LabShock OT Security - Modbus Man in the Middle Attack

LabShock OT Security demo: we simulate a SCADA → PLC network using Modbus/TCP and execute a Man-in-the-Middle (MiTM) attack. From a Kali box, we ARP-poison the path, intercept Modbus frames, and use a Python (Scapy + NetfilterQueue) hook to alter register values on the fly—showing how unauthenticated, clear-text protocols can be manipulated and why segmentation and monitoring matter. Tools: Kali Linux, arpspoof, iptables/NFQUEUE, Scapy, Wireshark/tcpdump, PLC/SCADA test stack (Modbus/TCP on port 502). Takeaways: MiTM mechanics in OT, spotting tampering in packet captures, and mitigations (network segmentation, secure gateways, whitelisting, detections). Lab-only. Performed on an isolated network for education. #OTSecurity #ICS #SCADA #PLC #Modbus #MITM #Cybersecurity #LabShock