microsoft/ics-forensics-tools external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

microsoft/ics-forensics-tools

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/microsoft/ics-forensics-tools)

Close

microsoft / ics-forensics-toolsView on GitHubMore

• External links
• Readme badge

Microsoft ICSpector (ICS Forensics Tools framework) is an open-source forensics framework that enables the analysis of Industrial PLC metadata and project files.

☆366Sep 11, 2025Updated 5 months ago

Alternatives and similar repositories for ics-forensics-tools

Users that are interested in ics-forensics-tools are comparing it to the libraries listed below

• Fortiphyd / GRFICSv2

  View on GitHub
  Version 2 of the Graphical Realism Framework for Industrial Control Simulation (GRFICS)
  ☆591Oct 29, 2025Updated 4 months ago
• selmux / Alhasawi-ICS-OT-Security-projetcs

  View on GitHub
  ICS security resources
  ☆127May 7, 2025Updated 9 months ago
• thainnos / LICSTER

  View on GitHub
  A Low-cost ICS Security Testbed for Education and Research
  ☆119Mar 16, 2024Updated last year
• nsacyber / ELITEWOLF

  View on GitHub
  OT security monitoring #nsacyber
  ☆615Jan 7, 2024Updated 2 years ago
• AlirezaDehlaghi / ICSSIM

  View on GitHub
  This is the ICSSIM source code and user manual for simulating industrial control system testbed for cybersecurity experiments
  ☆92Jun 19, 2024Updated last year
• S3cur1tyH4ggis / ICS-Security-Products

  View on GitHub
  Lists of products useful for ICS security
  ☆108Jun 24, 2024Updated last year
• Ka0sKl0wN / ICS-Security-Study-Resources

  View on GitHub
  A curated list of resources that I recommend when asked about how to learn about Industrial Control Systems Cyber Security.
  ☆197May 10, 2023Updated 2 years ago
• cutaway-security / ICSPcapViz

  View on GitHub
  A packet capture visualizer for industrial control networks.
  ☆55Dec 4, 2023Updated 2 years ago
• mitre / caldera-ot

  View on GitHub
  MITRE Caldera™ for OT Plugins & Capabilities
  ☆239Dec 22, 2025Updated 2 months ago
• icsadvprj / ICS-Advisory-Project

  View on GitHub
  The ICS Advisory Project is an open-source project to provide CISA ICS Advisories data in Comma Separated Value (CSV) format to support v…
  ☆91Updated this week
• cisagov / ACID

  View on GitHub
  ☆75Apr 3, 2025Updated 10 months ago
• LiuYuancheng / PLC_and_RTU_Simulator

  View on GitHub
  The primary objective of this project is to develop a cross-platform Python library capable of simulating the core fundamental functional…
  ☆58Jan 19, 2026Updated last month
• cisagov / icsnpp-opcua-binary

  View on GitHub
  Zeek OPCUA Binary Parser - CISA ICSNPP
  ☆21Nov 19, 2025Updated 3 months ago
• zakharb / labshock

  View on GitHub
  OT Security Lab for ICS networks
  ☆667Feb 18, 2026Updated last week
• cisagov / ICSNPP

  View on GitHub
  Industrial Control Systems Network Protocol Parsers
  ☆189Sep 4, 2025Updated 5 months ago
• cutaway-security / cutsec_presentations

  View on GitHub
  Presentation Slides and Resources
  ☆16Jun 12, 2024Updated last year
• hslatman / awesome-industrial-control-system-security

  View on GitHub
  A curated list of resources related to Industrial Control System (ICS) security.
  ☆1,932Oct 10, 2025Updated 4 months ago
• ITI / ICS-Security-Tools

  View on GitHub
  Tools, tips, tricks, and more for exploring ICS Security.
  ☆1,920Apr 15, 2025Updated 10 months ago
• cisagov / parsnip

  View on GitHub
  ☆75Oct 2, 2025Updated 4 months ago
• neutrinoguy / awesome-ics-writeups

  View on GitHub
  Collection of writeups on ICS/SCADA security.
  ☆197Oct 19, 2025Updated 4 months ago
• CTI-Driven / LOLBins

  View on GitHub
  The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…
  ☆127Apr 6, 2024Updated last year
• tijldeneut / ICSSecurityScripts

  View on GitHub
  Industrial Security Scripts
  ☆144Feb 19, 2026Updated last week
• amzn / zeek-plugin-s7comm

  View on GitHub
  Zeek network security monitor plugin that enables parsing of the S7 protocol
  ☆41May 30, 2024Updated last year
• CrySyS / bro-step7-plugin

  View on GitHub
  A proof of concept implementation of the Siemens S7 protocol analyser for the Bro IDS.
  ☆16Mar 26, 2017Updated 8 years ago
• mrwadams / attackgen

  View on GitHub
  AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE…
  ☆1,205Dec 29, 2025Updated 2 months ago
• cisagov / icsnpp-profinet-io-cm

  View on GitHub
  Zeek Profinet I/O Context Manager Parser - CISA ICSNPP
  ☆13Nov 19, 2025Updated 3 months ago
• Fortiphyd / Secure_PLC_Coding

  View on GitHub
  Documentation and guidance to practice secure coding for various PLC vendors
  ☆41Oct 27, 2023Updated 2 years ago
• cisagov / Malcolm

  View on GitHub
  Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…
  ☆2,344Feb 19, 2026Updated last week
• djformby / GRFICS

  View on GitHub
  Graphical Realism Framework for Industrial Control Simulations
  ☆225Jun 20, 2024Updated last year
• anton-shipulin / Beer-ISAC

  View on GitHub
  Beer-ISAC Community Resources
  ☆26Jan 22, 2021Updated 5 years ago
• LiuYuancheng / Py_PLC_Honey_Pot

  View on GitHub
  We want to create a Python PLC honeypot which support multiple primary OT communication protocols such as Modbus-TCP and Siemens-S7Comm. …
  ☆58Apr 30, 2025Updated 10 months ago
• LivingInSyn / RMML

  View on GitHub
  A list of RMMs designed to be used in automation to build alerts
  ☆117Nov 9, 2025Updated 3 months ago
• cyb3rmik3 / MDE-DFIR-Resources

  View on GitHub
  A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as …
  ☆431Feb 18, 2026Updated last week
• patsec / ot-sim

  View on GitHub
  Operational Technology (OT) Simulator
  ☆54Oct 6, 2025Updated 4 months ago
• aravind0x7 / BusPwn

  View on GitHub
  BusPwn V1.0 is a powerful Modbus hacking framework designed for testing and exploiting vulnerabilities in Modbus-based systems commonly f…
  ☆26Apr 19, 2025Updated 10 months ago
• reidmefirst / WirelessHART-Parser

  View on GitHub
  Wireshark dissector for wirelessHART
  ☆13Aug 2, 2017Updated 8 years ago
• Cisco-Talos / badgerboard

  View on GitHub
  ☆17Mar 8, 2024Updated last year
• cutaway-security / IACS_STAR_Methodology

  View on GitHub
  A risk rating calculation methodology that uses the OWASP Risk Rating Methodology as a basis.
  ☆32Sep 4, 2024Updated last year
• BushidoUK / UK-Critical-Infrastructure

  View on GitHub
  A collection of reports and case studies to understand the threat landscape for UK critical infrastructure
  ☆38Jan 23, 2024Updated 2 years ago