The first is a module called WinCC Harvest for the Metasploit penetration testing tool that allows an attacker to collect information from a SQL database within a Siemens SIMATIC WinCC SCADA system.