Independent security research focused on Industrial Control Systems (ICS), SCADA networks, and Operational Technology (OT) environments.
35+ vulnerabilities identified across critical infrastructure protection systems through systematic vulnerability research, static firmware analysis, and protocol security assessment.
- Firmware Reverse Engineering: Binary analysis of ICS/SCADA firmware (ARM, PowerPC, x86)
- Protocol Security: Vulnerability research in Modbus, DNP3, IEC 61850, IEC 60870-5-104
- Penetration Testing: Security assessment methodologies for operational technology
- Exploit Development: Proof-of-concept development for authentication bypass, privilege escalation, information disclosure
Critical Authentication Vulnerabilities in GE Vernova Universal Relay Platform — IEC 60870-5-104 Protocol Implementation CVSS 9.8 | 19 Product Lines | 15+ Years | Publicly Disclosed March 2026
Full technical white paper available at: https://vulnhunterai.com/research
Active disclosure period: February 2026 — August 2026
All vulnerability research coordinated through CISA ICS-CERT following responsible disclosure practices. Additional research reports are cleared for public release and will be published in the coming months.
All content is for authorized security testing and educational purposes only.
- Demonstrations performed in isolated lab environments
- No unauthorized access to production systems
- All research follows responsible disclosure practices
- Unauthorized access to industrial control systems is illegal
- Blog: Security Research Blog — Technical write-ups and analysis
- Consulting: VulnHunter AI — Independent ICS and OT security consulting
- LinkedIn: Professional Profile
- Email: [email protected]
- LinkedIn: ryan-sharpnack-ics-security
For security vulnerability reports in published code, see SECURITY.md
MIT License — See LICENSE file for details.
Star this repository to receive notifications when new research materials are published!
Watch releases to be alerted when additional technical reports publish.