dark-lbp / Isf
Licence: bsd-2-clause
ISF(Industrial Control System Exploitation Framework),a exploitation framework based on Python
Stars: ✭ 690
Programming Languages
python
139335 projects - #7 most used programming language
Projects that are alternatives of or similar to Isf
Industrial-Security-Auditing-Framework
ISAF aims to be a framework that provides the necessary tools for the correct security audit of industrial environments. This repo is a mirror of https://gitlab.com/d0ubl3g/industrial-security-auditing-framework.
Stars: ✭ 43 (-93.77%)
Mutual labels: modbus, plc, ics, scada
Icsmaster
ICS/SCADA Security Resource(整合工控安全相关资源)
Stars: ✭ 582 (-15.65%)
Mutual labels: ics, plc, modbus, scada
CyberICS.github.io
News and publication on cybersecurity in industry
Stars: ✭ 29 (-95.8%)
Mutual labels: plc, ics, scada
iot-master
物联大师是开源免费的物联网智能网关系统,集成了标准Modbus和主流PLC等多种协议,支持数据采集、公式计算、定时控制、自动控制、异常报警、流量监控、Web组态、远程调试等功能,适用于大部分物联网和工业互联网应用场景。
Stars: ✭ 119 (-82.75%)
Mutual labels: modbus, plc, scada
Fuxa
Web-based Process Visualization (SCADA/HMI/Dashboard) software
Stars: ✭ 262 (-62.03%)
Mutual labels: plc, modbus, scada
TcOpen
Application framework for industrial automation built on top of TwinCAT3 and .NET.
Stars: ✭ 187 (-72.9%)
Mutual labels: plc, scada
Modbus-STM32-HAL-FreeRTOS
Modbus TCP and RTU, Master and Slave for STM32 using Cube HAL and FreeRTOS
Stars: ✭ 272 (-60.58%)
Mutual labels: modbus, plc
Trisis Triton Hatman
Repository containting original and decompiled files of TRISIS/TRITON/HATMAN malware
Stars: ✭ 178 (-74.2%)
Mutual labels: ics, scada
rodbus
Rust implementation of Modbus with idiomatic bindings for C, C++, .NET, and Java
Stars: ✭ 34 (-95.07%)
Mutual labels: modbus, scada
prickly-pete
A script using Docker to quickly bring up some honeypots exposing lots of services. For research, reconnaissance, and fun. (DISCLAIMER may not be fun, not to be taken internally, aim away from face)
Stars: ✭ 29 (-95.8%)
Mutual labels: ics, scada
EasyModbusTCP.Java
EasyModbusTCP library for Java implementation
Stars: ✭ 76 (-88.99%)
Mutual labels: modbus, plc
Iotclient
这是一个物联网设备通讯协议实现客户端,将会包括主流PLC通信读取、ModBus协议、Bacnet协议等常用工业通讯协议。本组件终身开源免费,采用最宽松的MIT开源协议,您可以随意修改和商业使用(商业使用请做好评估和测试)。
Stars: ✭ 311 (-54.93%)
Mutual labels: plc, modbus
Easymodbustcp.net
Modbus TCP, Modbus UDP and Modbus RTU client/server library for .NET implementations
Stars: ✭ 358 (-48.12%)
Mutual labels: plc, modbus
Industrial Exploitation Framework
ISF(Industrial Exploitation Framework) is a exploitation framework based on Python, it's similar to metasploit framework.
ISF is based on open source project routersploit.
Read this in other languages: English, 简体中文,
Disclaimer
Usage of ISF for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.
ICS Protocol Clients
Name | Path | Description |
---|---|---|
modbus_tcp_client | icssploit/clients/modbus_tcp_client.py | Modbus-TCP Client |
wdb2_client | icssploit/clients/wdb2_client.py | WdbRPC Version 2 Client(Vxworks 6.x) |
s7_client | icssploit/clients/s7_client.py | s7comm Client(S7 300/400 PLC) |
Exploit Module
Name | Path | Description |
---|---|---|
s7_300_400_plc_control | exploits/plcs/siemens/s7_300_400_plc_control.py | S7-300/400 PLC start/stop |
s7_1200_plc_control | exploits/plcs/siemens/s7_1200_plc_control.py | S7-1200 PLC start/stop/reset |
vxworks_rpc_dos | exploits/plcs/vxworks/vxworks_rpc_dos.py | Vxworks RPC remote dos(CVE-2015-7599) |
quantum_140_plc_control | exploits/plcs/schneider/quantum_140_plc_control.py | Schneider Quantum 140 series PLC start/stop |
crash_qnx_inetd_tcp_service | exploits/plcs/qnx/crash_qnx_inetd_tcp_service.py | QNX Inetd TCP service dos |
qconn_remote_exec | exploits/plcs/qnx/qconn_remote_exec.py | QNX qconn remote code execution |
profinet_set_ip | exploits/plcs/siemens/profinet_set_ip.py | Profinet DCP device IP config |
Scanner Module
Name | Path | Description |
---|---|---|
profinet_dcp_scan | scanners/profinet_dcp_scan.py | Profinet DCP scanner |
vxworks_6_scan | scanners/vxworks_6_scan.py | Vxworks 6.x scanner |
s7comm_scan | scanners/s7comm_scan.py | S7comm scanner |
enip_scan | scanners/enip_scan.py | EthernetIP scanner |
ICS Protocols Module (Scapy Module)
These protocol can used in other Fuzzing framework like Kitty or create your own client.
Name | Path | Description |
---|---|---|
pn_dcp | icssploit/protocols/pn_dcp | Profinet DCP Protocol |
modbus_tcp | icssploit/protocols/modbus_tcp | Modbus TCP Protocol |
wdbrpc2 | icssploit/protocols/wdbrpc2 | WDB RPC Version 2 Protocol |
s7comm | icssploit/protocols/s7comm.py | S7comm Protocol |
Install
Python requirements
- gnureadline (OSX only)
- requests
- paramiko
- beautifulsoup4
- pysnmp
- python-nmap
- scapy We suggest install scapy manual with this official document
Install on Kali
git clone https://github.com/dark-lbp/isf/
cd isf
python isf.py
Usage
[email protected]:~/Desktop/temp/isf# python isf.py
_____ _____ _____ _____ _____ _ ____ _____ _______
|_ _/ ____|/ ____/ ____| __ \| | / __ \_ _|__ __|
| || | | (___| (___ | |__) | | | | | || | | |
| || | \___ \\___ \| ___/| | | | | || | | |
_| || |____ ____) |___) | | | |___| |__| || |_ | |
|_____\_____|_____/_____/|_| |______\____/_____| |_|
ICS Exploitation Framework
Note : ICSSPOLIT is fork from routersploit at
https://github.com/reverse-shell/routersploit
Dev Team : wenzhe zhu(dark-lbp)
Version : 0.1.0
Exploits: 2 Scanners: 0 Creds: 13
ICS Exploits:
PLC: 2 ICS Switch: 0
Software: 0
isf >
Exploits
isf > use exploits/plcs/
exploits/plcs/siemens/ exploits/plcs/vxworks/
isf > use exploits/plcs/siemens/s7_300_400_plc_control
exploits/plcs/siemens/s7_300_400_plc_control
isf > use exploits/plcs/siemens/s7_300_400_plc_control
isf (S7-300/400 PLC Control) >
You can use the tab key for completion.
Options
Display module options:
isf (S7-300/400 PLC Control) > show options
Target options:
Name Current settings Description
---- ---------------- -----------
target Target address e.g. 192.168.1.1
port 102 Target Port
Module options:
Name Current settings Description
---- ---------------- -----------
slot 2 CPU slot number.
command 1 Command 0:start plc, 1:stop plc.
isf (S7-300/400 PLC Control) >
Set options
isf (S7-300/400 PLC Control) > set target 192.168.70.210
[+] {'target': '192.168.70.210'}
Run module
isf (S7-300/400 PLC Control) > run
[*] Running module...
[+] Target is alive
[*] Sending packet to target
[*] Stop plc
isf (S7-300/400 PLC Control) >
Display information about exploit
isf (S7-300/400 PLC Control) > show info
Name:
S7-300/400 PLC Control
Description:
Use S7comm command to start/stop plc.
Devices:
- Siemens S7-300 and S7-400 programmable logic controllers (PLCs)
Authors:
- wenzhe zhu <jtrkid[at]gmail.com>
References:
isf (S7-300/400 PLC Control) >
Documents
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].