| Protocol | Modbus |
|---|---|
| Name | Modbus |
| Aliases | Modbus TCP |
| Description | Widely used industrial communication protocol |
| Port(s) | 502/tcp |
| Specifications | Modbus TCP Specification |
| Nmap script(s) | modbus-discover.nse, modicon-info.nse |
| Wireshark dissector | packet-mbtcp.c |
| Scapy layer | modbus.py |
| Example Pcap(s) | ICS-pcap Modbus, S4x15 ICS Village PCAP Files |
- Modbus Mesulog Standard Functions Help - Description for Modbus standard functions
- Articles about Modbus - Ozeki
- Introduction to Modbus and Modbus Function Codes - Shawn Dietrich, Control Automation (2023)
- Analyzing PIPEDREAM - Challenges in Testing an ICS Attack Toolkit - Jimmy Wylie @ DEF CON 30 (2022)
- Common Flaws in ICS Network Protocols - Mars Cheng & Selmon Yang @ Hack In The Box (2020)
- DEF CON 33 - There and Back Again: Detecting OT Devices Across Protocol Gateways - Rob King - @ DEF CON (2025)
- From Pass-the-Hash to Code Execution on Schneider Electric M340 PLCs - @ Black Hat (2025)
- Fun with Modbus 0x5a Nothing New Still Relevant? - Arnaud Soullié @ DEF CON 25 ICS Village (2017)
- Industrial Control Systems : Pentesting PLCs 101 (Part 1/2) - Arnaud Soullie @ Black Hat Europe (2014)
- Industrial Control Systems : Pentesting PLCs 101 (Part 2/2) - Arnaud Soullie @ Black Hat Europe (2014)
- Industrial Protocol Gateways Under Analysis - Marco Balduzzi @ Black Hat USA (2020)
- Industrial Protocol Gateways: A Deep-Dive of Moxa MGate 5105-MB-EIP - Philippe Lin @ Hack In The Box (2020)
- Modbus Enumeration | SANS ICS Concepts - @ SANS ICS Security (2021)
- Modbus Man-In-The-Middle | SANS ICS Concepts - @ SANS ICS Security (2021)
- Modbus Traffic Analysis | SANS ICS Concepts - @ SANS ICS Security (2021)
- ModScan: A SCADA MODBUS Network Scanner - Mark Bristow @ DEF CON 16 (2013)
- Out of Control: Demonstrating SCADA device exploitation - Eric Forner & Brian Meixell @ Black Hat USA (2013)
- Stealing PLC Intellectual Property: A Red Teaming Story - Matteo Beccaro @ Hack In The Box (2017)
- The SCADA That Didn't Cry Wolf- Who's Really Attacking Your ICS Devices - Kyle Wilhoit @ Black Hat USA (2013)
- Understanding SCADA's Modbus Protocol - Justin Searle @ Black Hat Asia (2015)
- Unraveling SCADA Protocols Using Sulley Fuzzer - Ganesh Devarajan @ DEF CON 15 (2014)