For many industrial control system devices, there is not a simple solution for programmatically accessing memory. Without an API, an incident responder or digital forensics analyst may be required to manually probe memory looking for anomalies or malicious activity. This project is intended to develop APIs that allow an analyst to adapt pre-existing tools or rapidly build new tools in order to target these devices. Current Devices: GE D20MX Future Work: JTAG Interface
FEATURES
SIMILAR TOOLS
Stegextract is a Bash script that extracts hidden files and strings from images, supporting PNG, JPG, and GIF formats.
A library to access and read QEMU Copy-On-Write (QCOW) image file formats with support for zlib compression and AES-CBC encryption.
A library to access the Extensible Storage Engine (ESE) Database File (EDB) format used in various Windows applications.
A library to access FileVault Drive Encryption (FVDE) encrypted volumes on Mac OS X systems.
A comprehensive incident response tool for Windows computers, providing advanced memory forensics and access to locked systems.
A library and set of tools for accessing and analyzing storage media devices and partitions for forensic analysis and investigation.
Exterro is a data risk management platform that optimizes e-discovery, digital forensics, and cybersecurity compliance operations.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.