A curated list of resources related to Industrial Control System (ICS) security.
created at Dec. 8, 2015, 12:43 p.m.
Pure Python parser for classic Windows Event Log files (.evt)
created at Jan. 24, 2015, 4:07 p.m.
Based on the Volatility framework, this script will run various plugins as well as create a timeline, or use YARA/ClamAV/VirusTotal to find badness.
created at Sept. 21, 2013, 12:14 p.m.
Differential Analysis of Malware in Memory
created at Sept. 16, 2014, 5:32 p.m.
analyze a web-based network traffic 🕶 to detect central command and control servers
created at Aug. 23, 2016, 9:45 a.m.
An ICAP Server with yara scanner for URL and content.
created at Feb. 6, 2017, 4:17 p.m.
ROPMEMU is a framework to analyze, dissect and decompile complex code-reuse attacks.
created at May 24, 2016, 5:04 p.m.
hackers-grep is a utility to search for strings in PE executables including imports, exports, and debug symbols
created at Aug. 31, 2015, 5:02 p.m.