Modsploit

I have forked an old Modbus testing framework that I will be adding to, keep checking back for updates. What…

Continue Reading

Pentesting ICS (Profinet)

What is Profinet? Testing Profinet Use profinet_scanner.py to detect devices on a network! SCADA-safe scanner: https://www.rapid7.com/db/modules/auxiliary/scanner/scada/profinet_siemens Once the devices are identiied, MiTM, packet…

Continue Reading

Pentesting ICS (DNP3)

What is DNP3? DNP3 Simulators C++: https://github.com/automatak/dnp3 Docs: https://www.automatak.com/opendnp3/docs/guide/current/build/cmake/ Use –recursive when cloning: Qt4: https://sourceforge.net/projects/dnp/ DNP3 Identification: Shodanhq dork: port:20000 Using nmap with script dnp3-info.nse: https://github.com/sjhilt/Nmap-NSEs/blob/master/dnp3-info.nse When you identified the…

Continue Reading

Pentesting ICS (BACnet)

What is BACnet Simulators http://bacnet.sourceforge.net/ -> http://bacnet4linux.sourceforge.net/ Download -> UnTar then $ make clean all $ sudo ./bacnet4linux -D4 -m2 -p5555 -v5556…

Continue Reading