ics_mem_collect Logo

ics_mem_collect

0
Free
Visit Website

For many industrial control system devices, there is not a simple solution for programmatically accessing memory. Without an API, an incident responder or digital forensics analyst may be required to manually probe memory looking for anomalies or malicious activity. This project is intended to develop APIs that allow an analyst to adapt pre-existing tools or rapidly build new tools in order to target these devices. Current Devices: GE D20MX Future Work: JTAG Interface

FEATURES

ALTERNATIVES

Customizable live OS constructor tool for remote forensics and incident response.

A Python-based engine for automatic creation of timelines in digital forensic analysis

A console program for file recovery through data carving.

Tool for analyzing Windows Recycle Bin INFO2 file

A comprehensive guide to incident response and computer forensics, covering the entire lifecycle of incident response and remediation.

A command-line tool for extracting detailed information from JPEG files, including image dimensions, compression, and metadata.

Open Backup Extractor is an open source program for extracting data from iPhone and iPad backups.

RegRippy is a modern Python 3 alternative to RegRipper for extracting data from Windows registry hives.