ics_mem_collect Logo

ics_mem_collect

0
Free
Visit Website

For many industrial control system devices, there is not a simple solution for programmatically accessing memory. Without an API, an incident responder or digital forensics analyst may be required to manually probe memory looking for anomalies or malicious activity. This project is intended to develop APIs that allow an analyst to adapt pre-existing tools or rapidly build new tools in order to target these devices. Current Devices: GE D20MX Future Work: JTAG Interface

FEATURES

ALTERNATIVES

A python module for orchestrating content acquisitions and analysis via Amazon SSM.

Diffy is a digital forensics and incident response (DFIR) tool developed by Netflix's Security Intelligence and Response Team (SIRT) for scoping compromises across cloud instances.

A library to access and parse Windows Shortcut File (LNK) format.

Autopsy is a GUI-based digital forensics platform for analyzing hard drives and smart phones, with a plug-in architecture for custom modules.

A binary analysis platform for analyzing binary programs

Second-order subdomain takeover scanner

A library to access FileVault Drive Encryption (FVDE) encrypted volumes on Mac OS X systems.

Modern digital forensics and incident response platform with comprehensive tools.