├── .gitignore ├── .repotype ├── CMakeLists.txt ├── Jenkinsfile ├── LICENSE.txt ├── Makefile ├── NOTICE.txt ├── README.md ├── configure ├── configure.plugin ├── scripts ├── __load__.zeek ├── __preload__.zeek ├── consts.zeek └── icsnpp │ └── s7comm │ ├── __load__.zeek │ ├── dpd.sig │ ├── files.zeek │ └── main.zeek ├── src ├── Plugin.cc ├── Plugin.h ├── S7COMM.cc ├── S7COMM.h ├── consts.pac ├── events.bif ├── s7comm-analyzer.pac ├── s7comm-protocol.pac └── s7comm.pac ├── testing ├── .gitignore ├── analyzer │ ├── availability.zeek │ ├── s7comm_plus.zeek │ ├── s7ident.zeek │ └── snap7.zeek ├── baseline │ ├── analyzer.s7comm_plus │ │ ├── conn.log │ │ ├── cotp.log │ │ ├── s7comm.log │ │ └── s7comm_plus.log │ ├── analyzer.s7ident │ │ ├── cotp.log │ │ ├── s7comm.log │ │ └── s7comm_known_devices.log │ └── analyzer.snap7 │ │ ├── conn.log │ │ ├── cotp.log │ │ ├── s7comm.log │ │ ├── s7comm_read_szl.log │ │ └── s7comm_upload_download.log ├── btest.cfg ├── files │ └── random.seed ├── scripts │ ├── diff-remove-timestamps │ └── get-zeek-env └── traces │ ├── s7comm_plus.pcap │ ├── s7ident.pcap │ └── snap7.pcap └── zkg.meta /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/.gitignore -------------------------------------------------------------------------------- /.repotype: -------------------------------------------------------------------------------- 1 | BINPAC 2 | -------------------------------------------------------------------------------- /CMakeLists.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/CMakeLists.txt -------------------------------------------------------------------------------- /Jenkinsfile: -------------------------------------------------------------------------------- 1 | @Library('CISAGOV Jenkins') _ 2 | build() -------------------------------------------------------------------------------- /LICENSE.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/LICENSE.txt -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/Makefile -------------------------------------------------------------------------------- /NOTICE.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/NOTICE.txt -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/README.md -------------------------------------------------------------------------------- /configure: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/configure -------------------------------------------------------------------------------- /configure.plugin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/configure.plugin -------------------------------------------------------------------------------- /scripts/__load__.zeek: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/scripts/__load__.zeek -------------------------------------------------------------------------------- /scripts/__preload__.zeek: -------------------------------------------------------------------------------- 1 | @load ./consts 2 | -------------------------------------------------------------------------------- /scripts/consts.zeek: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/scripts/consts.zeek -------------------------------------------------------------------------------- /scripts/icsnpp/s7comm/__load__.zeek: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/scripts/icsnpp/s7comm/__load__.zeek -------------------------------------------------------------------------------- /scripts/icsnpp/s7comm/dpd.sig: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/scripts/icsnpp/s7comm/dpd.sig -------------------------------------------------------------------------------- /scripts/icsnpp/s7comm/files.zeek: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/scripts/icsnpp/s7comm/files.zeek -------------------------------------------------------------------------------- /scripts/icsnpp/s7comm/main.zeek: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/scripts/icsnpp/s7comm/main.zeek -------------------------------------------------------------------------------- /src/Plugin.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/src/Plugin.cc -------------------------------------------------------------------------------- /src/Plugin.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/src/Plugin.h -------------------------------------------------------------------------------- /src/S7COMM.cc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/src/S7COMM.cc -------------------------------------------------------------------------------- /src/S7COMM.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/src/S7COMM.h -------------------------------------------------------------------------------- /src/consts.pac: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/src/consts.pac -------------------------------------------------------------------------------- /src/events.bif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/src/events.bif -------------------------------------------------------------------------------- /src/s7comm-analyzer.pac: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/src/s7comm-analyzer.pac -------------------------------------------------------------------------------- /src/s7comm-protocol.pac: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/src/s7comm-protocol.pac -------------------------------------------------------------------------------- /src/s7comm.pac: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/src/s7comm.pac -------------------------------------------------------------------------------- /testing/.gitignore: -------------------------------------------------------------------------------- 1 | .tmp 2 | .btest.failed.dat 3 | -------------------------------------------------------------------------------- /testing/analyzer/availability.zeek: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/testing/analyzer/availability.zeek -------------------------------------------------------------------------------- /testing/analyzer/s7comm_plus.zeek: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/testing/analyzer/s7comm_plus.zeek -------------------------------------------------------------------------------- /testing/analyzer/s7ident.zeek: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/testing/analyzer/s7ident.zeek -------------------------------------------------------------------------------- /testing/analyzer/snap7.zeek: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/testing/analyzer/snap7.zeek -------------------------------------------------------------------------------- /testing/baseline/analyzer.s7comm_plus/conn.log: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/testing/baseline/analyzer.s7comm_plus/conn.log -------------------------------------------------------------------------------- /testing/baseline/analyzer.s7comm_plus/cotp.log: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/testing/baseline/analyzer.s7comm_plus/cotp.log -------------------------------------------------------------------------------- /testing/baseline/analyzer.s7comm_plus/s7comm.log: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/testing/baseline/analyzer.s7comm_plus/s7comm.log -------------------------------------------------------------------------------- /testing/baseline/analyzer.s7comm_plus/s7comm_plus.log: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/testing/baseline/analyzer.s7comm_plus/s7comm_plus.log -------------------------------------------------------------------------------- /testing/baseline/analyzer.s7ident/cotp.log: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/testing/baseline/analyzer.s7ident/cotp.log -------------------------------------------------------------------------------- /testing/baseline/analyzer.s7ident/s7comm.log: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/testing/baseline/analyzer.s7ident/s7comm.log -------------------------------------------------------------------------------- /testing/baseline/analyzer.s7ident/s7comm_known_devices.log: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/testing/baseline/analyzer.s7ident/s7comm_known_devices.log -------------------------------------------------------------------------------- /testing/baseline/analyzer.snap7/conn.log: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/testing/baseline/analyzer.snap7/conn.log -------------------------------------------------------------------------------- /testing/baseline/analyzer.snap7/cotp.log: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/testing/baseline/analyzer.snap7/cotp.log -------------------------------------------------------------------------------- /testing/baseline/analyzer.snap7/s7comm.log: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/testing/baseline/analyzer.snap7/s7comm.log -------------------------------------------------------------------------------- /testing/baseline/analyzer.snap7/s7comm_read_szl.log: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/testing/baseline/analyzer.snap7/s7comm_read_szl.log -------------------------------------------------------------------------------- /testing/baseline/analyzer.snap7/s7comm_upload_download.log: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/testing/baseline/analyzer.snap7/s7comm_upload_download.log -------------------------------------------------------------------------------- /testing/btest.cfg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/testing/btest.cfg -------------------------------------------------------------------------------- /testing/files/random.seed: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/testing/files/random.seed -------------------------------------------------------------------------------- /testing/scripts/diff-remove-timestamps: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/testing/scripts/diff-remove-timestamps -------------------------------------------------------------------------------- /testing/scripts/get-zeek-env: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/testing/scripts/get-zeek-env -------------------------------------------------------------------------------- /testing/traces/s7comm_plus.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/testing/traces/s7comm_plus.pcap -------------------------------------------------------------------------------- /testing/traces/s7ident.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/testing/traces/s7ident.pcap -------------------------------------------------------------------------------- /testing/traces/snap7.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/testing/traces/snap7.pcap -------------------------------------------------------------------------------- /zkg.meta: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cisagov/icsnpp-s7comm/HEAD/zkg.meta --------------------------------------------------------------------------------