├── .gitignore ├── .repotype ├── CMakeLists.txt ├── Jenkinsfile ├── LICENSE.txt ├── Makefile ├── NOTICE.txt ├── README.md ├── configure ├── configure.plugin ├── scripts ├── __load__.zeek ├── __preload__.zeek ├── consts.zeek └── icsnpp │ └── enip │ ├── __load__.zeek │ ├── dpd.sig │ └── main.zeek ├── src ├── ENIP.cc ├── ENIP.h ├── Plugin.cc ├── Plugin.h ├── consts.pac ├── enip-analyzer.pac ├── enip-protocol.pac ├── enip-utilities.pac ├── enip.pac └── events.bif ├── testing ├── .gitignore ├── analyzer │ ├── availability.zeek │ ├── basic.zeek │ ├── multiple_service_request.zeek │ └── set_attr_single_service.zeek ├── baseline │ ├── analyzer.basic │ │ ├── cip.log │ │ ├── cip_identity.log │ │ ├── cip_io.log │ │ ├── conn.log │ │ └── enip.log │ ├── analyzer.multiple_service_request │ │ ├── cip.log │ │ └── enip.log │ └── analyzer.set_attr_single_service │ │ ├── cip.log │ │ └── enip.log ├── btest.cfg ├── files │ └── random.seed ├── scripts │ ├── diff-remove-timestamps │ └── get-zeek-env └── traces │ ├── enip_cip_example.pcap │ ├── multiple_service_packet_cip.pcapng │ └── set_attribute_single_service_cip.pcapng └── zkg.meta /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/.gitignore -------------------------------------------------------------------------------- /.repotype: -------------------------------------------------------------------------------- 1 | BINPAC 2 | -------------------------------------------------------------------------------- /CMakeLists.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/CMakeLists.txt -------------------------------------------------------------------------------- /Jenkinsfile: -------------------------------------------------------------------------------- 1 | @Library('CISAGOV Jenkins') _ 2 | build() -------------------------------------------------------------------------------- /LICENSE.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/LICENSE.txt -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/Makefile -------------------------------------------------------------------------------- /NOTICE.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/NOTICE.txt -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/README.md -------------------------------------------------------------------------------- /configure: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/configure -------------------------------------------------------------------------------- /configure.plugin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/configure.plugin -------------------------------------------------------------------------------- /scripts/__load__.zeek: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/scripts/__load__.zeek -------------------------------------------------------------------------------- /scripts/__preload__.zeek: -------------------------------------------------------------------------------- 1 | @load ./consts 2 | -------------------------------------------------------------------------------- /scripts/consts.zeek: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/scripts/consts.zeek -------------------------------------------------------------------------------- /scripts/icsnpp/enip/__load__.zeek: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/scripts/icsnpp/enip/__load__.zeek -------------------------------------------------------------------------------- /scripts/icsnpp/enip/dpd.sig: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/scripts/icsnpp/enip/dpd.sig -------------------------------------------------------------------------------- /scripts/icsnpp/enip/main.zeek: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/scripts/icsnpp/enip/main.zeek -------------------------------------------------------------------------------- /src/ENIP.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/src/ENIP.cc -------------------------------------------------------------------------------- /src/ENIP.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/src/ENIP.h -------------------------------------------------------------------------------- /src/Plugin.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/src/Plugin.cc -------------------------------------------------------------------------------- /src/Plugin.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/src/Plugin.h -------------------------------------------------------------------------------- /src/consts.pac: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/src/consts.pac -------------------------------------------------------------------------------- /src/enip-analyzer.pac: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/src/enip-analyzer.pac -------------------------------------------------------------------------------- /src/enip-protocol.pac: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/src/enip-protocol.pac -------------------------------------------------------------------------------- /src/enip-utilities.pac: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/src/enip-utilities.pac -------------------------------------------------------------------------------- /src/enip.pac: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/src/enip.pac -------------------------------------------------------------------------------- /src/events.bif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/src/events.bif -------------------------------------------------------------------------------- /testing/.gitignore: -------------------------------------------------------------------------------- 1 | .tmp 2 | .btest.failed.dat 3 | -------------------------------------------------------------------------------- /testing/analyzer/availability.zeek: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/testing/analyzer/availability.zeek -------------------------------------------------------------------------------- /testing/analyzer/basic.zeek: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/testing/analyzer/basic.zeek -------------------------------------------------------------------------------- /testing/analyzer/multiple_service_request.zeek: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/testing/analyzer/multiple_service_request.zeek -------------------------------------------------------------------------------- /testing/analyzer/set_attr_single_service.zeek: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/testing/analyzer/set_attr_single_service.zeek -------------------------------------------------------------------------------- /testing/baseline/analyzer.basic/cip.log: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/testing/baseline/analyzer.basic/cip.log -------------------------------------------------------------------------------- /testing/baseline/analyzer.basic/cip_identity.log: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/testing/baseline/analyzer.basic/cip_identity.log -------------------------------------------------------------------------------- /testing/baseline/analyzer.basic/cip_io.log: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/testing/baseline/analyzer.basic/cip_io.log -------------------------------------------------------------------------------- /testing/baseline/analyzer.basic/conn.log: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/testing/baseline/analyzer.basic/conn.log -------------------------------------------------------------------------------- /testing/baseline/analyzer.basic/enip.log: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/testing/baseline/analyzer.basic/enip.log -------------------------------------------------------------------------------- /testing/baseline/analyzer.multiple_service_request/cip.log: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/testing/baseline/analyzer.multiple_service_request/cip.log -------------------------------------------------------------------------------- /testing/baseline/analyzer.multiple_service_request/enip.log: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/testing/baseline/analyzer.multiple_service_request/enip.log -------------------------------------------------------------------------------- /testing/baseline/analyzer.set_attr_single_service/cip.log: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/testing/baseline/analyzer.set_attr_single_service/cip.log -------------------------------------------------------------------------------- /testing/baseline/analyzer.set_attr_single_service/enip.log: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/testing/baseline/analyzer.set_attr_single_service/enip.log -------------------------------------------------------------------------------- /testing/btest.cfg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/testing/btest.cfg -------------------------------------------------------------------------------- /testing/files/random.seed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/testing/files/random.seed -------------------------------------------------------------------------------- /testing/scripts/diff-remove-timestamps: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/testing/scripts/diff-remove-timestamps -------------------------------------------------------------------------------- /testing/scripts/get-zeek-env: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/testing/scripts/get-zeek-env -------------------------------------------------------------------------------- /testing/traces/enip_cip_example.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/testing/traces/enip_cip_example.pcap -------------------------------------------------------------------------------- /testing/traces/multiple_service_packet_cip.pcapng: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/testing/traces/multiple_service_packet_cip.pcapng -------------------------------------------------------------------------------- /testing/traces/set_attribute_single_service_cip.pcapng: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/testing/traces/set_attribute_single_service_cip.pcapng -------------------------------------------------------------------------------- /zkg.meta: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-enip/HEAD/zkg.meta --------------------------------------------------------------------------------