#1 Industrial Cyber Lab
Labshock provides a ready-to-use environment to learn, simulate and test defensive strategies.
- check Website
- save 90% of time on setup and maintenance
- reduce costs by 95% compared to physical testbeds
- safe and real OT environments for learning and testing
- Labshock Into Video
- Universities & Mentors: create hands-on and practical OT cources
- OT Red & Blue Teams: simulate ICS and validate OT SIEM/IDS rules
- Companies: create custom Labs and test your tools
- Labshock Demo Video
- Build a complete OT test lab in less than 10 minutes
- Deploy a full OT/ICS cyber range with SCADA & PLC & EWS & DMZ
- Capture traffic, test SIEM rules and refine IDS detection
β please put Star β
Help us keep Labshock growing! Your contributions support ongoing development, documentation, and community resources.
Support Labshock with a small donation to fund new features and maintenance.
Interested in sponsoring Labshock or collaborating on OT security projects?
Install Docker, thats all.
min: CPU 2 | RAM 2G | HDD 10G
max: CPU 4 | RAM 8G | HDD 20G
Guide: Quickstart
Videos: Linux Windows
For more info check Wiki
PORTAL # Web # https://localhost
PLC # OpenPLC # http://localhost:8080
SCADA # FUXA # http://localhost:1881, pwd: openplc/openplc
EWS # Kali Linux # http://localhost:5911/vnc.html, pwd: engineer
PENTEST # Pentest Fury # http://localhost:3443
IDS # Network Swiftness # http://localhost:1443
COLLECTOR # Tidal Collector # http://localhost:2443
And more...central hub
Labshock contains Portal for accessing all services, documentation and resources:
- access all Labshock services from a single interface
- navigate directly to documentation, configuration guides
- use built-in links to troubleshooting and support resources
Usage:
- open web interface http://localhost
- check more info on wiki
modified version of OpenPLC
PLC supports all five languages defined in the IEC 61131-3 standard:
LDLadder LogicILInstruction ListSTStructured TextFBDFunction Block DiagramSFCSequential Function Chart
PLC supports protocols:
- Modbus
- DNP3
- S7 (soon)
Usage:
- login into dashboard http://localhost:8080
- user/password
openplc/openplc - check more info on wiki
modified version of FUXA
SCADA supports protocols:
- Modbus RTU/TCP
- Ethernet/IP
- BACnet IP
- OPC UA
- WebAPI
- MQTT
- S7
Usage:
- login into main interface http://localhost:1881
- user/password you can set in settings
- check more info on wiki
Kali inside
Pentest Station tailored for OT and ICS security testing:
- integrated web interface
- tools for working with OT protocols
- pre-installed Kali minimal setup
Use Cases:
- Test OT system security and ICS networks
- Simulate your own scenarious and techniques
- Learn different tactics and pentesting fundamentals
Usage:
- open web interface http://localhost:3443
- or use command line
ssh pentest@localhost -p 2222
pwd: pentest
- check more info on wiki
π License:
- Pentest Fury is for personal, non-commercial use only.
- Redistribution, modification, or commercial use is prohibited.
- See LICENSE for details.
This tool is intended for use only in the Labshock virtual environment.
The developer is not responsible for any misuse or unauthorized access attempts.
Using this tool against systems without explicit permission may violate local laws or regulations.
Ready for OT-focused pentesting.
best OT IDS
Labshock includes Network Swiftness for real-time network monitoring and analysis in OT environments:
- Monitor live network traffic
- Track active connections
- Detect and classify protocols
- Generate network topology maps
- Capture, analyze and save packets
- Web based: simple & easy
Use Cases:
- Gain visibility into OT network activity
- Identify unauthorized connections and protocol anomalies
- Analyze SCADA/ICS traffic patterns
- Save packet data for forensic analysis
Usage:
- open web interface http://localhost:1443
- check more info on wiki
- navigate to Settings > Resources > Network, and check the "Enable host networking" option.
π License:
- Network Swiftness is for personal, non-commercial use only.
- Redistribution, modification, or commercial use is prohibited.
- See LICENSE for details.
Ready for OT network monitoring and analysis.
You can easily connect other IDS, for example Zeek
SIEM ready
Efficient OT data collection and forwarding:
- Collect logs and metrics from OT devices
- Normalize and forward data to SIEM
- Filter and enrich data before forwarding
- Lightweight and efficient
- Web based: simple & easy
Use Cases:
- Centralize OT data collection for analysis
- Enhance SIEM visibility with OT-specific logs
- Normalize diverse log formats
- Reduce noise with smart filtering
Usage:
- open web interface http://localhost:2443
- find more info on wiki
π License:
- Tidal Collector is for personal, non-commercial use only.
- Redistribution, modification, or commercial use is prohibited.
- See LICENSE for details.
Ready for OT data collection and integration.
learn ICS
Engineering Station for programming SCADA and PLC:
- IDE OpenPLC Editor
- Interface to PLC
- Interface to SCADA
- Saved PLC/SCADA projects
Usage:
- login into noVNC interface http://localhost:5911/vnc.html
- password
engineer - all links/projects are on Desktop
- access PLC/SCADA via browser
- access IDE via OpenPLC Editor
- check more info on wiki
It's also possible to run Windows inside Labshock:
- check & use this github repo dockur/windows
- use at your own risk & effort
Using SemVer for versioning.
For the versions available, see the tags on this repository.
- Zakhar Bernhardt - Initial work - Ze
See also the list of contributors who participated in this project.
Β© 2025 Zakhar Bernhardt
Labshock contains open-source and proprietary components.
See the LICENSE file for details.
