siemens simatic exploit article	Experts found undocumented access feature in Siemens SIMATIC PLCs
Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology
Russian RE Modicon PLC	Some Russian who reverse-engineered the Modicon PLC from Schneider
Assessing the BACnet Control System Vulnerability - Dragos
Article about offensive onsint on OT equipement	Offensive OSINT s01e04 - Intelligence gathering on critical infrastructure in Southeast Asia
Nozomi Hour november 2023
OT Hunt: Finding ICS/OT with ZoomEye	not that incredible article but it can help

ICS_news_outlet

Title	Description
Scadafence blog panel	very interesting recommend checking it out
The only Scadahacker blog
Ruscadasec telegram	Russian SCADA news telegram
Iranian ICS news telegram	Iranian/Persian telegram ICS-related news
Article about offensive onsint on OT equipement?	Offensive OSINT s01e04 - Intelligence gathering on critical infrastructure in Southeast Asia
Offensive OSINT blog news	From the creator of KAMERKA
Good old Hackernews
Securityweek news OT/ICS sections	Securityweek news OT/ICS sections
Security affair
Japanese cyber ICS/OT news
FBI Internet Crime Complaint Center (IC3)

ICS_Requirement-guide_and_standart

Title	Description
DOD requirement propositions	DEPARTMENT OF DEFENSE CONTROL SYSTEMS SECURITY REQUIREMENTS GUIDE
OPCUA security German state of the art
OPC UA Security Analysis	OPC UA Security Analysis from the Gemran Goevernement
IRG on Water sector	Incident Response Guide Water and Wastewater Sector
IACS System Testing and Assessment Rating Score Calculator	Method to asses and note vulnerability

ICS_Monitoring_equipement

Title	Description
STORMSHIELD-SNi40-Datasheet
checkpoint 1570R-rugged-security-gateway-datashee
Nozomie Network Solutions
SIGASEC	monitoring solutions for OT network ?

About

My personal OT resource list, gather throughout research and internet adventure.

Languages

Language:HTML 100.0%