Pentest Service - zakharb/labshock GitHub Wiki

Labshock contains the Pentest Service as a key feature, providing tools for scanning, enumeration, and security testing in ICS environments.

You can scan, enumerate and analyze ICS networks with pre-installed tools for OT security testing.

Whether you're a red teamer, a blue teamer, or just curious about OT security, this will make your testing easier and make You stronger & smarter.

Key features:

  • pre-installed Kali Linux image
  • ICS-specific industrial scanning
  • fuzzing & packet manipulation for SCADA/PLC testing
  • ready-to-use attack simulations: MITM, replay, command injection



🟨 Default Pentest Station

Labshock includes a preinstalled version of Kali Linux. Kali docs can be found on official page.

Features:

  • Test OT system security and ICS networks
  • Use your custom scripts for pentesting
  • Learn and test offensive security

🔶 Login

  • Pentest Station has SSH: ssh pentest@localhost -p 2222
  • Default login credentials (if not changed):
    • Login: pentest
    • Password: pentest

🔶 Install packages

  • Update packages list: sudo apt update
  • Install package: sudo apt install metasploit-framework

🔶 Use Metasploit

  • Install Metasploit in one click: sudo apt install metasploit-framework
  • Run msf-console

🔶 Network scanning

  • Use nmap to scan network:
  • Use custom scripts to scanning:

🔶 Http scanning

  • Use http scanners:



🟨 Pentest Fury

Labshock includes Pentest Fury > OT-focused Kali Linux in your browser

Key Features:

  • Web-based Kali interface for ICS/SCADA testing
  • Tailored for OT protocols and ICS scenarios
  • Launch tools instantly without CLI or external clients
  • Ideal for workshops, red teaming, and training labs

Use Cases:

  • Simulate real-world OT-focused attack scenarios
  • Learn and practice MITM, replay, and injection attacks
  • Perform recon and exploitation in isolated OT networks
  • Rapid test IDS/IPS detection rules in Labshock

🔶 Login:

  • Open browser: http://localhost:3443
  • Default credentials:
    • Login: pentest
    • Password: pentest

You can also access the same system via SSH if needed at ssh pentest@localhost -p 2222

🔶 NMAP module

Screenshot 2025-07-22 at 7 20 50 AM

🔶 Modbus module

Screenshot 2025-07-22 at 7 20 52 AM

🔶 Web terminal

Screenshot 2025-07-22 at 7 21 57 AM

⚠️ Legal Notice:
Pentest Fury is intended for personal, non-commercial use inside the Labshock environment only.
Using it against unauthorized systems may be illegal. See the LICENSE for more details.

logo

⚠️ **GitHub.com Fallback** ⚠️