fatcousin
// artifact family

ics / ot / scada

33 browser-only forensics tools in this catalog group — browse by artifact family when you know the kind of evidence you are working with, not the investigation pattern.

tools
33
catalog slugs
33
processing
local · in browser

tools in this family

ordered as in the forensics catalog. every tool runs locally — no upload, no account.

  1. modbus tcp traffic forensic analyzerdrop pcap with modbus tcp · parse function codes + register reads/writes · reconstruct controller command history · runs locally
  2. modbus rtu serial log analyzerdrop serial capture with modbus rtu · parse master/slave exchanges · runs locally
  3. dnp3 protocol traffic forensic analyzerdrop pcap with dnp3 · parse outstation reads + control operates · runs locally
  4. iec 61850 mms traffic forensic analyzerdrop pcap with iec 61850 mms · parse substation control operations · runs locally
  5. iec 60870 5 104 traffic forensic analyzerdrop pcap with iec 60870-5-104 · parse telecontrol asdu messages · runs locally
  6. siemens s7 comm traffic forensic analyzerdrop pcap with siemens s7comm · parse plc read/write/start/stop operations · runs locally
  7. profinet traffic forensic analyzerdrop pcap with profinet · parse io device + controller exchanges · runs locally
  8. ethernet ip cip traffic forensic analyzerdrop pcap with allen-bradley ethernet/ip + cip · parse tag reads + service calls · runs locally
  9. opc ua traffic forensic analyzerdrop pcap with opc-ua · parse browse + read + write + subscribe sessions · runs locally
  10. bacnet traffic forensic analyzerdrop pcap with bacnet · parse building automation read-property + write-property events · runs locally
  11. knx traffic forensic analyzerdrop knx/ip capture · parse group address writes + bus device activity · runs locally
  12. plc firmware binary forensic extractordrop siemens / rockwell / schneider plc firmware blob · identify vendor + extract embedded config · runs locally
  13. plc ladder logic diff analyzerdrop two plc program exports (l5x / awl / scl) · diff ladder/structured logic · highlight tampered rungs · runs locally
  14. hmi configuration forensic analyzerdrop wonderware / factorytalk / wincc project · parse screens + tag database + scripts · runs locally
  15. historian pi system export forensic analyzerdrop osisoft pi system tag export csv · parse process value history · detect tampered windows · runs locally
  16. historian wonderware export forensic analyzerdrop wonderware historian export · parse process timeseries · runs locally
  17. ics event log forensic analyzerdrop ics alarm/event journal export · parse alarm acks + operator actions · runs locally
  18. scada operator action attribution tooldrop scada audit log · attribute who issued each control command + at what hmi station · runs locally
  19. tridium niagara config forensic analyzerdrop niagara station config · parse modules + drivers + history exports · runs locally
  20. dlms cosem meter traffic forensic analyzerdrop dlms/cosem capture · parse smart-meter read events + cmd responses · runs locally
  21. iec 62351 security event forensic analyzerdrop iec 62351 security event log · parse cert + role-based-access events · runs locally
  22. rtu log forensic analyzerdrop remote terminal unit log · parse polling sequences + setpoint changes · runs locally
  23. safety instrumented system log analyzerdrop sis controller log · parse trip events + bypass actions · runs locally
  24. iec 61850 goose message forensic analyzerdrop goose pcap/text export · parse appid + stnum + sqnum + dataset changes · runs locally
  25. iec 61850 sampled values stream forensic analyzerdrop sv stream export · parse sampling rate + synch + quality flags · runs locally
  26. hart protocol command log forensic analyzerdrop hart modem command log · parse universal/common cmd + device id · runs locally
  27. foundation fieldbus h1 traffic forensic analyzerdrop ff h1 segment log export · parse scheduled + acyclic transactions · runs locally
  28. profibus dp master log forensic analyzerdrop profibus dp scan export · parse slave diag + parameter writes · runs locally
  29. cc link ie field network log forensic analyzerdrop cc-link ie frame export · parse cyclic + transient messaging · runs locally
  30. as interface i o cycle log forensic analyzerdrop as-i master cycle log · parse slave profile + fault flags · runs locally
  31. melsec mc protocol log forensic analyzerdrop mitsubishi mc protocol trace · parse read/write device blocks · runs locally
  32. omron fins protocol log forensic analyzerdrop omron fins udp/tcp log export · parse memory area read/write · runs locally
  33. schneider modicon program change forensic analyzerdrop modicon plc program diff export · parse logic download + online edit events · runs locally
ready