Below is a curated list of useful tools & scripts for ICS pentest, assessment or lab.
The ones with the ✏️ are the ones I created or contributed to.
Modbus
- mbtget: A perl command-line tool to send Modbus/TCP requests
- ✏️modbusclient: This is a Metasploit module I created to send Modbus/TCP requests
- ✏️Modbus 0x5a: Tools presented in my DEFCON ICS Village talk
- SMOD: Modbus Pentesting Framework
- ✏️Modbus-scanner: A tool to monitor Modbus values over time
S7
- snap7: an open-source library to communicate with Siemens PLCs
- python-snap7: Python wrappers to snap7
OPC-UA
- ✏️opcua-scan: A tool developed at Wavestone to scan et get information from OPC-UA servers
Misc
- ✏️A list of ICS default passwords
- SCADAPASS: Another (bigger) list of ICS default passwords
- ✏️dyode: A open-source (hardware & software) data diode I created in 2016
- ✏️plc-code-security: Some experiments with PLC Secure Coding Guidelines used during my BruCon & DEFCON workshops
- ✏️simple-process-simulation: A way to simulate a physical process and connect it to a real or virtual PLC
- ✏️ot-sec-gpt: An experiment with RAG by creating a OpenAI-based chatbot trained on ICS cybersecurity data