In this post, I will do a brief overview of the reporting phase of a pentest and cover a high-level description of what should be included and things to look out for when writing a report.

In Part 9 of this new Cyber Physical Systems series, I will introduce the different methods and techniques to securing cyber physical systems since we now know how vulnerable they are.

In Part 8 of this new Cyber Physical Systems series, I will introduce the different types of vulnerabilities that these systems have and why they are so vulnerable.

In Part 7 of this new Cyber Physical Systems series, I will introduce the different types of attacks that can target these type of systems and discuss the different layers where they occur.

In Part 6 of this new Cyber Physical Systems series, I will introduce the different challenges when it comes to securing and managing cyber physical systems.

In Part 5 of this new Cyber Physical Systems series, I will introduce the Modbus protocol which is widely used in ICS/CPS and cover its data types and functions.

In Part 4 of this new Cyber Physical Systems series, I will introduce the concept of industrial control systems along with their components and different types of ICS.

In Part 3 of this new Cyber Physical Systems series, I will introduce the concept of control systems, classifications, controller design and ideal control system characteristics.

In Part 2 of this new Cyber Physical Systems series, I will discuss the different domains and applications of CPS in the real world including various examples and will also start to discuss the overall architecture.

In Part 1 of this new Cyber Physical Systems series, I will discuss what CPS is, where it came from, a definition of CPS along with examples and some more beginner information.

Welcome to the exciting phase. This is the phase most people think of when the word “hacking” is mentioned - launching exploits, gaining access to computers and more!

This phase covers network attacks ranging from recon attacks, access attacks up to the concept of DoS attacks and more modern examples in order to get an idea of the various attacks going on every day.

Welcome to the social engineering phase. Ever wanted to hack humans, but don’t have the biological knowledge to do so? Well, social engineering is for you!

This is the phase that can give you that adrenaline rush - we crack users passwords (hopefully) to potentially gain access and do some more ethically nefarious things.

This is a vulnerable-by-design Azure lab containing 2 x attack paths with common misconfigurations. These vulnerabilities are intended to represent those found in live production environments.

Welcome to the exciting phase. This is the phase most people think of when the word “hacking” is mentioned - launching exploits, gaining access to computers and more!

A common yet effective method for finding vulnerabilities is by utilising various vulnerability scanning tools like Nessus and OpenVAS. Learn about them here.

The second most important phase is the scanning phase which allows the hacker to interact with the target by utilising tools like nmap and hping.

The first phase for any hacker is information gathering and reconnaissance. This post explains some of the key concepts and some tools.

Just as it is important to know security definitions before getting technical, it is arguably even more important to understand the law surrounding it.