Repository containting original and decompiled files of TRISIS/TRITON/HATMAN malware

Real world and CTFs exploiting web/binary POCs.

This work aims at using different machine learning techniques in detecting anomalies (including hardware failures, sabotage and cyber-attacks) in SCADA water infrastructure.

ICS Incident Response Automation Framework Python framework for executing automated incident response playbooks in ICS/SCADA environments. Supports network isolation, forensic preservation, logic restoration, and safety system interventions. Designed for defenders, researchers, and red team simulations in operational technology networks.

Grassmarlin replacement. Open-source multi-user ICS/SCADA passive network discovery and topology platform. Upload PCAPs, visualize OT networks, generate assessment reports. Flask + Docker. The open-source engine behind Fathom.

All-in-one ICS/SCADA hacking, red teaming, malware analysis, detection, and lab architecture cheat sheet

Multi-protocol ICS security scanner detecting vulnerabilities in Modbus, S7, DNP3, BACnet, MQTT & SNMP. Features configurable scan intensities, safe-by-default operation & comprehensive reporting. Identifies misconfigurations & security flaws in industrial environments.

ScadaFlare Authenticated RCE Exploit Framework for ScadaBR (CVE-2021-26828) OpenPLC ScadaBR

Busting ICS/SCADA over modbus

**Luva** is a **passive** offline analyzer for industrial control and SCADA network captures (`.pcap`, `.pcapng`, and `.gz`-wrapped captures). It reads files from disk only—no live sniffing, no injection, no interaction with the plant network.

Like a blaster cannon for Modbus: accurate, configurable, devastating, and adaptive.

Authenticated Modbus FC23 Writer for OmniPLC 3000

Scada scanner

🛡️ ForgeSentry: TITAN V3 — Enterprise-Grade AI-IoT Threat Intelligence System. Autonomous honeypot infrastructure featuring ML-driven behavioral risk scoring, MITRE ATT&CK® mapping, and STIX 2.1 intelligence feeds

Implemented a client-server communication system to monitor greenhouse conditions.: Successfully established socket connections between server and client, displaying real-time temperature and light intensity in a GUI.

ICS Toolkit: A Modular, CLI-Driven Framework for ICS Security Auditing & CTF Competitions

An autonomous AI-powered agent that monitors, analyzes, and generates intelligence reports on cyber threats impacting energy infrastructure.

Official PyTorch implementation of Conformal Neuro-Symbolic Graph ODEs (ACNS-GODE) for explainable attack attribution in Water Cyber-Physical Systems.

Enterprise-grade OT/ICS Security Analysis Platform