This paper examines the cybersecurity weaknesses in Supervisory Control and Data Acquisition (SCADA) systems, which play a crucial role in the infrastructure of many industrial sectors. By employing a comprehensive penetration testing framework, the study uncovers significant vulnerabilities like protocol deficiencies, difficulties in integrating with IT networks, and security flaws related to human factors. The article assesses the efficacy of existing security measures and identifies the specific areas that require enhancement. This resource provides a thorough examination of the possible cyber threats that SCADA systems may encounter and evaluates their ability to withstand these threats. Suggestions for strengthening system security involve implementing focused vulnerability patching, enhancing security knowledge among staff, and developing strong defence methods. This work enhances the field of cybersecurity by offering a systematic method for recognising, evaluating, and reducing the dangers linked to SCADA systems. As a result, it aids in protecting vital infrastructure against sophisticated cyber assaults.