6 min read

Compromise a simulated industrial production facility in the new Alchemy lab

Find a secret beer recipe by infiltrating a brewery’s OT network infrastructure and compromise the production process!

dimimele Diogt, Apr 22,

Explore a whole new, evolving security domain and step into the virtual boots of an ICS environment crafted with the support of Dragos, a leading ICS/OT cybersecurity technology and solution provider!

We are excited to announce Alchemy: a new Professional Lab scenario where digital and physical cyber domains intertwine more closely than ever. This captivating scenario has been created to take cybersecurity teams through a series of security challenges that cross 9 Machines, 7 PLCs, and 21 flags to complete. 

Both Dragos and Hack The Box worked on developing a realistic ICS/OT environment that allows participants to learn the many nuances of industrial environments. Participants will pivot from the enterprise environment, down into the ICS/OT where industrial components are created, manufactured, fabricated, and in this case, brewed. Industrial environments keep our lights on, provide us with safe drinking water, and manufacture our everyday medicine. Playing the Alchemy Professional Lab will provide context behind how our world operates.

Jackson Evans-Davies — Principal Industrial Penetration Tester @ Dragos

With an increasing number of cyber attacks leveraging ransomware and other exploitation techniques on critical infrastructure, Alchemy provides a comprehensive and practical dive into the intricate world of industrial control systems, their common protocols, and security baselines while allowing teams to refine their skills in attacking enterprise networks. 

As a fresh brew out of the Hack The Box business offering, this complex hardware simulation inspired from the Purdue model’s specifications, allows red teamers and penetration testers to gain familiarity with the real-world challenges of attacking within Operational Technology (OT) environments and understand the critical role of ICS security in business operations.

What’s Alchemy about?

Dive into the operations of a newly established brewing factory where your team has been tasked with evaluating the security of Sogard Brewing Co. The mission is to disrupt the production process and steal confidential information.

Your team needs to infiltrate the OT network and new infrastructure of the brewery equipped with a set of custom Programmable Logic Controllers (PLCs) and compromise the production process of their secret beer recipe. This will help fortify the factory against potential cyber threats ensuring the safety, security, and reliability of its operations.

Representing an integrated network of IT and Operational Technology (OT) environments, Alchemy is dedicated to challenging member’s skills and familiarity with:

  • ICS security fundamentals (interact and interpret protocols)

  • ICS network segmentation

  • Active Directory enumeration in IT and OT networks

  • Lateral movement, tunneling, pivoting, and privilege escalation

  • Common attacking techniques against Programmable Logic Controllers (PLCs) and Human Machine Interfaces (HMIs).

We are very excited to release this lab! In the rapidly evolving landscape of cybersecurity, the protection of Operational Technology (OT) and Industrial Control Systems (ICS) stands out as a critical concern. These critical infrastructures are increasingly internet-connected, making them vulnerable to cyber threats, especially with legacy systems posing a large attack surface. Training in OT/ICS is particularly challenging but we are confident that Alchemy will offer a safe, simulated environment for all skill levels, mitigating the risks associated with training on live systems.

Konstantinos S. Mokos (aka diogt) — Senior Content Engineer @ Hack The Box


Or book a demo with our team 

The evolving ICS threat landscape

ICS security stands as the guardian of not just data, but the very machinery and processes that keep our world running smoothly. With a high dependence of ICS on digital systems such as software, endpoints, and networks it poses a critical risk to physical safety, business operations, and even people relying on essential services such as water and electricity. According to Dragos’s 2023 OT Cybersecurity Year in Review, ICS was the second most impacted sector by ransomware at 13%. 

The insufficient security investment in ICS/OT environments has as much of a significant impact on businesses as it has on nation-states and geopolitical matters.

Within ICS cyber attacks, PLCs can play a major role. PLCs continue to be a prominent target for attackers, having changed very little in the way they are operated and secured. While the integration of IT and OT continues to grow, organizations are using the Purdue Model to implement various levels of protection.

Common ICS Threats

The numbers are clear: there is a growing demand for skilled ICS security professionals which has concurrently risen with the volume and sophistication of attacks against these systems; a major example being Living Off the Land Attacks. In fact, in 2023 44% of respondents, a rise from 38% in 2019, considered threats to ICS as “high”.

Meanwhile, with only 52% of ICS facilities having an updated, tested incident response plan, and 17% being unsure of whether they have such a plan, the gap between the necessity and availability of expertise is widening. However, developing familiarity and growing the security of ICS does not only rely on security tools and techniques but also the efficient management and familiarity of security teams on corresponding ICS systems. 

Become ICS threat-ready

Breaking the physical barrier with Alchemy

In keeping up with emerging industrial threats, Alchemy offers a strong foothold into upskilling with a blend of IT and OT infrastructure. 

All you need to know to get started is:

  • A basic knowledge of penetration testing tools and methodologies

  • A basic understanding of Windows and Linux operating systems

  • Basic web application exploitation skills

  • Familiarity with the Modbus protocol

  • A fundamental understanding of Programmable Logic Controllers (PLCs)

  • An understanding of PLC programming languages (ST, LD, etc)

Alchemy provides teams with an industry-connected approach toward ensuring a comprehensive skill set for tackling ICS security challenges. Through a medium-level realistic industry scenario, teams will gain the confidence and proficiency to engage with relevant tools, techniques, and procedures against programmable logic controllers (PLCs) and Human Machine Interfaces (HMI).

Upon completion of the simulated exercise, teams also have the opportunity to nurture purple-minded collaboration with defensive teams to evaluate the necessary security measures and response tactics. 

💡 Recommended read: Enable powerful purple team security ops with HTB Enterprise

ICS security: from theory to real-world simulation

Our commitment to skills development within ICS does not end here. Along with Alchemy, there is a strong variety of theoretical and hands-on content to help strengthen key skills and develop a holistic workforce development plan. 

Prior to engaging with this complex attack scenario members can engage with relevant learning within the HTB Enterprise Platform, such as learning with Modules on Supply Chain Attacks or diving into hands-on practice through the ICS & SCADA curated collection of labs. 

Having practiced with particular techniques and engagements in these scenarios, utilizing the Cyber Industrial Quest CTF Challenge Pack provides another opportunity for benchmarking while boosting team collaboration and engagement through a Capture The Flag event.



Alchemy will be available for all Hack The Box community members within the next couple of months, as part of the Pro Labs subscription on HTB Labs. As it features new technologies and attack vectors, we will need to run further observations and optimizations to open this scenario to a large user base while ensuring stability and high-quality upskilling experiences.

Ready to implement your workforce development plan?

Alchemy is available as part of the Professional Labs scenarios, coming with all business-exclusive features such as official write-ups, Restore Point, and MITRE ATT&CK mapping.

This new release can be found in Professional and Ultimate pricing plans, allowing teams to holistically integrate various solutions and features offered by HTB.

If your organization does not have access to Alchemy or HTB Enterprise Platform, fill out the form below to consult with our team of experts on crafting an ideal cyber development plan. 


Hack The Blog

The latest news and updates, direct from Hack The Box