My personal OT resource list, gathered through research and internet adventures.
If you are here to search for resources and mass information on different protocols and concepts, I advise you to go directly to the sections ics_ressource_pcap_dataset_collection, ICS_Lab_Setup_And_Hacking_Tutorial, and ICS_news_outlet.
The rest is just a compilation of my own research. If you are interested, an HTML bookmark file, usable on Firefox, is available.
- OT_Resource_List
- Information
- Sections:
- ICS_challenge
- ICS_OSINT
- public ip browser
- IP browser api automations tool
- ICS_CERT
- ICS_Protocol
- ics_ressource_pcap_dataset_collection
- ICS_Security_paper_and_conference
- ICS_Tool_And_PLC_Emulator
- ICS_Lab_Setup_And_Hacking_Tutorial
- Hardware
- ICS_Training
- ICS_General_Information
- ICS_Protocol_Parameter
- ICS_job
- ICS_book
- ICS_news_article
- ICS_news_outlet
- ICS_Requirement-guide_and_standart
- ICS_Monitoring_equipement
Title | Description |
---|---|
Shadowservers world map of OT equipment 1 | |
ICSRANK | Query for search ICS equipent on public ip vrowse |
Title | Description |
---|---|
Hunto IP browser | shodan like IP browser but chinese |
FOFA IP brower | Little browser of shodan |
Shodan | |
Zoomeye | best IP search engine on the east side of the world |
censys | |
Onyphe | French shodan like , that is really interesting |
Title | Description |
---|---|
API base cli search for zoomeye | |
API base cli search for FOFA | |
API base cli search for IP browser | |
API base cli search for shodan and other |
Title | Description |
---|---|
CERT Siemens | |
CERT ABB Group | |
CERT Schneider | |
Dragos CVE disclosure | Dragos CVE Discosure |
Title | Description |
---|---|
Resource collections for beginners | Security-oriented list of resources about industrial network protocols |
ICSCSI - Library of Resources for Industrial Control System Cyber Security | |
Orange-Cyberdefense/awesome-industrial-protocols | |
PCAP Archive ICS Defense | |
MITRE ICS matrix | |
OpenPLC Project | |
Traffic captures between STEP7 WinCC and S7-300/S7-400 PLCs | |
Electra dataset, aggregations of multiple big PCAP | |
OPC UA DATASET | The OPC UA CSV source file can be downloaded here. You can also find it in the IEEE DataPort.The generation of the dataset containing OPC UA traffic was possible due to the setup and execution of a laboratory CPPS testbed. This CPPS uses OPC UA standard for horizontal and vertical communications. Regarding the CPPS testbed setup, it consists on seven nodes in the network, as represented in the next Figure. |
OPC UA DARASET | Dataset to "Easing the Conscience with OPC UA: An Internet-Wide Study on Insecure Deployments" |
Cloudshark mofbus bcap | online pcap containng modbus and ICP protocol |
Title | Description |
---|---|
How to connect Open PLC with Factory I/O - YouTube | |
Virtual Industrial Cybersecurity Lab archivos - Rodrigo Cantera | |
How to set up an OT analysis lab. by biero llagas Medium | |
Let’s Call It a Day — Virtual SCADA Hacking with GRFICSv2 Part 1 | |
Fortiphyd Logic - YouTube | |
Going Out With a Bang — Virtual SCADA Hacking with GRFICSv2 Part 2 | |
PLC Hacking (Pt. 1) Redfox Security | |
Rapid SCADA website | Rapid SCADA is an open source industrial automation platform. The out of the box software provides tools for rapid creation of monitoring and control systems. In case of large implementation, Rapid SCADA is used as a core for development of custom SCADA and MES solutions for a Customer. |
Investigations challenge on ICS equipement | investigate dammage related ICS cyberattack |
Title | Description |
---|---|
https://falstad.com/circuit/circuitjs.html | |
IC Logos Elnec | |
An Affordable And Programmable PLC Hackaday |
Title | Description |
---|---|
Industrial Automation Abbreviation Acronyms – PLC Tutorial Point | |
Major PLC manufacturers and PLC Software’s List – PLC Tutorial Point | |
MrM8BRH GitHub user resource list |
Title | Description |
---|---|
M256-Automation/PLCnext-Useful-Commands: A list of useful commands on PLCnext terminal | |
Modbus functions code explanations |
Title | Description |
---|---|
GRIMM company job board |
Title | Description |
---|---|
ISC security monitoring from Packt (second edition) | ICS security from Packt written by Pascal Ackerman, second edition |
ICS field book | basic but useful stuff |
Industrial Network Security : Securing critical infrastructure network | The best book you can find yet (from personal experience) |
SCADA for Relay Technicians |
Title | Description |
---|---|
OPC UA Deep Dive: A Complete Guide to the OPC UA Attack Surface - Claroty | |
Evil PLC Attack: Weaponizing PLCs - Claroty | |
siemens simatic exploit article | Experts found undocumented access feature in Siemens SIMATIC PLCs |
Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology | |
Russian RE Modicon PLC | Some Russian who reverse-engineered the Modicon PLC from Schneider |
Assessing the BACnet Control System Vulnerability - Dragos | |
Article about offensive onsint on OT equipement | Offensive OSINT s01e04 - Intelligence gathering on critical infrastructure in Southeast Asia |
Nozomi Hour november 2023 | |
OT Hunt: Finding ICS/OT with ZoomEye | not that incredible article but it can help |
Title | Description |
---|---|
Scadafence blog panel | very interesting recommend checking it out |
The only Scadahacker blog | |
Ruscadasec telegram | Russian SCADA news telegram |
Iranian ICS news telegram | Iranian/Persian telegram ICS-related news |
Article about offensive onsint on OT equipement? | Offensive OSINT s01e04 - Intelligence gathering on critical infrastructure in Southeast Asia |
Offensive OSINT blog news | From the creator of KAMERKA |
Good old Hackernews | |
Securityweek news OT/ICS sections | Securityweek news OT/ICS sections |
Security affair | |
Japanese cyber ICS/OT news | |
FBI Internet Crime Complaint Center (IC3) |
Title | Description |
---|---|
DOD requirement propositions | DEPARTMENT OF DEFENSE CONTROL SYSTEMS SECURITY REQUIREMENTS GUIDE |
OPCUA security German state of the art | |
OPC UA Security Analysis | OPC UA Security Analysis from the Gemran Goevernement |
IRG on Water sector | Incident Response Guide Water and Wastewater Sector |
IACS System Testing and Assessment Rating Score Calculator | Method to asses and note vulnerability |
Title | Description |
---|---|
STORMSHIELD-SNi40-Datasheet | |
checkpoint 1570R-rugged-security-gateway-datashee | |
Nozomie Network Solutions | |
SIGASEC | monitoring solutions for OT network ? |