MEA (Modbus Exposure Analyzer) is a Python-based tool I developed for assessing the exposure of Modbus devices in ICS/OT environments. It uses passive behavioral analysis, entropy measurements, and register monitoring to help security researchers, pentesters, and blue teams safely evaluate device exposure and risk. This article explains the architecture, workflow, and practical use cases of MEA.
ICS/OT networks often have devices that are publicly exposed, misconfigured, or simulated. MEA helps professionals identify real vs simulated Modbus devices, assess exposure, and generate audit-ready reports — all without impacting operations.
All features and code are available at MEA GitHub Repository
Explore all my projects on GitHub: 404saint
Top comments (0)