SCADA Hacking: Attacking SCADA/ICS Systems through the Human Machine Interface (HMI)

Welcome back, my aspiring SCADA/ICS cyberwarriors! Let’s begin by congratulating you on your foresight in committing to study SCADA/ICS hacking and security. This is certainly THE most important security issue this decade! In general, SCADA/ICS hacks have been of two types; Hack the protocols (modbus, DNP3, Profitnet, etc); Hack the Human Machine Interface (HMI) In […]

Continue Reading

The Art of Social Engineering training, April 13-15

Many novices to cybersecurity underestimate the importance of social engineering. More experienced hands understand that social engineering is probably the greatest threat to our networks. Many of the most significant hacks in history had a social engineering element including; BlackEnergy3 Target POS 2016 Presidential Campaign and DCCC email hack RSA NY Times SONY Pictures and […]

Continue Reading

Web App Hacking: BurpSuite, Part 2: Bypass Weak Input Validation to Upload Malware to a Website

Welcome back, my aspiring cyber warriors! In general, we can say that the solution to many injection attacks in web applications is “Input Validation”. Input validation makes certain that only the type of input that the application was developed to handle is input and not malicious commands or scripts masquerading as data. Some applications enable […]

Continue Reading