# OTSec — Offensive OT/IoT Security Toolkit
**OTSec** is a professional-grade toolkit designed for offensive security testing and auditing of OT (Operational Technology) and IoT (Internet of Things) environments. It enables red teamers, security researchers, and industrial penetration testers to interact with and assess real-world OT/ICS/IoT networks in a safe and modular manner.
---
## 🧭 Introduction
Operational Technology systems power critical infrastructure like factories, smart buildings, utilities, and transport systems. Many of these systems rely on insecure-by-design protocols and legacy devices with minimal authentication, leaving them vulnerable to attacks.
**OTSec** is a Python-based toolkit built to bridge the gap between offensive security needs and OT protocol understanding. It gives professionals a modular, scriptable, and extensible interface for scanning, fingerprinting, and manipulating OT/IoT protocols like Modbus, BACnet, MQTT, and more.
OTSec is suitable for:
- Industrial penetration tests
- Smart building assessments
- Red team infrastructure compromise
- Embedded system testing
- OT/IoT protocol experimentation
---
## 🚀 Features
| Feature | Description |
|------------------------|-----------------------------------------------------------------------------|
| Device Discovery | Perform fast discovery of OT/IoT devices using active fingerprinting |
| Protocol Detection | Identify exposed services and protocols (Modbus, MQTT, BACnet, RTSP, etc.) |
| Vulnerability Mapping | Match banners with known CVEs or risky patterns |
| Packet Injection | Send custom Modbus packets to simulate attacks (lab safe only) |
| Auth & Config Checks | Discover default credentials and legacy services |
| Interactive Shell | Use the OTSec command shell for quick commands & module chaining |
| YAML-Based DB | Customizable vulnerability and protocol hints DB |
| Screenshot Friendly | Color-coded output and banners for clear visual representation |
---
## 📦 Installation
### Recommended (Simple Usage)
```bash
git clone https://github.com/omar-tamerr/OTSec
cd OTSec
pip install -r requirements.txt
python3 run_otsec.py shell
```
> ✅ No virtual environment needed — just install requirements and start the tool.
---
## 🔧 Usage
### Start the Shell
```bash
python3 run_otsec.py shell
```
### Run a Safe Scan
```bash
python3 run_otsec.py scan 192.168.1.0/24 --safe
```
### Read Modbus Registers
```bash
python3 run_otsec.py modbus-read --host 192.168.1.50 --start 0 --count 5
```
### Inject Modbus Command (lab use only)
```bash
python3 run_otsec.py inject --host 192.168.1.50 --function write_single_register --address 1 --value 1234
```
---
## 🖼️ Screenshots (With Descriptions)
### 1. Interactive Shell Launch
The entry point into the interactive mode of OTSec. Commands like `scan`, `inject`, or `modbus-read` can be typed here.
### 2. Help Page
Full command help with descriptions and parameters.
### 3. Modbus Read
Reads Modbus holding registers from an OT device.
### 4. Inject Modbus (Lab Safe)
Sends custom Modbus write operations (safe in lab only).
### 5. Safe Scan
Performs TCP banner grabbing to identify OT/IoT protocols safely.
### 6. Vulnerability Scan
Matches banners with known CVEs and weak configurations.
### 7. Info Pages
Quick protocol hints and threat intelligence built into the shell.
---
## 📁 Directory Structure
```
src/
├── otsec/
│ ├── cli.py # CLI entry point
│ ├── core/ # Scanning, injection, shell modules
│ ├── data/vulns.yaml # Fingerprints and CVEs
│ └── img/ # Screenshots and documentation visuals
run_otsec.py # Unified entry point script
requirements.txt # Required packages
```
---
## 📄 License
All rights reserved © Omar Tamer
This software is intended for authorized testing, training, and research only.
---
## 🌐 Author
- **Name**: Omar Tamer
- **Title**: Offensive Security Researcher | ICS/IoT Pentester
- **Website**: [omar-tamerr.github.io](https://omar-tamerr.github.io)
- **LinkedIn**: [linkedin.com/in/omar-tamer](https://www.linkedin.com/in/omar-tamer-1a986b2a7)
- **YouTube**: [OTSec Channel](https://www.youtube.com/@OTSec)
- **GitHub**: [github.com/omar-tamerr](https://github.com/omar-tamerr)
- **Contact**: Available on website or via LinkedIn
Raw data
{
"_id": null,
"home_page": null,
"name": "otsec",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.10",
"maintainer_email": null,
"keywords": "ot, iot, ics, modbus, security, pentesting, redteam, network-scanner, python, kali-linux",
"author": null,
"author_email": null,
"download_url": "https://files.pythonhosted.org/packages/84/10/b3e8a6cca8fb42b05931be017a5699e79537b7d0203b23135335a92bda1b/otsec-0.1.1.tar.gz",
"platform": null,
"description": "\n# OTSec \u2014 Offensive OT/IoT Security Toolkit\n\n**OTSec** is a professional-grade toolkit designed for offensive security testing and auditing of OT (Operational Technology) and IoT (Internet of Things) environments. It enables red teamers, security researchers, and industrial penetration testers to interact with and assess real-world OT/ICS/IoT networks in a safe and modular manner.\n\n---\n\n## \ud83e\udded Introduction\n\nOperational Technology systems power critical infrastructure like factories, smart buildings, utilities, and transport systems. Many of these systems rely on insecure-by-design protocols and legacy devices with minimal authentication, leaving them vulnerable to attacks.\n\n**OTSec** is a Python-based toolkit built to bridge the gap between offensive security needs and OT protocol understanding. It gives professionals a modular, scriptable, and extensible interface for scanning, fingerprinting, and manipulating OT/IoT protocols like Modbus, BACnet, MQTT, and more.\n\nOTSec is suitable for:\n\n- Industrial penetration tests\n- Smart building assessments\n- Red team infrastructure compromise\n- Embedded system testing\n- OT/IoT protocol experimentation\n\n---\n\n## \ud83d\ude80 Features\n\n| Feature | Description |\n|------------------------|-----------------------------------------------------------------------------|\n| Device Discovery | Perform fast discovery of OT/IoT devices using active fingerprinting |\n| Protocol Detection | Identify exposed services and protocols (Modbus, MQTT, BACnet, RTSP, etc.) |\n| Vulnerability Mapping | Match banners with known CVEs or risky patterns |\n| Packet Injection | Send custom Modbus packets to simulate attacks (lab safe only) |\n| Auth & Config Checks | Discover default credentials and legacy services |\n| Interactive Shell | Use the OTSec command shell for quick commands & module chaining |\n| YAML-Based DB | Customizable vulnerability and protocol hints DB |\n| Screenshot Friendly | Color-coded output and banners for clear visual representation |\n\n---\n\n## \ud83d\udce6 Installation\n\n### Recommended (Simple Usage)\n\n```bash\ngit clone https://github.com/omar-tamerr/OTSec\ncd OTSec\npip install -r requirements.txt\npython3 run_otsec.py shell\n```\n\n> \u2705 No virtual environment needed \u2014 just install requirements and start the tool.\n\n---\n\n## \ud83d\udd27 Usage\n\n### Start the Shell\n\n```bash\npython3 run_otsec.py shell\n```\n\n### Run a Safe Scan\n\n```bash\npython3 run_otsec.py scan 192.168.1.0/24 --safe\n```\n\n### Read Modbus Registers\n\n```bash\npython3 run_otsec.py modbus-read --host 192.168.1.50 --start 0 --count 5\n```\n\n### Inject Modbus Command (lab use only)\n\n```bash\npython3 run_otsec.py inject --host 192.168.1.50 --function write_single_register --address 1 --value 1234\n```\n\n---\n\n## \ud83d\uddbc\ufe0f Screenshots (With Descriptions)\n\n### 1. Interactive Shell Launch\n \nThe entry point into the interactive mode of OTSec. Commands like `scan`, `inject`, or `modbus-read` can be typed here.\n\n### 2. Help Page\n \nFull command help with descriptions and parameters.\n\n### 3. Modbus Read\n \nReads Modbus holding registers from an OT device.\n\n### 4. Inject Modbus (Lab Safe)\n \nSends custom Modbus write operations (safe in lab only).\n\n### 5. Safe Scan\n \nPerforms TCP banner grabbing to identify OT/IoT protocols safely.\n\n### 6. Vulnerability Scan\n \nMatches banners with known CVEs and weak configurations.\n\n### 7. Info Pages\n \nQuick protocol hints and threat intelligence built into the shell.\n\n---\n\n## \ud83d\udcc1 Directory Structure\n\n```\nsrc/\n\u251c\u2500\u2500 otsec/\n\u2502 \u251c\u2500\u2500 cli.py # CLI entry point\n\u2502 \u251c\u2500\u2500 core/ # Scanning, injection, shell modules\n\u2502 \u251c\u2500\u2500 data/vulns.yaml # Fingerprints and CVEs\n\u2502 \u2514\u2500\u2500 img/ # Screenshots and documentation visuals\nrun_otsec.py # Unified entry point script\nrequirements.txt # Required packages\n```\n\n---\n\n## \ud83d\udcc4 License\n\nAll rights reserved \u00a9 Omar Tamer \nThis software is intended for authorized testing, training, and research only.\n\n---\n\n## \ud83c\udf10 Author\n\n- **Name**: Omar Tamer \n- **Title**: Offensive Security Researcher | ICS/IoT Pentester \n- **Website**: [omar-tamerr.github.io](https://omar-tamerr.github.io) \n- **LinkedIn**: [linkedin.com/in/omar-tamer](https://www.linkedin.com/in/omar-tamer-1a986b2a7) \n- **YouTube**: [OTSec Channel](https://www.youtube.com/@OTSec) \n- **GitHub**: [github.com/omar-tamerr](https://github.com/omar-tamerr) \n- **Contact**: Available on website or via LinkedIn\n\n",
"bugtrack_url": null,
"license": "All Rights Reserved",
"summary": "Offensive OT/IoT Security Toolkit",
"version": "0.1.1",
"project_urls": null,
"split_keywords": [
"ot",
" iot",
" ics",
" modbus",
" security",
" pentesting",
" redteam",
" network-scanner",
" python",
" kali-linux"
],
"urls": [
{
"comment_text": null,
"digests": {
"blake2b_256": "259c97c2a398bf318c220490d7ac342e640cf1a23ed57d487dda42d9ef0bd569",
"md5": "a3bba6830cdb0685dda288aef63cf853",
"sha256": "06a438cfd5da45508379364061176549b8162b676ccb7db3697c55f167878595"
},
"downloads": -1,
"filename": "otsec-0.1.1-py3-none-any.whl",
"has_sig": false,
"md5_digest": "a3bba6830cdb0685dda288aef63cf853",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.10",
"size": 23726,
"upload_time": "2025-08-28T22:15:55",
"upload_time_iso_8601": "2025-08-28T22:15:55.421707Z",
"url": "https://files.pythonhosted.org/packages/25/9c/97c2a398bf318c220490d7ac342e640cf1a23ed57d487dda42d9ef0bd569/otsec-0.1.1-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": null,
"digests": {
"blake2b_256": "8410b3e8a6cca8fb42b05931be017a5699e79537b7d0203b23135335a92bda1b",
"md5": "7cdc723023ec96c85d163f10ebf02773",
"sha256": "52bd6383d24cfbdb05ef2115d95a24d012215e787c0c8b75d39e16d4cf35b04e"
},
"downloads": -1,
"filename": "otsec-0.1.1.tar.gz",
"has_sig": false,
"md5_digest": "7cdc723023ec96c85d163f10ebf02773",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.10",
"size": 22352,
"upload_time": "2025-08-28T22:15:56",
"upload_time_iso_8601": "2025-08-28T22:15:56.478063Z",
"url": "https://files.pythonhosted.org/packages/84/10/b3e8a6cca8fb42b05931be017a5699e79537b7d0203b23135335a92bda1b/otsec-0.1.1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-08-28 22:15:56",
"github": false,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"lcname": "otsec"
}
JSON