CrySyS / bro-step7-plugin
A proof of concept implementation of the Siemens S7 protocol analyser for the Bro IDS.
☆16Updated 7 years ago
Related projects ⓘ
Alternatives and complementary repositories for bro-step7-plugin
- Exploit funcionales para pruebas de seguridad en entornos industriales☆11Updated 4 years ago
- Simple packet dissector that detects anomalous DNP3 traffic by analysing its parameters☆15Updated 8 years ago
- PoC C&C for the Industroyer malware☆22Updated 7 years ago
- Tools to interact with Siemens PLCs☆11Updated last year
- Miscellaneous scripts for analyzing protocols and systems☆13Updated 8 years ago
- IEC104 Client for Metasploit☆11Updated 6 years ago
- Challenges from past S4 (SCADA Security Scientific Symposium) Capture-the-Flag contests.☆27Updated 8 years ago
- Set of data collected during a series of man-in-the-middle (MITM) attacks run against the Kenexis Portable Industrial Control System (ICS…☆27Updated 8 years ago
- Presentation Slides and Resources☆15Updated 4 months ago
- PowerShell script for hardening GE digital CIMPLICITY servers☆22Updated 3 years ago
- Threat hunting with EQL and Bro. This repo contains modifications to EQL and EQLLib to use BRO logs.☆8Updated 5 years ago
- A set of ICS IDS rules for use with Suricata.☆46Updated last year
- IDS Utility Belt For Automating/Testing Various Things☆30Updated 4 years ago
- Repository of Information sharing on threats and indicators☆12Updated 4 years ago
- Bro analyzer that detects Google's QUIC protocol☆10Updated 3 years ago
- IOCs for CRASHOVERRIDE malware framework☆25Updated 7 years ago
- Pcaps for PeddleCheap and implant communication + script for interpreting and decrypting pcaps.☆15Updated 6 years ago
- Industrial Control Systems Network Scanner☆22Updated 9 years ago
- Industrial Security Checklist☆10Updated 8 years ago
- Modbus stager in assembly and some scripts to upload/download data to the holding register of a PLC☆42Updated 4 years ago
- ICS/SCADA/PLC Discovery Tools Releases☆37Updated 9 years ago
- Material from ICS Village talk at DEFCON 25☆10Updated 6 years ago
- ☆28Updated 7 years ago
- A set of PCAPs used to test the parsers used by Malcolm. Also, a curated list of PCAP collections I've found online.☆32Updated 2 weeks ago
- A dsniff project using bro☆9Updated 8 years ago
- Modbus VCR☆26Updated 7 years ago
- Bro PCAP Processing and Tagging API☆28Updated 7 years ago
- A set of YARA rules for the AIL framework to detect leak or information disclosure☆36Updated 3 months ago
- The FastIR Server is a Web server to schedule FastIR Collector forensics collect thanks to the FastIR Agent☆12Updated 7 years ago