creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-13 22:54:53 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/performing-scada-hmi-security-assessment/references/api-reference.md
T
mukul975 c21af3347e Complete folder anatomy for all 649 cybersecurity skills + update LICENSE to Mahipal 
- Add scripts/agent.py and references/api-reference.md to all remaining skills
- Update all 648 LICENSE files: copyright now reads 'Mahipal'
- Add implementing-security-monitoring-with-datadog (new skill with full anatomy)
- All 649 skills now have: SKILL.md, LICENSE, scripts/agent.py, references/api-reference.md
2026-03-11 00:22:12 +01:00

2.5 KiB
Raw Blame History

SCADA HMI Security Assessment - API Reference

SCADA Protocol Ports

Port Protocol Description
102 S7comm Siemens S7 PLC communication
502 Modbus TCP Industrial automation protocol
2222 EtherNet/IP Allen-Bradley, Rockwell
4840 OPC UA Open Platform Communications Unified Architecture
20000 DNP3 Distributed Network Protocol
47808 BACnet Building Automation and Control

Port Scanning (socket stdlib)

import socket
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.settimeout(2.0)
result = sock.connect_ex((target, port))  # 0 = open
sock.close()

pyshark for Protocol Analysis

import pyshark
cap = pyshark.FileCapture("traffic.pcap")
for pkt in cap:
    for layer in pkt.layers:
        print(layer.layer_name)  # modbus, s7comm, dnp3, etc.
cap.close()

Insecure SCADA Protocols

These protocols lack built-in encryption and authentication:

  • Modbus TCP - No auth, no encryption, commands in plaintext
  • S7comm - No auth (pre-V4), no encryption
  • DNP3 - Optional Secure Authentication (SA), rarely deployed
  • BACnet - No native security mechanisms
  • EtherNet/IP - No encryption, device enumeration possible

HMI Configuration Checks

Check Severity Description
Authentication disabled Critical HMI allows anonymous access
No session timeout High Sessions persist indefinitely
TLS disabled High Communications in plaintext
Remote access without VPN Critical HMI exposed without tunnel
No RBAC High Single role or no access control
Default credentials Critical Factory-default username/password

Common Default Credentials

Username Password Platform
admin admin Generic HMI
admin 1234 Siemens WinCC
operator operator Wonderware
engineer engineer GE iFIX
guest guest Various

ICS Security Standards

  • IEC 62443 - Industrial communication network security
  • NIST SP 800-82 - Guide to ICS Security
  • NERC CIP - Critical Infrastructure Protection (power grid)

Output Schema

{
  "report": "scada_hmi_security_assessment",
  "target": "192.168.1.100",
  "total_findings": 6,
  "severity_summary": {"critical": 2, "high": 3, "medium": 1},
  "findings": [{"type": "open_scada_port", "severity": "high"}]
}

CLI Usage

python agent.py --target 192.168.1.100 --pcap traffic.pcap --config hmi.json --output report.json
Reference in New Issue View Git Blame Copy Permalink