ICS Incident Response Automation Framework Python framework for executing automated incident response playbooks in ICS/SCADA environments. Supports network isolation, forensic preservation, logic restoration, and safety system interventions. Designed for defenders, researchers, and red team simulations in operational technology networks.

ScadaFlare Authenticated RCE Exploit Framework for ScadaBR (CVE-2021-26828) OpenPLC ScadaBR

A collection of scripts focusing on simulating a small ICS and conducting security assessments on it.

The Datasets contain a wide variety of network and physical behaviours of an IEC-61850-compliant zone substation. The datasets are compatible with actual substation network traffic, including benign GOOSE packets, benign SV packets, and MALICIOUS SV packets. The datasets consist of two versions, including raw datasets and labelled datasets.

An ICS/OT toolkit written in python

Multi-stage ICS cyberattack simulation against 69kV/13.8kV distribution substation: IT-to-OT pivot culminating in unauthorized Modbus PLC manipulation. Includes PCAP forensic analysis, NIST incident response playbook, attack scripts, and real-world impact assessment for critical infrastructure security education.

All-in-one ICS/SCADA hacking, red teaming, malware analysis, detection, and lab architecture cheat sheet

Code that I have written/modified in multiple programming languages .

The Datasets contain a wide variety of network and physical behaviours of an IEC-61850-compliant zone substation. The datasets are compatible with actual substation network traffic, including benign GOOSE packets, MALICIOUS GOOSE packets, and benign SV packets. The datasets consist of two versions, including raw datasets and labelled datasets.

Industrial Control System security monitoring with Modbus traffic analysis and anomaly detection.

Prototyping Work done with The CYNICS Group

GRIDSAFE - Grid Security Assessment and Framework Evaluation

A simple high-level Python interface for the Dragos portal API

Busting ICS/SCADA over modbus

Authenticated Modbus FC23 Writer for OmniPLC 3000

OT (Operational Technology Exploitation Framework) a exploitation framework based on Python

ISF(Industrial Control System Exploitation Framework)，a exploitation framework based on Python

A tool for gathering IT/OT exposed assets on the Internet and sending the results to a MISP instance for further Threat Intelligence analysis.

Simple and automated way of gathering alerts about vulnerabilities and threats regarding ICS/SCADA reported by CISA.

An Industrial Control Systems (ICS), Internet of Things (IoT), and Operational Technology (OT) hardening framework offering security controls, implementation guides, and tools to protect operational technology environments.