Below is a curated list of useful tools & scripts for ICS pentest and/or assessment.
The ones with the ✏️ are the ones I created or contributed to.
Industrial protocols
Tools to talk to PLCs
Modbus
- mbtget: A perl command-line tool to send Modbus/TCP requests
- ✏️modbusclient: This is a Metasploit module I created to send Modbus/TCP requests
- ✏️Modbus 0x5a: Tools presented in my DEFCON ICS Village talk
- SMOD: Modbus Pentesting Framework
- ✏️Modbus-scanner: A tool to monitor Modbus values over time
S7
- snap7: an open-source library to communicate with Siemens PLCs
- python-snap7: Python wrappers to snap7
Misc
- ✏️A list of ICS default passwords
- SCADAPASS: Another (bigger) list of ICS default passwords
ICS cybersecurity academy 