ics_mem_collect Logo

ics_mem_collect

0
Free
Visit Website

For many industrial control system devices, there is not a simple solution for programmatically accessing memory. Without an API, an incident responder or digital forensics analyst may be required to manually probe memory looking for anomalies or malicious activity. This project is intended to develop APIs that allow an analyst to adapt pre-existing tools or rapidly build new tools in order to target these devices. Current Devices: GE D20MX Future Work: JTAG Interface

FEATURES

ALTERNATIVES

Forensic imaging program with full hash authentication and various acquisition options.

A tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container, aiding in digital forensic triage.

A reverse engineering framework with a focus on usability and code cleanliness

Autopsy is a GUI-based digital forensics platform for analyzing hard drives and smart phones, with a plug-in architecture for custom modules.

A software that collects forensic artifacts on systems for forensic investigations.

A toolkit for forensic analysis of network appliances with YARA decoding options and frame extraction capabilities.

A collaborative forensic timeline analysis tool for organizing and analyzing data with rich annotations and comments.

A network forensics tool for visualizing packet captures as network diagrams with detailed analysis.

PINNED