Content: New Industrial SCADA Lab – ESP32 #4
Description
Red-Team Focused | Version 2.0
Realistic mini-SCADA on ESP32 – students learn by attacking and defending it
4 production lines • 20+ sensors/actuators • physically plausible behavior
6 main exploit paths (can be toggled independently):
- IDOR (unauthorized object access)
- Command / Parameter Injection
- Race Condition
- Physics / process anomaly exploitation
- Forensics (log & state reconstruction)
- Weak credentials / credential leakage
Learning style
Attack → understand → adapt
Discovery-based, not spoon-fed
Difficulty levels
- EASY: lots of hints, almost no defense
- NORMAL: hints on request, moderate incidents
- HARD: almost no help, active defense, cascading failures
Highlights
- Nice live P&ID-style dashboard
- Real-time trends + alarms
- Dynamic incidents (stuck valve → temp rise → overload …)
- Leaderboard (exploits found + time)
- Teacher controls via serial: IP block, rate-limit, session kill
Target audience
- ICS/OT security beginners to advanced
- Pentesters who want to understand industrial systems