This session focuses on reverse engineering OT traffic. Students learn to decode captured packet formats, recognize timing intervals, and map client-server interactions. The instructor demonstrates how UART-level sniffing reveals the logic of industrial processes, preparing students for active injection and manipulation. This class ties into the module as the transition from reconnaissance to exploitation.

Learning Objective
Reverse engineer OT communication flows and packet structures.

Training Outcomes

• Break down captured packets into fields.

• Recognize timing patterns in transactions.

• Map functional behavior from traffic.

Hands-On Experience

• Document request/reply sequences.

• Reverse engineer protocol fields.

• Build functional maps of OT communication.