Basic ICS ransomware implementations in Python for the purpose of testing systems security.
The folder "BasicRansom" contains an exfiltration/encryption reverse shell for testing on HMI systems.
The folder "PyModbus" contains two exploits for Modbus vulnerabilities:
-
"actuatorState" demonstrates an actuator state injection via a MitM attack.
-
"setpointMod" demonstrates an alarm setpoint modification via external access.
-
"Basics" contains the fundamental Modbus client/server program used for both exploits.
All test exploits were executed on a virtual testbed that utilizes VirtualBox to simulate an ICS environment.