PLC scan

PLCscan is a tool designed for scanning and identifying Programmable Logic Controllers (PLCs) within a network. Widely used in industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems, PLCscan helps cybersecurity professionals and network administrators audit and secure industrial networks. It provides information about the configurations and status of PLCs, aiding in vulnerability assessments and system integrity maintenance in industrial settings.

Starting a PLC scan

Go to the directory of the script and type the following command:

sudo python2 -m plcscan.py [Target IP address]

If successful, there will be the output:

Scan start...
Scan complete

Interesting information includes :

name of the Server
PLC
Model and serial number will be shown.
CPU type
memory card.

example of the PLC scn output: nmap UDP

Keys	Action
`?`	Open this help
`n`	Next page
`p`	Previous page
`s`	Search