sixnet-tools Logo

sixnet-tools

0
Free
Visit Website

Tool for exploiting Sixnet RTUs. Abstract: Supervisory Control and Data Acquisition (SCADA) networks and devices are the computational brains behind the nation’s infrastructure. They monitor and control industrial machinery in power plants, oil and gas lines, assembly lines, and etcetera. There exist programmable logic controllers and remote terminal units sitting on these SCADA networks that are critically lacking in some of the most basic security processes and controls. This paper and the corresponding project are meant to highlight such a weakness at the application level of Sixnet SCADA devices. The tool detailed in this project is written in Python and allows an attacker to gain root level access to these Sixnet devices with very little effort. The Project: There are three aspects to a basic SCADA network. The network itself is the medium through which the endpoints communicate with each other. These networks are very similar to corporate local area or wide area networks and may consist of various routing and switching components. Ideally a SCADA network is a completely isolated subnet of a greater corporate network and out of reach of the internet. Another aspe

FEATURES

ALTERNATIVES

A login cracker that can be used to crack many types of authentication protocols.

Caldera is a cybersecurity framework by MITRE for automated security assessments and adversary emulation.

A macOS Initial Access Payload Generator for penetration testing and red teaming exercises.

DET (extensible) Data Exfiltration Toolkit is a proof of concept tool for performing Data Exfiltration using multiple channels simultaneously.

A Python-based tool for identifying and exploiting file inclusion and directory traversal vulnerabilities in web applications.

A tool for Local File Inclusion (LFI) exploitation and scanning

A collection of scripts for Turbo Intruder, a penetration testing tool

Emulate operating systems behind SSH servers for testing automation.