My personal OT resource list, gathered through research and internet adventures.
If you are here to search for resources and mass information on different protocols and concepts, I advise you to go directly to the sections ics_ressource_pcap_dataset_collection, ICS_Lab_Setup_And_Hacking_Tutorial, and ICS_news_outlet.
The rest is just a compilation of my own research. If you are interested, an HTML bookmark file, usable on Firefox, is available.
- OT_Resource_List
- Information
- Sections:
- ICS_challenge
- ICS_OSINT
- ICS_CERT
- ICS_Protocol
- ICS_ressource_pcap_dataset_collection
- ICS_Security_paper_and_conference
- ICS_Tool_And_PLC_Emulator
- ICS_Lab_Setup_And_Hacking_Tutorial
- Hardware
- ICS_Training
- ICS_General_Information
- ICS_Protocol_Parameter
- ICS_job
- ICS_book
- ICS_news_article
- ICS_news_outlet
- ICS_Requirement-guide_and_standart
- ICS_Monitoring_equipement
- ICS_GROUP_OR_ALIANCE_COMITEE
| Title | Description |
|---|---|
| Shadowservers world map of OT equipment 1 | |
| ICSRANK | Query for search ICS equipent on public ip vrowse |
| Find out what websites are Built With | if wappanalyser is a search engine |
| Title | Description |
|---|---|
| Hunto IP browser | shodan like IP browser but chinese |
| FOFA IP brower | Little browser of shodan |
| Shodan | |
| Zoomeye | best IP search engine on the east side of the world |
| censys | |
| Onyphe | French shodan like , that is really interesting |
| quanxin | Chniese IP Browser |
| Shodan wreapper | shodan api wrapper with dns record direclty show |
| Title | Description |
|---|---|
| API base cli search for zoomeye | |
| API base cli search for FOFA | |
| API base cli search for IP browser | |
| API base cli search for shodan and other |
| Title | Description |
|---|---|
| CERT Siemens | |
| CERT ABB Group | |
| CERT Schneider | |
| Dragos CVE disclosure | Dragos CVE Discosure |
| Title | Description |
|---|---|
| Resource collections for beginners | Security-oriented list of resources about industrial network protocols |
| ICSCSI - Library of Resources for Industrial Control System Cyber Security | |
| Orange-Cyberdefense/awesome-industrial-protocols | |
| PCAP Archive ICS Defense | |
| MITRE ICS matrix | |
| OpenPLC Project | |
| Traffic captures between STEP7 WinCC and S7-300/S7-400 PLCs | |
| Electra dataset, aggregations of multiple big PCAP | |
| OPC UA DATASET | The OPC UA CSV source file can be downloaded here. You can also find it in the IEEE DataPort.The generation of the dataset containing OPC UA traffic was possible due to the setup and execution of a laboratory CPPS testbed. This CPPS uses OPC UA standard for horizontal and vertical communications. Regarding the CPPS testbed setup, it consists on seven nodes in the network, as represented in the next Figure. |
| OPC UA DARASET | Dataset to "Easing the Conscience with OPC UA: An Internet-Wide Study on Insecure Deployments" |
| Cloudshark mofbus bcap | online pcap containng modbus and ICP protocol |
| Title | Description |
|---|---|
| How to connect Open PLC with Factory I/O - YouTube | |
| Virtual Industrial Cybersecurity Lab archivos - Rodrigo Cantera | |
| How to set up an OT analysis lab. by biero llagas Medium | |
| Let’s Call It a Day — Virtual SCADA Hacking with GRFICSv2 Part 1 | |
| Fortiphyd Logic - YouTube | |
| Going Out With a Bang — Virtual SCADA Hacking with GRFICSv2 Part 2 | |
| PLC Hacking (Pt. 1) Redfox Security | |
| Rapid SCADA website | Rapid SCADA is an open source industrial automation platform. The out of the box software provides tools for rapid creation of monitoring and control systems. In case of large implementation, Rapid SCADA is used as a core for development of custom SCADA and MES solutions for a Customer. |
| Investigations challenge on ICS equipement | investigate dammage related ICS cyberattack |
| Title | Description |
|---|---|
| Hardware reverse course playlist | very good introductions to hardware hacking |
| Hardware reverse youtube chanelle | Everything related to Hardware Hacking and Reverse Engineering including tutorials for beginners and more advanced stuff. |
| Title | Description |
|---|---|
| Datasheet Database: alldatasheet | |
| Datasheet Database: datasheetcatalog | |
| Datasheet Database: datadheet |
| Title | Description |
|---|---|
| Online Circuit emulator | |
| IC logo Database | |
| An Affordable And Programmable PLC Hackaday | |
| Wikipedia for IC and stuff |
| Title | Description |
|---|---|
| ICS Training Calendar CISA | |
| ICS 301v Review · Aaron Hoffmann | |
| HOME Dean Parsons | |
| Assessing and exploiting control systems IIOT | |
| Global Industrial Cyber Security Professional (GICSP) | |
| ICS Cyber conference | Some conference for ICS |
| ISA secure certifications program | The ISASecure program delivers OT cybersecurity certifications. |
| Title | Description |
|---|---|
| Industrial Automation Abbreviation Acronyms – PLC Tutorial Point | |
| Major PLC manufacturers and PLC Software’s List – PLC Tutorial Point | |
| MrM8BRH GitHub user resource list |
| Title | Description |
|---|---|
| M256-Automation/PLCnext-Useful-Commands: A list of useful commands on PLCnext terminal | |
| Modbus functions code explanations | |
| Schneider electric own mofbud documentations |
| Title | Description |
|---|---|
| GRIMM company job board |
| Title | Description |
|---|---|
| ISC security monitoring from Packt (second edition) | ICS security from Packt written by Pascal Ackerman, second edition |
| ICS field book | basic but useful stuff |
| Industrial Network Security : Securing critical infrastructure network | The best book you can find yet (from personal experience) |
| SCADA for Relay Technicians | |
| Cybersécurité des systèmes industriels par Jean-Marie Flaus | French book on the ICS system |
| Title | Description |
|---|---|
| OPC UA Deep Dive: A Complete Guide to the OPC UA Attack Surface - Claroty | |
| Evil PLC Attack: Weaponizing PLCs - Claroty | |
| siemens simatic exploit article | Experts found undocumented access feature in Siemens SIMATIC PLCs |
| Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology | |
| Russian RE Modicon PLC | Some Russian who reverse-engineered the Modicon PLC from Schneider |
| Assessing the BACnet Control System Vulnerability - Dragos | |
| Article about offensive onsint on OT equipement | Offensive OSINT s01e04 - Intelligence gathering on critical infrastructure in Southeast Asia |
| Nozomi Hour november 2023 | |
| OT Hunt: Finding ICS/OT with ZoomEye | not that incredible article but it can help |
| water management system hack | 2 municipal water facilities report falling to hackers in separate breaches |
| Title | Description |
|---|---|
| Scadafence blog panel | very interesting recommend checking it out |
| The only Scadahacker blog | |
| Ruscadasec telegram | Russian SCADA news telegram |
| Iranian ICS news telegram | Iranian/Persian telegram ICS-related news |
| Article about offensive onsint on OT equipement? | Offensive OSINT s01e04 - Intelligence gathering on critical infrastructure in Southeast Asia |
| Offensive OSINT blog news | From the creator of KAMERKA |
| Good old Hackernews | |
| Securityweek news OT/ICS sections | Securityweek news OT/ICS sections |
| Security affair | |
| Japanese cyber ICS/OT news | |
| FBI Internet Crime Complaint Center (IC3) | |
| centralised podcast themed ICS | list of ICS themed podcast. |
| Industrial Cyber news outlet | centralise info about vendor new , and other article |
| Title | Description |
|---|---|
| DOD requirement propositions | DEPARTMENT OF DEFENSE CONTROL SYSTEMS SECURITY REQUIREMENTS GUIDE |
| OPCUA security German state of the art | |
| OPC UA Security Analysis | OPC UA Security Analysis from the Gemran Goevernement |
| IRG on Water sector | Incident Response Guide Water and Wastewater Sector |
| IACS System Testing and Assessment Rating Score Calculator | Method to asses and note vulnerability |
| NIST Special Publication SP 800-82r3 Guide to Operational Technology Security | fondational requirement for anybody who whant to start a OT security program |
| NIS directive in eatch EU country | specifications and informations about implementations of the NIS directiv in eatch EU country |
| The NIST Cybersecurity Framework (CSF) 2.0 | The NIST Cybersecurity Framework (CSF) 2.0 provides guidance to industry, government agencies, and other organizations to manage cybersecurity risks. It offers a taxonomy of high- level cybersecurity outcomes that can be used by any organization — regardless of its size, sector, or maturity — to better understand, assess, prioritize, and communicate its cybersecurity efforts. |
| CWE VIEW: Weaknesses Addressed by ISA/IEC 62443 Requirements | This view (slice) covers weaknesses that are addressed by following requirements in the ISA/IEC 62443 series of standards for industrial automation and control systems (IACS). Members of the CWE ICS/OT SIG analyzed a set of CWEs and mapped them to specific requirements covered by ISA/IEC 62443. |
| (UK) Control Of Major Accident Hazards Regulations 2015 (COMAH) | |
| (Rism Management) EBIOS RM Method |
| Title | Description |
|---|---|
| STORMSHIELD-SNi40-Datasheet | |
| checkpoint 1570R-rugged-security-gateway-datashee | |
| Nozomie Network Solutions | |
| SIGASEC | monitoring solutions for OT network ? |
| leroy automations | French PLC manufacturer |
| Title | Description |
|---|---|
| ISA Global Cyber Alliance | |
| Institute of Electrical and Electronics Engineers | not full ICS oriented , but one of the biggest organisations in the electrical and electronics engeniering field |