OT Security

A data-driven OT risk management platform that uses digital twin technology and breach simulations to assess cybersecurity risks, optimize mitigation strategies, and ensure compliance with industry standards.

AI-powered platform that manages and monitors physical infrastructure systems while providing autonomous operation capabilities and smart city integration

The Upstream Security Platform is a cloud-based solution for monitoring and securing connected vehicles and mobility IoT devices, offering features such as cybersecurity detection, API protection, and fraud detection.

A PowerShell security assessment script that evaluates Siemens SIMATIC PCS 7 industrial control systems for security misconfigurations and vulnerabilities.

A collection of PCAPs for ICS/SCADA utilities and protocols with the option for users to contribute.

ISF (Industrial Exploitation Framework) - An exploitation framework for industrial systems with various ICS protocol clients and exploit modules.

Java MODBUS simulator with scriptable functions and dynamic resource creation.

AVEVA is an industrial software provider offering engineering, operations, and data management solutions for operational technology environments across various industrial sectors.

A Low-cost ICS Security Testbed for Education and Research

Modular framework for pentesting Modbus protocol with diagnostic and offensive features.

MiniCPS is a framework for real-time Cyber-Physical Systems simulation that supports physical process and control device simulation along with network emulation capabilities.

Developing APIs to access memory on industrial control system devices.

A tool for scanning networks, enumerating Siemens PLCs, and gathering detailed information about them.

An exploitation framework for industrial security with modules for controlling PLCs and scanning devices.

PLCinject is a tool for injecting and patching blocks on PLCs with a call instruction.

Website providing information on Snap7 open-source communication library.

Ultimate Internet of Things/Industrial Control Systems reconnaissance tool powered by Shodan.

A customized Kali Linux distribution for ICS/SCADA pentesting professionals

PLC-side fuzzing tool for uncovering vulnerabilities in ICS control applications.

Simple perl script for making Modbus transactions from the command line.

Passively maps and visually displays ICS/SCADA network topology for network security

An industrial control system testing tool that enables security researchers to enumerate SCADA controllers, read register values, and modify register data across different testing modes.

Python exploitation tool for gaining root access to Sixnet RTUs in SCADA networks by exploiting application-level vulnerabilities.

A Digital Bond research project to enumerate ICS applications and devices