Skip to content

cyprobe v0.1.0 — OT/SCADA Discovery

Choose a tag to compare

View all tags
@anandlingaraj anandlingaraj released this 17 Apr 04:58
· 10 commits to main since this release
v0.1.0
adee5b4

cyprobe v0.1.0 — OT/SCADA Network Discovery & Posture Probe

First release of Cybrium's OT security probe. Passive + active industrial device fingerprinting.

Commands

cyprobe passive  --interface eth0           # sniff + fingerprint OT traffic
cyprobe active   --targets 10.0.1.0/24 --active-confirm  # read-only probes
cyprobe audit    --file assets.json --rules rules/ot      # posture check
cyprobe upload   --file assets.json --token $TOKEN        # push to platform

Protocols

  • Modbus TCP — MBAP parser, FC 0x2B device identification
  • DNP3 — frame parser, source/dest address extraction
  • Port fingerprinting for S7comm, OPC UA, BACnet, EtherNet/IP, IEC 104, MQTT

Posture Rules (3 seed)

  • OT-UNENCRYPTED-MODBUS (high) — cleartext register traffic
  • OT-UNENCRYPTED-DNP3 (high) — no Secure Authentication
  • OT-OPEN-ENGINEERING (critical) — S7/CIP/BACnet on non-eng subnet

Safety

Passive by default. Active requires --active-confirm. Read-only probes only. Rate limited. Audit logged.

Build

cargo install --path .
# or
cargo build --release

Binary releases (prebuilt linux/amd64 + darwin/arm64) coming in v0.2.0.

Assets 7
Loading