Labshock is the Virtual Lab for learning ICS. It provides a versatile platform for both educational purposes and advanced OT SIEM testing. The lab is designed to emulate real-world ICS environments, allowing you to simulate multivendor PLC setups, configure SCADA systems & create Detection and Response strategies. The main purpose of Labshock is multi OT SIEM testing, enabling simultaneous evaluation of different SIEM solutions in real time.
Labshock is designed to provide a hands-on environment for:
- configuring PLC
- learning ICS Networks
- exploring SCADA systems
- emulating multivendor PLC
- pentesting & network monitoring
- creating OT SIEM correlation rules
- practicing Detection & Response techniques
You can simultaneous test different SIEM solutions in the context of ICS.
Install docker
Install docker-compose
Install git
Only Docker, no additional libraries are required.
Install
git clone /~https://github.com/zakharb/labshock.git
cd labshock/labshock
docker-compose build
Run
docker-compose up
Update
git pull
cd labshock
docker-compose build
SCADA # http://localhost:1881
PLC # http://localhost:8080, user/pwd: openplc/openplcPLC
SCADA
SCADA # project FUXA - https://frangoteam.org
PLC # project OpenPLC - https://autonomylogic.com
EWS & OWS # Windows Trial - https://www.microsoft.com
FW # Iptables - https://en.wikipedia.org/wiki/Iptables
SWITCH # Custom
TRANSFER # FTP
REMOTE # RDP
SIEM # Multi Vendor
IDS # Multi Vendor
And more...Using SemVer for versioning. For the versions available, see the tags on this repository.
- Zakhar Bernhardt - Initial work - Ze
See also the list of contributors who participated in this project.
This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation - see the LICENSE file for details