ModRTU_InjectX is a Python-based research tool with a graphical user interface, specifically designed for real-time monitoring, analysis, and command injection simulation within Modbus RTU industrial communication systems. The platform enables users to craft custom data packets and inject them into the serial communication channel using event-driven logic, effectively modelling realistic cyberattack scenarios. All communication is logged and can be exported in structured formats, making the system ideal for creating annotated datasets for training and validating machine learning-based intrusion detection systems. The tool supports parallel injection block configurations, evaluates attack effectiveness, and provides detailed statistical summaries. ModRTU_InjectX serves as a valuable contribution to the research infrastructure for industrial cybersecurity.

The Modbus TCP/IP protocol, widely adopted in industrial communications, lacks essential security features, making it vulnerable to cyberattacks such as TCP Connection Exhaustion. This paper proposes a machine learning-based detection framework using the Random Forest (RF) algorithm to identify malicious traffic in Operational Technology (OT) networks. A simulated testbed was created using virtual machines to emulate Modbus server-client communication under normal and attack conditions. Our model achieved F1-score of 99.83 %, precision of 99.9 %, and recall of 99.7 %, clearly demonstrating its accuracy and robustness. These results validate the proposed approach as a lightweight, real-time, and effective intrusion detection system suitable for resource-constrained industrial environments.