Normal (> 13th Jan): EUR3999



ICS/SCADA systems including power plants, factories, and transportation systems are some of the most critical systems in use today. There are lots of vulnerabilities in SCADA systems that lie within not only the core protocols but also specific product vulnerabilities and and network structures could expose an installation to attacks far more complex than traditional networks. This 3-day course has everything you need to take SCADA systems apart, examine them for inherent weaknesses and plan on how to protect these facilities – many of which are ‘unpatchable’.

This three days course caters to security professionals who wish to explore ICS/SCADA systems and will take them from the fundamentals of SCADA security up to more advanced techniques. You will come away with the knowledge needed to perform real-world penetration tests against SCADA installations and find your own 0-day vulnerabilities in SCADA environments.

All subjects in this course are taught using actual SCADA products and miniaturized SCADA systems for visualization.

Who should attend

  • Red Team members, who want to pen-test ICS/SCADA system.
  • ICS/SCADA Bug Hunters, who want to write exploits for all the crashes they find.
  • Members of military or government cyberwarfare units.
  • Penetration testers tasked with bypassing air-gap

Prerequisite Knowledge

  • Basic knowledge of Fuzzing & System Hacking
  • Basic knowledge of programming (C, python) would be a plus
  • Understanding of network and basic knowledge of TCP/IP

Hardware / Software Requirements

A modern laptop (8gb ram and 20gb free space min)


Day 01: Overview of ICS, Protocols & More

  • ICS/SCADA Architecture
  • ICS/SCADA Components
  • Scanning and Web Hacking on HMI/PLC
  • Incident Cases Study
  • Product Vulnerabilities (1-Day)

Day 02: Bypassing the Airgap

  • Network Protocols for ICS/SCADA
  • ICS Network Analysis for SCADA
  • Bypassing the Air Gap with HackRF, BadUSB, BadDNS and others
  • Pentest the power plant and rail system (0-day))

Day 03: Forensics, Fuzzing & Beyond

  • SCADA Network forensic
  • Fuzzing the ICS/SCADA Interface
  • Fuzzing the PLC Software
  • Fuzzing the ICS/SCADA Protocol
  • Sharing real world 0-day cases with trainees.

We will also provide trainees with access to our Cyber-War game system. This is a cyber drill simulation for ICS/SCADA hacking demonstrations and trainees will be able to evaluate their skill and knowledge with our system using our real-time ‘cyber-war’ simulation that includes a live score board! Trust us, You’ll love it!

Location: Training Rooms Date: April 10, 2017 Time: 9:00 am - 6:00 pm Louis Hur Edward Lee Junyuan Chai