microsoft / ics-forensics-tools
Microsoft ICSpector (ICS Forensics Tools framework) is an open-source forensics framework that enables the analysis of Industrial PLC metadata and project files.
☆341Updated 6 months ago
Alternatives and similar repositories for ics-forensics-tools
Users that are interested in ics-forensics-tools are comparing it to the libraries listed below
Sorting:
- MITRE Caldera™ for OT Plugins & Capabilities☆212Updated 5 months ago
- Awesome list of keywords and artifacts for Threat Hunting sessions☆569Updated 3 weeks ago
- CLI tools for forensic investigation of Windows artifacts☆327Updated 6 months ago
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆294Updated last week
- Version 2 of the Graphical Realism Framework for Industrial Control Simulation (GRFICS)☆493Updated 2 years ago
- This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple…☆672Updated 3 months ago
- Map tracking ransomware, by OCD World Watch team☆466Updated 2 months ago
- A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as …☆391Updated 4 months ago
- OT Security Lab for ICS networks☆211Updated this week
- PowerShell tools to help defenders hunt smarter, hunt harder.☆374Updated last month
- A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 D…☆683Updated last month
- Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques☆357Updated 4 months ago
- Vulnerability-Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streaml…☆272Updated this week
- A curated list of resources that I recommend when asked about how to learn about Industrial Control Systems Cyber Security.☆175Updated 2 years ago
- A collection of files with indicators supporting social media posts from Palo Alto Network's Unit 42 team to disseminate timely threat in…☆301Updated last week
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆247Updated last month
- Documentation and scripts to properly enable Windows event logs.☆610Updated last year
- PowerShell Digital Forensics & Incident Response Scripts.☆596Updated last month
- Awesome Incident Response☆271Updated last year
- Industrial Control Systems Network Protocol Parsers☆170Updated 2 weeks ago
- MISP Playbooks☆199Updated 3 months ago
- A centralized and enhanced memory analysis platform☆462Updated 3 months ago
- A curated repository of incident response playbooks☆82Updated last year
- Practical Windows Forensics Training☆663Updated last year
- Cover various security approaches to attack techniques and also provides new discoveries about security breaches.☆475Updated last month
- PurpleLab is an efficient and readily deployable lab solution, providing a swift setup for cybersecurity professionals to test detection…☆666Updated this week
- DECeption with Evaluative Integrated Validation Engine (DECEIVE): Let an LLM do all the hard honeypot work!☆243Updated 3 weeks ago
- Automated YARA Rule Standardization and Quality Assurance Tool☆218Updated this week
- Awesome Security lists for SOC/CERT/CTI☆966Updated this week
- ☆177Updated last year