Omar Morando

Hey, I'm Omar! I specialize in offensive security assessment and cutting-edge red teaming services across multiple industries. I've 20+ years of experience in OT/ICS Industrial Automation domain (SCADA, PLC, remote I/O, fieldbus) with expertise in ISA/IEC 62443 and in Automotive with ISO/SAE 21434 standards.

I'm also the creator of SCADAsploit, an advanced C2 post-exploitation framework designed for Adversary Simulation and Red Teaming in OT/ICS environments. This powerful tool targets leading PLC manufacturers — including Siemens, Schneider Electric, Rockwell, ABB, and many more — pushing the boundaries of cyber security innovation in the industrial space.

Basically, I hack into companies to show the techniques adversaries use!

How can I help you? Feel free to drop me an email.
Use this PGP key for confidential communication.

SCADAsploit C2.OT Framework

I’m the developer of SCADAsploit C2.OT, a C2 (Command & Control) framework intended for OT systems. Its powerful arsenal of pre- and post-exploitation modules for SCADA/PLC systems makes it a unique tool in Adversary Simulation in the OT environment. Its malleable C2 architecture, which can be controlled remotely with a graphical commander, provides modules dedicated to red teaming, asset discovery and post-exploitation.

SCADAsploit boasts a robust client/server architecture that ensures seamless communication and collaboration between your team members. Thanks to its inherent EDR evasion, obfuscation and pivoting capabilities, SCADAsploit is also an effective and powerful tool for traditional IT infrastructures.

I had the opportunity to present SCADAsploit at the BlackHat Europe Arsenal in London on 7 December 2023, with great interest from the participants.
https://scadasploit.dev/

Training & Consulting

Cybersecurity Trainer and Consultant specializing in OT and Automotive sectors, with in-depth expertise in ISA/IEC 62443 and ISO/SAE 21434 standards. I deliver advanced and offensive cybersecurity workshops tailored for OT environments. I’m here to help you assess cyber risks and safeguard your infrastructure by implementing comprehensive cybersecurity processes — from design to operations — with a strong focus on the OT/ICS domain.

Visit the SCADAsploit website to see the list of available workshops, which cover advanced and offensive OT cybersecurity, and Secure PLC Programming.

Conferences

HackInBo (09/22) // BSides: Roma (12/22), Budapest (05/23), Athens (06/23), Milano (07/23)
Speech entitled “How to break the Modbus protocol and cause a PLC DoS”. I explained how to attack an OT system (PLC and SCADA) by exploiting vulnerabilities in this protocol, with a live demo with a plant simulator and a real Schneider Electric M580 PLC + HMI. During the demo I demonstrated how to discover the targets present in the OT network, identify their vulnerabilities and how to attack them using Python scripts written by me.

CSET (11/23) // E-TechEurope (04/23)
Speech on "Cybersecurity of EV systems", focused on how the increasingly widespread adoption of modern connected vehicles and related technologies offers a huge attack surface and requires the implementation of strong cybersecurity in the vehicles themselves and in the infrastructures present in smart cities.

Black Hat Europe (12/23)
As a speaker during Black Hat Europe Arsenal in London on 6-7 December, I presented SCADAsploit receiving widespread interest in the project and establishing relationships and contacts with important companies.

BSidesSofia (03/24) // SANS ICS Summit (05/24) // HackInBo (06/24) // CSET (11/24)
Speech entitled “SCADAsploit: a C2 for OT. How to break an ICS system”, where I show some techniques for compromising an IT infrastructure, pivoting towards the OT network and compromising some ICS devices using SCADAsploit C2.

Coding

Software developer for mobile robots, embedded systems, IoT and real-time applications. Languages: C/C++, Python, Go, C#. Frameworks: Qt/QML, PyQt, ROS, RTOS & multithreading.

Tweets by Omar Morando