https://github.com/rosesecurity/enumerating-ics-scada-devices

A compilation of scripts and scans for discovering and enumerating industrial control and SCADA devices. Utilizing open-source tools, I have compiled scans and scripts for targeting Operational Technology (OT) devices and hosts!
https://github.com/rosesecurity/enumerating-ics-scada-devices

Last synced: about 1 month ago
JSON representation

A compilation of scripts and scans for discovering and enumerating industrial control and SCADA devices. Utilizing open-source tools, I have compiled scans and scripts for targeting Operational Technology (OT) devices and hosts!

• Host: GitHub
• URL: https://github.com/rosesecurity/enumerating-ics-scada-devices
• Owner: RoseSecurity
• Created: 2021-09-11T19:05:03.000Z (about 3 years ago)
• Default Branch: main
• Last Pushed: 2023-03-08T01:21:00.000Z (over 1 year ago)
• Last Synced: 2024-05-01T17:47:46.336Z (7 months ago)
• Language: Ruby
• Homepage:
• Size: 366 KB
• Stars: 40
• Watchers: 3
• Forks: 10
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        
# Enumerating-ICS-SCADA-Devices

This is a repository dedicated to discovering and enumerating industrial control and SCADA devices. Utilizing open-source tools, I have compiled scans and scripts for targeting Operational Technology (OT) devices and hosts! 

A brief desciption of each protocol:

  - BACnet (Building Automation and Control network) is a communication protocol used by building automation and control systems

  - Fox is a communication protocols most commonly used in building automation systems

  - Modbus is a communication protocol used by programmable logic controllers (PLC)

  

A table of ICS ports and protocols information:



In 2017, researchers scanned the internet for these devices, and here the number of devices they found utilzing each protocol:

  - Fox: 27k

  - Modbus: 23k

  - Bacnet: 16k

I wanted to publish this repository to aid in network professionals looking to secure ICS device, but WARNING, these scans have the ability to take down ICS devices! BE CAREFUL!

I have included an infographic on the MITRE Att&ck for ICS for anyone looking to understand ICS/SCADA exploitation:

![Mapping-of-Stuxnet-on-the-ATTCK-for-ICS-matrix-1-1024x532](https://user-images.githubusercontent.com/72598486/132959154-3258f30d-113d-452c-b33f-e12147798d4b.png)