cutaway/SCADA Tools

## SCADA Tools
# Vendor Documentation

* User manauals and administrative documents for all equiment

# Python Tools

* CPPPO - CIP module
* pyModbus - modbus module
* OPCUA - opc-ua module

# Windows Tools

* Commando VM: https://github.com/fireeye/commando-vm
* Vendor management software
* Active Directory Tools
 * Remote Server Administration Tools (ADUC): https://www.microsoft.com/en-us/download/details.aspx?id=45520
  * Might be installed by Commando VM
* PowerShell Scripts
 * Invoke-TrimarcADChecks.ps1: https://www.hub.trimarcsecurity.com/post/securing-active-directory-performing-an-active-directory-security-review
 * CHAPS: https://github.com/cutaway-security/chaps

# Kali Tools

* Packet Analysis Tools
 * CyberLens from Dragos: https://www.dragos.com/community-tools/
 * Grassmarlin: https://github.com/nsacyber/GRASSMARLIN
* Burp Suite Commercial: https://portswigger.net/burp/communitydownload
* Install PIPENV
 * Be sure that PIPENV is installed. Will need to install and run in each tool directory, seperately, to install packages for that tool
* Modbus TCP Get - mbtget: https://github.com/sourceperl/mbtget.git
* Metasploit OPC-UA: https://github.com/COMSYS/msf-opcua
 * Requires Python3 and OPCUA module
  * sudo apt install python3 python3-pip
  * pip3 install opcua
* Scada-Tools: https://github.com/atimorin/scada-tools
* Modbus-Scanner: https://github.com/arnaudsoullie/modbus-scanner
 * Requires rmodbus gem:
  * sudo gem install rmodbus
* Industrial Exploitation Framework: https://github.com/dark-lbp/isf
 * Update Kali Repo
 * Install Python Pip:
  * sudo apt install python-pip
 * Install Python modules:
  * pip install -r requirements
* Ghidra: https://ghidra-sre.org/ghidra_9.1.2_PUBLIC_20200212.zip
 * Install AdoptOpenJDK
   * https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.8%2B10/OpenJDK11U-jdk_x64_linux_hotspot_11.0.8_10.tar.gz
* Goose Tool: https://github.com/cutaway/goose-IEC61850-scapy

# Concepts

* MMS IEC61850 https://github.com/mz-automation/libiec61850
* Exploiting GOOSE Protocol http://ecee.colorado.edu/~ekeller/classes/fall2014_advsec/papers/goose_globecomm12.pdf
	# Vendor Documentation

	* User manauals and administrative documents for all equiment

	# Python Tools

	* CPPPO - CIP module
	* pyModbus - modbus module
	* OPCUA - opc-ua module

	# Windows Tools

	* Commando VM: https://github.com/fireeye/commando-vm
	* Vendor management software
	* Active Directory Tools
	* Remote Server Administration Tools (ADUC): https://www.microsoft.com/en-us/download/details.aspx?id=45520
	* Might be installed by Commando VM
	* PowerShell Scripts
	* Invoke-TrimarcADChecks.ps1: https://www.hub.trimarcsecurity.com/post/securing-active-directory-performing-an-active-directory-security-review
	* CHAPS: https://github.com/cutaway-security/chaps

	# Kali Tools

	* Packet Analysis Tools
	* CyberLens from Dragos: https://www.dragos.com/community-tools/
	* Grassmarlin: https://github.com/nsacyber/GRASSMARLIN
	* Burp Suite Commercial: https://portswigger.net/burp/communitydownload
	* Install PIPENV
	* Be sure that PIPENV is installed. Will need to install and run in each tool directory, seperately, to install packages for that tool
	* Modbus TCP Get - mbtget: https://github.com/sourceperl/mbtget.git
	* Metasploit OPC-UA: https://github.com/COMSYS/msf-opcua
	* Requires Python3 and OPCUA module
	* sudo apt install python3 python3-pip
	* pip3 install opcua
	* Scada-Tools: https://github.com/atimorin/scada-tools
	* Modbus-Scanner: https://github.com/arnaudsoullie/modbus-scanner
	* Requires rmodbus gem:
	* sudo gem install rmodbus
	* Industrial Exploitation Framework: https://github.com/dark-lbp/isf
	* Update Kali Repo
	* Install Python Pip:
	* sudo apt install python-pip
	* Install Python modules:
	* pip install -r requirements
	* Ghidra: https://ghidra-sre.org/ghidra_9.1.2_PUBLIC_20200212.zip
	* Install AdoptOpenJDK
	* https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.8%2B10/OpenJDK11U-jdk_x64_linux_hotspot_11.0.8_10.tar.gz
	* Goose Tool: https://github.com/cutaway/goose-IEC61850-scapy

	# Concepts

	* MMS IEC61850 https://github.com/mz-automation/libiec61850
	* Exploiting GOOSE Protocol http://ecee.colorado.edu/~ekeller/classes/fall2014_advsec/papers/goose_globecomm12.pdf