Which industrial protocols are utilized for native queries?

The skill guides the use of standard industrial protocols like Modbus FC43, S7 SZL reads, and CIP Identity queries to safely extract asset data.

Why is passive scanning preferred in OT environments?

Passive scanning identifies vulnerabilities by analyzing mirrored network traffic without sending any packets to devices, which eliminates the risk of crashing sensitive legacy industrial controllers.

Can I use this for regulatory compliance audits?

Absolutely. It is designed to help organizations meet vulnerability assessment requirements for frameworks like NERC CIP, IEC 62443, and NIST CSF 2.0.

Does this skill support active scanning of PLCs?

Yes, but it is strictly controlled. The skill mandates 'native protocol queries' or 'controlled active' modes that require change management approval and maintenance windows to ensure safety.

Safe OT Vulnerability Scanning

Name: Safe OT Vulnerability Scanning
Author: mukul975

bymukul975

•

4,121

•

安全与测试

Identifies vulnerabilities in industrial control systems safely using passive monitoring and native protocol queries to prevent operational disruptions.

This skill provides a structured framework and automated logic for conducting vulnerability assessments within sensitive Operational Technology (OT) and Industrial Control Systems (ICS). It emphasizes a safety-first approach by orchestrating passive traffic analysis and native industrial protocol queries, ensuring that legacy PLCs and controllers remain stable during the discovery process. By integrating with specialized platforms like Tenable OT Security, the skill helps security teams meet strict compliance standards such as IEC 62443 and NERC CIP while providing risk-based prioritization that accounts for the unique physical safety and availability requirements of industrial environments.

主要功能

01Multi-tier safety logic: Passive, Native Protocol Query, and Controlled Active scanning

02Compliance mapping for NIST CSF, IEC 62443, and NERC CIP audits

03Risk-prioritized reporting based on OT-specific impact and CVSS scores

04Seamless integration with Tenable OT Security (Indegy) API

05Automated safety prerequisite validation for critical industrial assets

064,121 GitHub stars

使用场景

01Establishing continuous risk monitoring in production OT environments for NERC CIP compliance

02Performing vulnerability audits on legacy industrial controllers without risking downtime

03Validating compensating controls for unpatchable ICS devices in a manufacturing environment

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add mukul975/anthropic-cybersecurity-skills performing-ot-vulnerability-scanning-safely

For use in Claude.ai and ChatGPT

主要功能

01Multi-tier safety logic: Passive, Native Protocol Query, and Controlled Active scanning

02Compliance mapping for NIST CSF, IEC 62443, and NERC CIP audits

03Risk-prioritized reporting based on OT-specific impact and CVSS scores

04Seamless integration with Tenable OT Security (Indegy) API

05Automated safety prerequisite validation for critical industrial assets

064,121 GitHub stars

使用场景

01Establishing continuous risk monitoring in production OT environments for NERC CIP compliance

02Performing vulnerability audits on legacy industrial controllers without risking downtime

03Validating compensating controls for unpatchable ICS devices in a manufacturing environment

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add mukul975/anthropic-cybersecurity-skills performing-ot-vulnerability-scanning-safely

For use in Claude.ai and ChatGPT