GRFICS
GRFICS is a graphical realism framework for industrial control simulations that uses Unity 3D game engine graphics to lower the barrier to entry for industrial control system security. GRFICS provides users with a full virtual industrial control system (ICS) network to practice common attacks including command injection, man-in-the-middle, and buffer overflows, and visually see the impact of their attacks in the 3D visualization. Users can also practice their defensive skills by properly segmenting the network with strong firewall rules, or writing intrusion detection rules. GRFICS was originally developed by researchers from Fortiphyd Logic and the Georgia Institute of Technology with the goal of bringing practical ICS security skills to a wider audience. We kindly ask that any derivations or publications resulting from the use of GRFICS provide a citation for this GitHub repository and the workshop paper we published about the framework: Formby, D., Rad, M., and Beyah, R. Lowering the Barriers to Industrial Control System Security with GRFICS. In 2018 USENIX Workshop on Adv
FEATURES
SIMILAR TOOLS
Android application for learning about vulnerabilities in modern Android apps and testing pentesting skills.
Introspy-Android is a blackbox tool for understanding Android app behavior and identifying security issues at runtime.
iOS Reverse Engineering Toolkit for automating common tasks in iOS penetration testing.
Industrial control system automation and testing tool for SCADA security testing.
PLCinject is a tool for injecting and patching blocks on PLCs with a call instruction.
A Python tool for patching Dalvik bytecode in DEX files and assisting in Android application analysis
Phish Report is inaccessible without JavaScript and cookies enabled.
StaDynA is a system supporting security app analysis in the presence of dynamic code update features.
The Upstream Security Platform is a cloud-based solution for monitoring and securing connected vehicles and mobility IoT devices, offering features such as cybersecurity detection, API protection, and fraud detection.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.