In my free time over the coming weeks and months, I’ll be working on a new version of my pentest dropboxes for IT and OT, and I’ll be turning the projects “Lemon” and “Motion”, which are still on paper, into reality.
And since people keep asking, I don’t have a sponsor and pay for everything out of my own pocket because that’s the only way I can stay creative and independent.
#Cybersecurity #OT #IT #Network #Hardwarehacking #SCADA #ICS #Research #OpenSource #foss
@OT_MacDonald curious if there is something missing in the existing dropbox implementations, or if this is intended as a learning exercise? Eg phantap
What makes an OT dropbox different to an IT dropbox?
@RoganDawes I felt something was missing in my IT/OT dropboxes, and these have surpassed Phantap in terms of functionality and capabilities for years now.
The difference between an OT dropbox and an IT dropbox lies in their intended use and functionality.
Please excuse me for not revealing more, but I protect my work and research. All too often, companies like hak5... have misused the work of others for their own commercial purposes, and I won’t tolerate that. There will be discussions about the boxes, and the dropboxes will be sent to people I know personally at #INL, #CISA, #Iberdrola, and others.
And since I was asked: my employer won’t be getting a single one, for good reason.
@OT_MacDonald fwiw, I posted about a dropbox here: https://sensepost.com/blog/2020/making-the-perfect-red-team-dropbox-part-1/
We don’t try to sell them at all, preferring to share our research.
Michael Koerfer
Rogan Dawes