OWASP/owasp-istg external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

OWASP/owasp-istg

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/OWASP/owasp-istg)

Close

OWASP / owasp-istgView on GitHubMore

• External links
• Readme badge

The IoT Security Testing Guide (ISTG) provides a comprehensive methodology for penetration tests in the IoT field, offering flexibility to adapt innovations, and developments in the IoT market while still ensuring comparability of test results.

☆120Jul 29, 2025Updated 10 months ago

Alternatives and similar repositories for owasp-istg

Users that are interested in owasp-istg are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• cisagov / icsnpp-ethercat

  View on GitHub
  Zeek Ethercat Parser - CISA ICSNPP
  ☆18Mar 3, 2026Updated 2 months ago
• anton-shipulin / Beer-ISAC

  View on GitHub
  Beer-ISAC Community Resources
  ☆27Jan 22, 2021Updated 5 years ago
• DhaeyerWolf / ICS-OT_wireshark_profiles

  View on GitHub
  ICS/OT related Wireshark profiles + adding some other (IT or OT related) Open Source Wireshark Profiles
  ☆18Mar 21, 2025Updated last year
• OWASP / IoT-Security-Verification-Standard-ISVS

  View on GitHub
  OWASP IoT Security Verification Standard (ISVS)
  ☆150Oct 6, 2025Updated 7 months ago
• cutaway-security / cutsec_presentations

  View on GitHub
  Presentation Slides and Resources
  ☆16Jun 12, 2024Updated last year
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• cutaway-security / CloudSec-IACS

  View on GitHub
  Cloud security documents and tools to assist with conducting risk assessments that conform to the ICS62443 guidelines
  ☆14Mar 20, 2026Updated 2 months ago
• reidmefirst / WirelessHART-Parser

  View on GitHub
  Wireshark dissector for wirelessHART
  ☆13Aug 2, 2017Updated 8 years ago
• intrudir / burpcollaborator-docker

  View on GitHub
  A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a p…
  ☆30Nov 30, 2025Updated 5 months ago
• scriptingxss / owasp-fstm

  View on GitHub
  The Firmware Security Testing Methodology (FSTM) is composed of nine stages tailored to enable security researchers, software developers,…
  ☆465Oct 5, 2025Updated 7 months ago
• CrySyS / bro-step7-plugin

  View on GitHub
  A proof of concept implementation of the Siemens S7 protocol analyser for the Bro IDS.
  ☆16Mar 26, 2017Updated 9 years ago
• JosephTLucas / lintML

  View on GitHub
  A security-first linter for code that shouldn't need linting
  ☆19Sep 12, 2023Updated 2 years ago
• fkie-cad / Codescanner

  View on GitHub
  ☆11Nov 14, 2024Updated last year
• LiuYuancheng / PLC_and_RTU_Simulator

  View on GitHub
  The primary objective of this project is to develop a cross-platform Python library capable of simulating the core fundamental functional…
  ☆63May 5, 2026Updated 3 weeks ago
• VerSprite / fork-community

  View on GitHub
  Fork Threat Modeling Platform - Community
  ☆28Oct 10, 2025Updated 7 months ago
• End-to-end encrypted cloud storage - Proton Drive • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
• industrialarmy / ics_exploits

  View on GitHub
  Exploit funcionales para pruebas de seguridad en entornos industriales
  ☆11Jul 8, 2020Updated 5 years ago
• icsadvprj / ICS-Advisory-Project

  View on GitHub
  The ICS Advisory Project is an open-source project to provide CISA ICS Advisories data in Comma Separated Value (CSV) format to support v…
  ☆96May 22, 2026Updated last week
• cisagov / icsnpp-s7comm

  View on GitHub
  Zeek S7comm, S7comm-plus, and COTP Parser - CISA ICSNPP
  ☆29Mar 3, 2026Updated 2 months ago
• akiUp / ICSUnitSim

  View on GitHub
  Simulation of Industrial process unit on ESP32 board with ModbusTCP interface
  ☆22Sep 19, 2020Updated 5 years ago
• 9olidity / MCP-Server-Pentest

  View on GitHub
  ☆22Mar 24, 2025Updated last year
• desolat / scapy-bacnet

  View on GitHub
  A BACnet layer for Scapy
  ☆13Nov 25, 2015Updated 10 years ago
• cisagov / icsnpp-opcua-binary

  View on GitHub
  Zeek OPCUA Binary Parser - CISA ICSNPP
  ☆21Mar 3, 2026Updated 2 months ago
• selmux / Alhasawi-ICS-OT-Security-projetcs

  View on GitHub
  ICS security resources
  ☆136May 7, 2025Updated last year
• PMaynard / ICS-TestBed-Framework

  View on GitHub
  ICS TestBed Framework
  ☆71Jan 10, 2019Updated 7 years ago
• Bare Metal GPUs on DigitalOcean Gradient AI • Ad
  Purpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
• LiuYuancheng / IT_OT_IoT_Cyber_Security_Workshop

  View on GitHub
  ☆18May 15, 2026Updated 2 weeks ago
• mmguero-dev / Malcolm-PCAP

  View on GitHub
  This repository has been archived in favor of https://github.com/idaholab/Malcolm-Test-Artifacts
  ☆38Dec 11, 2024Updated last year
• amzn / zeek-plugin-s7comm

  View on GitHub
  Zeek network security monitor plugin that enables parsing of the S7 protocol
  ☆42May 30, 2024Updated last year
• patsec / ot-sim

  View on GitHub
  Operational Technology (OT) Simulator
  ☆56Oct 6, 2025Updated 7 months ago
• Nextdoor / cspm_evaluation_matrix

  View on GitHub
  Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix
  ☆59Sep 7, 2023Updated 2 years ago
• shamo0 / PDFkit-CMD-Injection

  View on GitHub
  CVE-2022-25765 pdfkit <0.8.6 command injection.
  ☆15Dec 21, 2022Updated 3 years ago
• berylliumsec / eclipse

  View on GitHub
  AI Powered Sensitive Information Detection
  ☆20Mar 13, 2024Updated 2 years ago
• mobilehackinglab / damn-exploitable-android-app-public-apk

  View on GitHub
  damn-exploitable-android-app-apk
  ☆39Jun 9, 2023Updated 2 years ago
• aws-samples / drs-malware-scan

  View on GitHub
  Perform file-based malware scan on your on-prem servers with AWS
  ☆14Oct 31, 2023Updated 2 years ago
• Open source password manager - Proton Pass • Ad
  Securely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
• ine-labs / ICSGoat

  View on GitHub
  ICSGoat: A Damn Vulnerable ICS Infrastructure
  ☆35Aug 26, 2024Updated last year
• V33RU / awesome-connected-things-sec

  View on GitHub
  A Curated list of Security Resources for all connected things
  ☆3,328May 15, 2026Updated 2 weeks ago
• doyensec / r2pickledec

  View on GitHub
  Pickle decompiler plugin for Radare2
  ☆18Aug 6, 2023Updated 2 years ago
• alainiamburg / PVED

  View on GitHub
  Purposely Vulnerable Embedded Device
  ☆22Jun 19, 2017Updated 8 years ago
• awslabs / Chatbot-to-help-security-teams-perform-vulnerability-assessments

  View on GitHub
  ☆29Dec 26, 2025Updated 5 months ago
• amzn / zeek-plugin-bacnet

  View on GitHub
  Zeek network security monitor plugin that enables parsing of the BACnet standard building controls protocol
  ☆30Apr 23, 2025Updated last year
• depau / bcm-cfedump

  View on GitHub
  Broadcom CFE NAND dumper (uses `dn` command) - kinda crappy, use with care
  ☆34Sep 8, 2023Updated 2 years ago