LIVE
UTC --:--:--
OT SECURITY HUB
by zuckergates
Learn · Academy, labs & literasi OT
Roadmap Belajar
Roadmap role-based
LMS Academy
Materi · pre-test · post-test
Labs
50+ hands-on labs · CTF · cyber range
Articles
Deep dive teknis & how-to
News
Update OT/ICS harian
Glossary
≈190 istilah OT, ICS & SCADA
Resources
Buku, kursus, podcast, lab
Knowledge · Anatomi sistem industrial
Protocols
Modbus, DNP3, IEC-104, OPC UA
Architectures
Purdue, IEC 62443 zones
Assets
PLC, RTU, HMI, SIS, Historian
Sectors
Energy, water, manufacturing
Knowledge Graph
Relasi lintas modul (interaktif)
Threat Intel · OT/ICS threat operations center
Incidents & Timeline
Database insiden + linimasa (5 view modes)
Threats
Actors & ICS Malware · Sandworm, Pipedream, Triton
Vulnerabilities
CVE Watch · eksploitasi aktif & CVSS ≥ 8.0
Advisories
ICS-CERT, vendor PSIRT, CERT nasional
Governance · Framework, kontrol, assessment
Frameworks
IEC 62443, NIST CSF 2.0, NIS2
Controls
Kontrol teknis & prosedural
Assessments
Maturity & gap assessment
Ecosystem · Vendor, tools, intel mingguan
Vendors
Siemens, Schneider, Rockwell, ABB, Honeywell
Tools
Tool open-source & komersial (≈70+)
Brief
Executive brief mingguan
// MODULE · TOOL MATRIX

Direktori 142+ Tools OT/ICS Security

Asset discovery, IDS/IPS, SIEM, EDR, forensics, threat intel, pentest, SBOM — lengkap dengan link official, deployment model, dan protokol industrial yang didukung.

Tools
142
Open Source
79
Freemium
16
Commercial
47
With Link
142
Category:
License:
Deployment:

Atomic Red Team

Red Canary

Library tes ATT&CK termasuk teknik OT-relevant.

Open SourceAdversary Emulation

MITRE Caldera

MITRE

Adversary emulation platform dengan plugin Caldera for OT.

Open SourceAdversary EmulationAdvanced

Caldera for OT

MITRE / INL

Plugin Caldera khusus protokol OT (Modbus, BACnet, DNP3, Profinet).

Open SourceAdversary Emulation

Stratus Red Team

DataDog

Cloud-focused adversary emulation.

Open SourceAdversary Emulation

Dragos Platform

Dragos

Visibility OT, threat detection & vulnerability management khusus ICS.

CommercialAsset DiscoveryOn-PremIntermediate

Claroty xDome

Claroty

CPS Protection Platform dengan asset discovery, risk & vulnerability management.

CommercialAsset DiscoveryCloudIntermediate

Claroty CTD

Claroty

Continuous Threat Detection on-prem untuk OT/ICS.

CommercialAsset DiscoveryOn-PremIntermediate

Nozomi Guardian

Nozomi Networks

Passive OT/IoT discovery dengan anomaly detection & vulnerability assessment.

CommercialAsset DiscoveryOn-PremIntermediate

Nozomi Vantage

Nozomi Networks

SaaS visibility multi-site OT/IoT.

CommercialAsset DiscoveryCloud

Armis Centrix

Armis

Agentless asset intelligence IT/OT/IoT/IoMT.

CommercialAsset DiscoveryCloud

Forescout eyeInspect

Forescout

OT network monitoring (formerly SilentDefense) untuk discovery & threat detection.

CommercialAsset DiscoveryOn-Prem

Microsoft Defender for IoT

Microsoft

Agentless network detection untuk OT/IoT (eks-CyberX) terintegrasi Sentinel.

CommercialAsset DiscoveryHybrid

GRASSMARLIN

NSA

Passive network mapping untuk ICS (PCAP-based).

Open SourceAsset DiscoveryStandaloneIntermediate

plcscan

Dmitry Efanov

PLC discovery scanner Siemens S7 & Modbus TCP.

Open SourceAsset DiscoveryIntermediate

NMAP NSE ICS scripts

Nmap Project

NSE scripts untuk Modbus, S7, EtherNet/IP, BACnet, DNP3, IEC-104.

Open SourceAsset Discovery

runZero

runZero

Active+passive asset inventory dengan OT-safe scanning.

FreemiumAsset DiscoveryHybrid

Shodan

Shodan

Search engine internet-exposed device termasuk ICS protocol fingerprints.

FreemiumAsset DiscoveryCloud

Censys

Censys

Internet-wide scanning & attack surface management.

FreemiumAsset DiscoveryCloud

SCADAfence Platform

SCADAfence (Honeywell)

OT network visibility & threat detection.

CommercialAsset Discovery

Verve Security Center

Rockwell / Verve

OT systems management & vulnerability orchestration.

CommercialAsset Discovery

Veeam Backup

Veeam

Backup enterprise dengan immutable repository.

CommercialBackup

Rubrik

Rubrik

Backup + ransomware recovery.

CommercialBackup

Restic

Restic

Encrypted, deduplicated backup CLI.

Open SourceBackup

Borg Backup

BorgBackup

Dedup backup dengan kompresi.

Open SourceBackup

Sigma

SigmaHQ

Generic SIEM rule format dengan ICS rule set.

Open SourceDetection Content

MITRE ATT&CK Navigator

MITRE

Web tool mapping TTPs & detection coverage termasuk ATT&CK for ICS.

Open SourceDetection Content

DeTT&CT

Rabobank CDC

Score & compare detection coverage vs ATT&CK.

Open SourceDetection Content

draw.io / diagrams.net

JGraph

Diagramming gratis dengan shape ICS.

Open SourceDocumentation

Lucidchart

Lucid Software

Cloud diagramming kolaboratif.

FreemiumDocumentation

Visio

Microsoft

Diagramming klasik dengan stencils Allen-Bradley & Siemens.

CommercialDocumentation

CrowdStrike Falcon

CrowdStrike

Cloud-native EDR/XDR dengan modul Insight for OT.

CommercialEDR/XDRCloud

SentinelOne Singularity

SentinelOne

Autonomous EDR/XDR dengan Singularity for IoT.

CommercialEDR/XDRCloud

Microsoft Defender XDR

Microsoft

XDR terintegrasi Defender for Endpoint/Identity/IoT.

CommercialEDR/XDRCloud

OSQuery / Fleet

Fleet / Linux Foundation

Endpoint visibility via SQL queries.

Open SourceEDR/XDR

GRR Rapid Response

Google

Remote live forensics framework untuk endpoint.

Open SourceForensicsAdvanced

Velociraptor

Rapid7

Endpoint visibility, forensics & threat hunting via VQL.

Open SourceForensicsOn-PremIntermediate

Volatility 3

Volatility Foundation

Memory forensics framework.

Open SourceForensics

Autopsy

Basis Technology

Digital forensics GUI di atas The Sleuth Kit.

Open SourceForensics

The Sleuth Kit

Brian Carrier

Library & tools analisis disk image.

Open SourceForensics

KAPE

Kroll

Kroll Artifact Parser and Extractor untuk triage cepat.

FreemiumForensics

Plaso / log2timeline

Plaso Project

Super timeline forensic engine.

Open SourceForensics

YARA

VirusTotal

Pattern matching swiss-army knife untuk malware.

Open SourceForensics

Ansible

Red Hat

Automation & hardening playbooks (CIS Benchmarks).

Open SourceHardening

OpenSCAP

Red Hat

Security compliance scanning (SCAP/STIG/CIS).

Open SourceHardening

CIS-CAT

Center for Internet Security

CIS Benchmarks assessor tool.

FreemiumHardening

Lynis

CISOfy

Linux/Unix security auditing tool.

Open SourceHardening

Keycloak

Red Hat

Identity & SSO (OIDC/SAML) open source.

Open SourceIAM

Zeek

Zeek Project

Network security monitor dengan ICS protocol parser via ICSNPP.

Open SourceIDSIntermediate

ICSNPP

INL / Zeek

Zeek package: Industrial Control Systems Network Protocol Parsers.

Open SourceIDS

Snort 3

Cisco Talos

IDS/IPS engine dengan ruleset ICS (Modbus, DNP3, S7).

Open SourceIDSIntermediate

Suricata

OISF

High-performance IDS/IPS/NSM dengan Modbus, DNP3, ENIP keywords.

Open SourceIDS

TheHive

StrangeBee

Collaborative case management untuk SOC/CSIRT.

FreemiumIncident ResponseOn-Prem

Cortex

StrangeBee

Observable analyzer & responder companion TheHive.

Open SourceIncident Response

Shuffle

Shuffle

SOAR open source modular.

Open SourceIncident Response

Tines

Tines

No-code automation & SOAR.

FreemiumIncident ResponseCloud

Palo Alto Cortex XSOAR

Palo Alto Networks

Enterprise SOAR (formerly Demisto).

CommercialIncident Response

Wireshark

Wireshark Foundation

Network protocol analyzer dengan banyak dissector industrial (Modbus, S7, DNP3, IEC-61850).

Open SourceMonitoringBeginner

tcpdump

The Tcpdump Group

CLI packet capture portable & ringan.

Open SourceMonitoring

ntopng

ntop

High-speed traffic analysis & flow collection.

FreemiumMonitoring

Arkime (Moloch)

Arkime

Large-scale full packet capture & indexed search.

Open SourceMonitoring

Malcolm

CISA / Idaho National Lab

Network traffic analysis suite untuk ICS (Arkime + Zeek + Suricata).

Open SourceMonitoringIntermediate

Security Onion

Security Onion Solutions

Distro NSM & log management (Zeek+Suricata+Elastic+TheHive).

Open SourceMonitoringOn-Prem

SELKS

Stamus Networks

Suricata + Elastic + Kibana + Scirius live distro.

Open SourceMonitoring

Cisco Cyber Vision + ISA-3000

Cisco

OT visibility + industrial firewall.

CommercialNetwork Security

Fortinet FortiGate Rugged

Fortinet

Industrial NGFW dengan OT protocol DPI.

CommercialNetwork Security

Palo Alto NGFW

Palo Alto Networks

NGFW dengan App-ID untuk protokol industri.

CommercialNetwork Security

Hirschmann EAGLE 30

Belden / Hirschmann

Industrial firewall rugged dengan DPI Modbus & DNP3.

CommercialNetwork Security

Tofino Xenon

Belden / Hirschmann

Industrial security appliance plug-and-protect.

CommercialNetwork Security

pfSense

Netgate

Firewall open source berbasis FreeBSD.

Open SourceNetwork Security

OPNsense

Deciso

Fork pfSense dengan UI modern.

Open SourceNetwork Security

Waterfall Unidirectional Gateway

Waterfall Security

Hardware data diode untuk replikasi historian satu arah.

CommercialNetwork Security

Owl Cyber Defense

Owl

Cross-domain & data diode untuk CI.

CommercialNetwork Security

Fox-IT DataDiode

NCC Group / Fox-IT

Certified data diode untuk pemerintahan & utilitas.

CommercialNetwork Security

CyberArk PAM

CyberArk

Privileged access management enterprise dengan modul OT.

CommercialPAM

BeyondTrust PRA

BeyondTrust

Privileged Remote Access untuk vendor & internal.

CommercialPAM

Metasploit Framework

Rapid7

Exploitation framework dengan modul SCADA.

Open SourcePentestIntermediate

ICSSPLOIT

open source

Metasploit-like framework khusus ICS exploits.

Open SourcePentestAdvanced

Industrial Exploitation Framework (ISF)

dark-lbp

Framework eksploitasi ICS multi-vendor.

Open SourcePentest

PLCInject

SCADACS

Tools injection ladder logic ke Siemens S7-300/400.

Open SourcePentest

Modbus-CLI

FavioVazquez / others

CLI sederhana untuk read/write register Modbus.

Open SourcePentest

smod

open source

Modular Modbus penetration testing framework.

Open SourcePentest

Kali Linux

OffSec

Distro pentest dengan banyak tools default.

Open SourcePentestStandalone

Cobalt Strike

Fortra

Adversary simulation & red team platform.

CommercialPentest

Sliver

Bishop Fox

Open source cross-platform C2.

Open SourcePentest

BloodHound

SpecterOps

AD attack path analysis untuk pivot ke OT.

Open SourcePentest

Claroty SRA

Claroty

Secure Remote Access khusus OT (eks-Secure Remote Access).

CommercialRemote AccessHybrid

Cyolo PRO

Cyolo

Zero-trust access broker untuk OT/IoT.

CommercialRemote Access

Xona Systems

Xona

User-to-asset access controlled untuk CI.

CommercialRemote Access

Apache Guacamole

Apache

Clientless remote desktop gateway (RDP/VNC/SSH).

Open SourceRemote Access

Teleport

Gravitational

Identity-aware access proxy SSH/K8s/DB/Apps.

FreemiumRemote Access

WireGuard

WireGuard

Modern fast VPN protocol.

Open SourceRemote Access

OpenVPN

OpenVPN Inc.

VPN klasik proven enterprise.

FreemiumRemote Access

Tailscale

Tailscale

Mesh VPN berbasis WireGuard.

FreemiumRemote Access

Conpot

MushMush Foundation

ICS honeypot Modbus/S7/IEC-104/BACnet/HTTP.

Open SourceResearch

T-Pot

Deutsche Telekom

Multi-honeypot platform termasuk Conpot.

Open SourceResearch

Cowrie

Cowrie

SSH/Telnet honeypot untuk attacker profiling.

Open SourceResearch

Thinkst Canary

Thinkst

Deception assets fisik & virtual.

CommercialResearch

OTORIO RAM²

OTORIO

OT risk assessment & management automation.

CommercialRisk Management

Radiflow CIARA

Radiflow

Risk assessment automation berbasis ISA/IEC 62443.

CommercialRisk Management

CISA CSET

CISA

Cyber Security Evaluation Tool dengan modul NIST CSF, 62443, NEI.

Open SourceRisk ManagementStandalone

CyberSeer SAFE-T

INL

Structured Assessment For Engineering Toolkit dari Idaho National Lab.

Open SourceRisk Management

OT-CMM

Dragos

OT Cybersecurity Maturity Model assessment.

Open SourceRisk Management

CycloneDX

OWASP

SBOM standard & tooling.

Open SourceSBOM

SPDX

Linux Foundation

SBOM standard ISO/IEC 5962.

Open SourceSBOM

Syft

Anchore

Generate SBOM dari container & filesystem.

Open SourceSBOM

Grype

Anchore

Vulnerability scanner SBOM/image.

Open SourceSBOM

Trivy

Aqua Security

All-in-one security scanner container/IaC/SBOM.

Open SourceSBOM

Dependency-Track

OWASP

Continuous component & vulnerability analysis.

Open SourceSBOM

open62541

open62541 community

OPC UA SDK C99 untuk riset & integration.

Open SourceSDK

pymodbus

pymodbus community

Library Python Modbus client/server.

Open SourceSDK

snap7

Davide Nardella

S7 communication library multi-bahasa.

Open SourceSDK

libiec61850

MZ Automation

IEC 61850 & 60870-5 client/server library.

Open SourceSDK

OPC Foundation UA .NET

OPC Foundation

Reference implementation OPC UA .NET.

Open SourceSDK

HashiCorp Vault

HashiCorp

Secrets, certificates, encryption-as-a-service.

FreemiumSecrets Management

Splunk Enterprise Security

Splunk / Cisco

SIEM enterprise dengan Add-on Industrial Asset Intelligence.

CommercialSIEMHybrid

Elastic Security

Elastic

SIEM gratis dengan ICS detection rules & integrations.

FreemiumSIEMHybrid

Wazuh

Wazuh

SIEM/XDR open source dengan rule pack OT.

Open SourceSIEMOn-PremIntermediate

Graylog

Graylog

Log management dengan threat detection bawaan.

FreemiumSIEM

IBM QRadar

IBM

SIEM enterprise dengan QRadar OT/ICS content.

CommercialSIEMHybrid

Microsoft Sentinel

Microsoft

Cloud-native SIEM/SOAR di Azure dengan Defender for IoT connector.

CommercialSIEMCloud

Chronicle / Google SecOps

Google

Cloud-native SIEM dengan kapasitas petabyte.

CommercialSIEMCloud

MISP

MISP Project

Threat intelligence sharing platform dengan taxonomies ICS.

Open SourceThreat IntelligenceOn-Prem

OpenCTI

Filigran

Knowledge graph CTI dengan konektor MITRE ATT&CK ICS.

Open SourceThreat IntelligenceIntermediate

Yeti

Yeti Project

Your Everyday Threat Intelligence platform.

Open SourceThreat Intelligence

Recorded Future

Recorded Future

Real-time threat intelligence & risk scoring.

CommercialThreat IntelligenceCloud

Mandiant Advantage

Google / Mandiant

Threat intel & breach analytics dengan modul OT.

CommercialThreat IntelligenceCloud

Dragos WorldView

Dragos

ICS-specific threat intelligence subscription.

CommercialThreat IntelligenceCloud

CISA KEV Catalog

CISA

Known Exploited Vulnerabilities catalog (gratis & dapat di-feed).

Open SourceThreat Intelligence

AlienVault OTX

AT&T / LevelBlue

Open Threat Exchange community pulses.

FreemiumThreat Intelligence

OT Cyber Range CyberBit

CyberBit

Cyber range simulator dengan skenario OT/SCADA.

CommercialTraining

SANS NetWars ICS

SANS

Hands-on challenge berbasis ICS.

CommercialTraining

DEF CON ICS Village

ICS Village

Komunitas + lab gratis untuk belajar OT.

Open SourceTraining

Graphviz

AT&T

DOT-based graph rendering untuk arsitektur.

Open SourceVisualization

Tenable OT Security

Tenable

Vulnerability scanning aktif/pasif untuk OT (eks-Indegy).

CommercialVulnerability ManagementOn-Prem

Rapid7 InsightVM

Rapid7

VM enterprise dengan policy compliance.

CommercialVulnerability ManagementHybrid

Qualys VMDR

Qualys

Cloud-based vulnerability management & detection.

CommercialVulnerability ManagementCloud

OpenVAS / Greenbone

Greenbone

Vulnerability scanner open source dengan feed harian.

Open SourceVulnerability ManagementOn-PremIntermediate

Tenable Nessus

Tenable

Vulnerability scanner deep dengan ICS plugins.

CommercialVulnerability Management

Kismet

Kismet Project

Wireless detector & sniffer 802.11/BLE/Zigbee.

Open SourceWireless

Aircrack-ng

Aircrack-ng

Suite WPA/WEP audit.

Open SourceWireless

GNU Radio

GNU Radio

SDR framework untuk analisis sinyal radio industri.

Open SourceWirelessAdvanced

HackRF

Great Scott Gadgets

Hardware SDR 1 MHz–6 GHz.

Open SourceWireless