Listen to this Post

Labshock was showcased at BSides São Paulo 2025, demonstrating its capabilities in Industrial Control Systems (ICS) and Operational Technology (OT) security. The platform was used in talks, hands-on tests, and real-world attack simulations, making OT security more accessible.
Key Highlights from BSides SP 2025
- Wagner Rodrigues led a session, “Simulating Chaos in Industrial Environments,” where he used Labshock to model a full industrial plant and simulate cyberattacks.
- Rafael de Oliveira F. utilized Labshock for OT security testing, exploring new attack vectors.
- Attendees appreciated how Labshock simplified complex OT security scenarios.
You Should Know: Practical ICS/OT Security Testing
1. Setting Up an ICS/OT Lab
To simulate attacks like those demonstrated with Labshock, you can use open-source tools:
Install Docker for lab environments sudo apt-get update && sudo apt-get install docker.io -y sudo systemctl start docker Run an ICS simulation with Conpot (Honeypot) docker run -d -p 80:80 -p 102:102 -p 502:502 -p 161:161/udp honeynet/conpot
2. Common OT Attack Vectors & Mitigations
- Modbus TCP Exploitation (Port 502)
Scan for Modbus devices nmap -p 502 --script modbus-discover <target_IP>
- PLC Password Cracking
Use PLCScan for reconnaissance git clone https://github.com/meeas/plcscan cd plcscan && python2 plcscan.py -i <target_IP>
3. Defending ICS Networks
- Network Segmentation
Use iptables to restrict OT traffic sudo iptables -A INPUT -p tcp --dport 502 -j DROP sudo iptables -A INPUT -s 192.168.1.0/24 -p tcp --dport 102 -j ACCEPT
- Logging & Monitoring
Monitor ICS traffic with tcpdump sudo tcpdump -i eth0 'port 502 or port 102' -w ot_traffic.pcap
What Undercode Say
Labshock bridges the gap between theoretical ICS security and hands-on practice. By simulating real-world industrial environments, security professionals can:
– Test attack methods safely.
– Develop defensive strategies.
– Train teams in OT security best practices.
For those without Labshock, open-source alternatives like Conpot, PLCScan, and GRFICS can be used to build similar test environments.
Prediction
As OT systems become more interconnected with IT networks, ICS-specific attack simulations will grow in demand. Tools like Labshock will play a crucial role in proactive defense strategies.
Expected Output:
- A functional ICS lab environment.
- Detection of exposed Modbus/PLC devices.
- Improved defensive configurations for OT networks.
Relevant URLs:
References:
Reported By: Zakharb Bsides – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅


