├── 0.png ├── 1.png ├── 2.png ├── 3.png ├── 4.png ├── 5.png ├── .gitattributes └── README.md /0.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiansiting/ICS-windows/HEAD/0.png -------------------------------------------------------------------------------- /1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiansiting/ICS-windows/HEAD/1.png -------------------------------------------------------------------------------- /2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiansiting/ICS-windows/HEAD/2.png -------------------------------------------------------------------------------- /3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiansiting/ICS-windows/HEAD/3.png -------------------------------------------------------------------------------- /4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiansiting/ICS-windows/HEAD/4.png -------------------------------------------------------------------------------- /5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jiansiting/ICS-windows/HEAD/5.png -------------------------------------------------------------------------------- /.gitattributes: -------------------------------------------------------------------------------- 1 | # Auto detect text files and perform LF normalization 2 | * text=auto 3 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # ICS Windows v2.0 2 | 距离上一次IRTeam发布ICS windows v1.0已经差不多一年了,根据很多安全小伙伴的要求,此次更新版本基于原来kali windows v1.1,更新了Windows 10 1909版本,同时增加了一些工具并加入一些ICS attack工具。这是一款为网络安全从业人员打造的免费安全研究平台。 3 | 4 | 首先,从百度网盘下载ICS.ova(文件链接:https://pan.baidu.com/s/1znkAD4i3v0qyw3zytAYPQA 提取码:6diu ) 5 | 可以导入vmware,vbox和kvm,配置需求,2 vCPU,8G内存,60G硬盘,网卡桥接。 6 | 7 | 开机后会进入登陆界面: 8 | ![avatar](0.png) 9 | 输入用户名和密码(密码询问剑思庭),进入界面后可以看到相应的版本信息。 10 | ![avatar](1.png) 11 | 在底部菜单栏里有一项可以看到这个平台所带有工具分类和列表。 12 | ![avatar](2.png) 13 | 可以看到我们常用的brup,msf,nmap等我们常用的安全工具。 14 | ![avatar](3.png) 15 | 这里要介绍一下ICS基于工控安全的一些研究工具,比如hsl这款能够和众多工控设备通讯测试的工具,它主要是完成控制设备io的和内存地址的读写。 16 | ![avatar](4.png) 17 | 同时,还提供了modbus tcp的服务器模拟器和客户端,S7协议的服务器的模拟器和客户端,同时还提供了基于Profinet和ethernet/ip的协议在线分析和诊断工具,以及基于opc da的访问客户端。同时ICS windows v2.0还封装了一个ICS command line,把一些常用的工具和命令提前集成进去,直接使用tab键就可以快速输入,推荐网络安全小伙伴从这个命令行进入使用安全工具。 18 | ![avatar](5.png) 19 | 20 | ICS Windows v2.0工具平台提供以下工具集: 21 | 22 | DOS Attacks 23 | 24 | abdal-loris 25 | hping 26 | apachedos 27 | memcrashed 28 | perlflood 29 | slowloris 30 | slowloris6 31 | 32 | Exploitation Tools 33 | 34 | ExploitPack_12 35 | msfconsole 36 | nc 37 | nc64 38 | Netsparker Pro 39 | Nmap – Zenmap GUI 40 | nosqlmap 41 | PowerSploit 42 | shodansploit 43 | sqlmap 44 | wepwnise 45 | winexs 46 | xsstrike 47 | XAttacker 48 | Acunetix Pro 49 | 50 | Forensic 51 | 52 | Acunetix Pro 53 | adb 54 | Autoruns 55 | Autoruns64 56 | awatch 57 | BluetoothView 58 | BrowsingHistoryView 59 | Cain 60 | CFF Explorer 61 | ChromeCacheView 62 | cloudfail 63 | cports 64 | CredentialsFileView 65 | DataProtectionDecryptor 66 | Diskmon 67 | DNSDataView 68 | DNSQuerySniffer 69 | DownloadMgrPasswordDump 70 | DownTester 71 | DriverList_x64 72 | DriverList_x86 73 | Elcomsoft eXplorer for WhatsApp 74 | Elcomsoft Internet Password Breaker 75 | Ettercap-0.7.4 76 | FastResolver 77 | FullEventLogView 78 | HTTP Debugger Pro 79 | HTTPNetworkSniffer 80 | httprecon 81 | hydra 82 | ILSpy 83 | Immunity Debugger 84 | iOS Forensic Toolkit 85 | LiveContactsView 86 | logonsessions 87 | logonsessions64 88 | MegaDumper 89 | mimikatz 90 | MozillaHistoryView 91 | MyLastSearch 92 | mzcv 93 | ncat 94 | ndiff 95 | NetConnectChoose 96 | NetResView 97 | NetRouteView 98 | Netsparker 99 | NetworkLatencyView 100 | NetworkTrafficView 101 | nmap 102 | nping 103 | ntfsinfo 104 | ntfsinfo64 105 | PE Detective 106 | PingInfoView 107 | portmon 108 | Process Hacker 2 109 | procexp 110 | procexp64 111 | Procmon 112 | PsExec 113 | PsExec64 114 | psfile 115 | psfile64 116 | PsGetsid 117 | PsGetsid64 118 | PsInfo 119 | PsInfo64 120 | pskill 121 | pskill64 122 | pslist 123 | pslist64 124 | PsLoggedon 125 | PsLoggedon64 126 | psloglist 127 | psloglist64 128 | pspasswd 129 | pspasswd64 130 | psping 131 | psping64 132 | PsService 133 | PsService64 134 | psshutdown 135 | pssuspend 136 | pssuspend64 137 | QuickSetDNS 138 | RAMMap 139 | Registrar Registry Manager (64-bit) 140 | ResourceHacker 141 | Restorator 2018 142 | smsniff 143 | Sysmon 144 | Sysmon64 145 | TcpLogView 146 | Tcpvcon 147 | Tcpview 148 | USBDeview 149 | VaultPasswordView 150 | Volumeid 151 | Volumeid64 152 | webscreenshot 153 | whoistd 154 | WifiChannelMonitor 155 | WifiInfoView 156 | WinDump 157 | Winobj 158 | WirelessNetView 159 | Wireshark 160 | WNetWatcher 161 | Network Scanner 162 | IDA Pro 163 | habu 164 | 165 | Hardware Hacking 166 | 167 | adb 168 | apktool 169 | Arduino 170 | Elcomsoft eXplorer for WhatsApp 171 | iOS Forensic Toolkit 172 | UEFIFind 173 | USBDeview 174 | Andriller 175 | 176 | ICS Attacks 177 | 178 | EIPExporer 179 | HslCommunication 180 | ModScan32 181 | ModSim32 182 | nmap-scada 183 | password 184 | profinetExplorer 185 | S7 client 186 | S7 Server 187 | OPC Client 188 | 189 | Information Gathering 190 | 191 | Cain 192 | cloudfail 193 | crawler 194 | DNSDataView 195 | DNSQuerySniffer 196 | DownTester 197 | Ettercap-0.7.4 198 | FastResolver 199 | FOCA 200 | HTTP Debugger Pro 201 | HTTPNetworkSniffer 202 | httprecon 203 | InSpy 204 | inSSIDer 4 205 | IP List Generator 2 (x64) 206 | IP Subnet Calculator 207 | ipnetinfo 208 | mimikatz 209 | nc 210 | nc64 211 | NetConnectChoose 212 | NetResView 213 | NetRouteView 214 | netscan 215 | Netsparker 216 | NetworkLatencyView 217 | NetworkTrafficView 218 | Nmap – Zenmap GUI 219 | nmap 220 | PingInfoView 221 | portmon 222 | RouterScan 223 | shodansploit 224 | SmartWhois 225 | smsniff 226 | snmptest 227 | sublist3r 228 | TcpLogView 229 | theharvester 230 | ubntdiscovery 231 | whoistd 232 | WifiChannelMonitor 233 | WifiInfoView 234 | winexs 235 | WirelessNetView 236 | WNetWatcher 237 | wpgrab 238 | th3inspector 239 | hashid 240 | 241 | Malware Analysis Tools 242 | 243 | adb 244 | Andriller 245 | AndroChef Java Decompiler 1.0 246 | APK Easy Tool 247 | apk-editor-studio 248 | apk-icon-editor 249 | apktool 250 | Arduino 251 | Burp Suite Community Edition 252 | CFF Explorer 253 | Cheat Engine 254 | cstool 255 | de4dot-x64 256 | de4dot 257 | dnSpy 258 | DriverList_x64 259 | DriverList_x86 260 | Elcomsoft eXplorer for WhatsApp 261 | HTTP Debugger Pro 262 | HTTPNetworkSniffer 263 | httprecon 264 | hzmd5cracker 265 | ILSpy 266 | Immunity Debugger 267 | iOS Forensic Toolkit 268 | MegaDumper 269 | Nmap – Zenmap GUI 270 | ollydbg 271 | PE Detective 272 | ProcessActivityView32 273 | ProcessActivityView64 274 | RAMMap 275 | Registrar Registry Manager (64-bit) 276 | ResourceHacker 277 | Restorator 2018 278 | TcpLogView 279 | Tcpvcon 280 | Tcpview 281 | UEFIFind 282 | USBDeview 283 | VaultPasswordView 284 | Wi-Fi Scanner 285 | WifiChannelMonitor 286 | WirelessNetView 287 | Wireshark 288 | IDA Pro 289 | 290 | Mobile Tools 291 | 292 | adb 293 | AndroChef Java Decompiler 1.0 294 | APK Easy Tool 295 | apk-editor-studio 296 | apk-icon-editor 297 | apktool 298 | Odin3 299 | Andriller 300 | 301 | Multimedia 302 | 303 | AIMP 304 | PotPlayer 64 bit 305 | 306 | Network & Internet 307 | 308 | aria2c 309 | awatch 310 | BluetoothView 311 | Cain 312 | Cisco AnyConnect Secure Mobility Client 313 | cports 314 | DNSDataView 315 | DNSQuerySniffer 316 | DownTester 317 | Ettercap-0.7.4 318 | FastResolver 319 | HTTPNetworkSniffer 320 | hydra 321 | IP List Generator 2 (x64) 322 | IP Subnet Calculator 323 | ipnetinfo 324 | logonsessions 325 | logonsessions64 326 | Mozilla Thunderbird 327 | msfconsole 328 | nc 329 | nc64 330 | ncat 331 | ncrack 332 | ndiff 333 | NetConnectChoose 334 | NetResView 335 | NetRouteView 336 | netscan 337 | NetworkLatencyView 338 | NetworkTrafficView 339 | Nmap – Zenmap GUI 340 | nmap 341 | nping 342 | OpenConnect-GUI VPN client 343 | PingInfoView 344 | plink 345 | portmon 346 | Proxifier 347 | Proxy Checker 348 | pscp 349 | psftp 350 | putty 351 | puttygen 352 | puttytel 353 | QuickSetDNS 354 | RouterScan 355 | shodansploit 356 | SmartWhois 357 | smsniff 358 | snmptest 359 | sublist3r 360 | TcpLogView 361 | Tcpvcon 362 | Tcpview 363 | ubntdiscovery 364 | whoistd 365 | WifiChannelMonitor 366 | WifiInfoView 367 | WirelessNetView 368 | Wireshark 369 | WNetWatcher 370 | Firefox 371 | Google Chrome 372 | MantraPortable 373 | Tor Browser 374 | Colasoft Packet Builder 2.0 375 | Telegram 376 | NBMonitor 377 | Network Scanner 378 | 379 | Password Attacks 380 | 381 | Advanced Archive Password Recovery 382 | Advanced Office Password Recovery 383 | Advanced PDF Password Recovery 384 | aircrack-ng 385 | bruteforcer 386 | BulletsPassView 387 | Cain 388 | ChromePass 389 | crunch 390 | Dialupass 391 | DownloadMgrPasswordDump 392 | Elcomsoft Internet Password Breaker 393 | hashcat32 394 | hashcat64 395 | hydra 396 | iepv 397 | john 398 | mailpv 399 | mkbrutus 400 | msfconsole 401 | mspass 402 | ncrack 403 | netpass 404 | Nmap – Zenmap GUI 405 | OperaPassView 406 | PasswordFox 407 | pspv 408 | PstPassword 409 | rcrack 410 | rcrack_cl 411 | rcrack_cl_gui 412 | rcrack_cuda 413 | rcrack_cuda_gui 414 | rcrack_gui 415 | rdpv 416 | RouterPassView 417 | rt2rtc 418 | rtc2rt 419 | rtgen 420 | rtmerge 421 | rtsort 422 | Sentry_MBA 423 | SniffPass 424 | VNCPassView 425 | WebBrowserPassView 426 | WirelessKeyView 427 | Wireshark 428 | wpbrutexmlrpc 429 | xattacker 430 | xsspwn 431 | xbruteforcer 432 | hzmd5cracker 433 | Acunetix Pro 434 | patator 435 | 436 | Programming tools 437 | 438 | Advanced BAT to EXE Converter PRO v2.83 439 | AndroChef Java Decompiler 1.0 440 | APK Easy Tool 441 | apk-editor-studio 442 | apk-icon-editor 443 | Byte_Adder 444 | Git Bash 445 | HeidiSQL 446 | mysql 447 | mysqldump 448 | pgAdmin 4 449 | php 450 | ProcessActivityView32 451 | ProcessActivityView64 452 | SNSRemover 453 | SQL Shell (psql) 454 | premake 455 | 456 | Rat & SpyWare 457 | 458 | Black Stealer 459 | Costex FTP Keylogger 460 | Costex SMTP Keylogger 461 | DarkComet 462 | DarkCometRAT Remover 463 | Nano File Binder 464 | Spoofer-Binder 465 | UST 466 | 467 | Remote Control 468 | 469 | AnyDesk 470 | pageant 471 | plink 472 | pscp 473 | psftp 474 | putty 475 | puttygen 476 | puttytel 477 | winbox 478 | Xftp 479 | Xlpd 480 | Xmanager 481 | Xshell 482 | nc64 483 | nc 484 | VNC Viewer 485 | 486 | Reporting Tools 487 | 488 | Kainet LogViewPro 489 | ndiff 490 | Netsparker 491 | serpico 492 | 493 | Reverse Engineering 494 | 495 | AndroChef Java Decompiler 1.0 496 | APK Easy Tool 497 | apk-editor-studio 498 | apk-icon-editor 499 | Burp Suite Community Edition 500 | CFF Explorer 501 | Cheat Engine 502 | cstool 503 | de4dot-x64 504 | de4dot 505 | dnSpy 506 | DriverList_x64 507 | DriverList_x86 508 | ILSpy 509 | Immunity Debugger 510 | MegaDumper 511 | Nmap – Zenmap GUI 512 | ollydbg 513 | PE Detective 514 | ProcessActivityView32 515 | ProcessActivityView64 516 | Registrar Registry Manager (64-bit) 517 | ResourceHacker 518 | Restorator 2018 519 | adb 520 | apktools 521 | hzmd5cracker 522 | IDA Pro 523 | yara 524 | yarac 525 | HxD 526 | cutter 527 | wxHexEditor 528 | binwalk 529 | 530 | Security 531 | 532 | Abdal Anti GiliSoft USB Lock 5x-4x-3x 533 | Abdal Anti GiliSoft USB Lock 7.x 534 | Autoruns 535 | Autoruns64 536 | Diskmon 537 | KeePass 2 538 | logonsessions 539 | logonsessions64 540 | procexp 541 | procexp64 542 | Procmon 543 | RunPEDetector 544 | sdelete 545 | sdelete64 546 | VeraCrypt 547 | WinAuth 548 | XArp 549 | NBMonitor 550 | Flash Memory Protector 551 | 552 | Sniffing & Spoofing 553 | 554 | Burp Suite Community Edition 555 | Change MAC Address 556 | Byte_Adder 557 | Cain 558 | Colasoft Packet Builder 2.0 559 | HTTP Debugger Pro 560 | nc 561 | nc64 562 | NetworkLatencyView 563 | NetworkTrafficView 564 | Nmap – Zenmap GUI 565 | nmap 566 | smsniff 567 | snmptest 568 | TcpLogView 569 | Tcpvcon 570 | Tcpview 571 | whoistd 572 | WifiChannelMonitor 573 | WifiInfoView 574 | WirelessNetView 575 | Wireshark 576 | WNetWatcher 577 | YouTube View Increaser v3 578 | habu 579 | 580 | Utility 581 | 582 | 7-Zip File Manager 583 | Acrobat Reader DC 584 | Advanced BAT to EXE Converter PRO v2.83 585 | AIMP 586 | Autologon 587 | Cisco AnyConnect Secure Mobility Client 588 | Desktops 589 | FileZilla Server Interface 590 | FileZilla 591 | Hard Disk Sentinel 592 | hostseditor 593 | Internet Download Manager 594 | IP List Generator 2 (x64) 595 | IP Subnet Calculator 596 | Mozilla Thunderbird 597 | OpenConnect-GUI VPN client 598 | pgAdmin 4 599 | plink 600 | PotPlayer 64 bit 601 | Proxifier 602 | Proxy Checker 603 | pscp 604 | psftp 605 | puttygen 606 | puttytel 607 | Rainmeter 608 | SQL Shell (psql) 609 | UltraISO 610 | Telegram 611 | PowerISO 612 | Your Unin-staller! 613 | rufus 614 | Flash Memory Protector 615 | aria2c 616 | 617 | Virus Coding 618 | 619 | Abdal Autoit Cryptor 620 | Abdal Autoit IDE 621 | Abdal Autoit Info 622 | Abdal Autoit Info_x64 623 | Byte_Adder 624 | JetBrains CLion 2019.1.3 625 | JetBrains GoLand 2019.1 x64 626 | JetBrains GoLand 2019.1 627 | Nano File Binder 628 | Spoofer-Binder 629 | UST 630 | 631 | Web Applications 632 | 633 | Burp Suite Community Edition 634 | cloudfail 635 | crawler 636 | ExploitMyUnion 637 | FOCA 638 | HTTP Debugger Pro 639 | hydra 640 | msfconsole 641 | ncrack 642 | Netsparker Pro 643 | nikto 644 | nosqlmap 645 | OWASP ZAP 2.7.0 646 | Sentry_MBA 647 | sqlmap 648 | sublist3r 649 | Vega 650 | webscreenshot 651 | Wireshark 652 | wpscan 653 | pwpscan 654 | xattacker 655 | xbruteforcer 656 | xsspwn 657 | xsspy 658 | xsssniper 659 | xsstrike 660 | Acunetix Pro 661 | 662 | 663 | Web Browser 664 | 665 | Firefox 666 | Google Chrome 667 | Mantra 668 | Tor Browser 669 | 670 | Wireless Attacks 671 | 672 | airbase-ng 673 | aircrack-ng 674 | airdecap-ng 675 | airdecloak-ng 676 | aireplay-ng 677 | airodump-ng 678 | airolib-ng 679 | airserv-ng 680 | airtun-ng 681 | airventriloquist-ng 682 | besside-ng 683 | buddy-ng 684 | CommView for WiFi 685 | easside-ng 686 | Ekahau HeatMapper 687 | inSSIDer 4 688 | ivstools 689 | kstats 690 | makeivs-ng 691 | Network Stumbler 692 | packetforge-ng 693 | tkiptun-ng 694 | wesside-ng 695 | wpaclean 696 | 697 | 698 | Programing Support 699 | 700 | Python3 701 | python2 702 | c++ 703 | c 704 | VC++ 705 | GO 706 | Perl 707 | Java 708 | PHP 709 | Ruby 710 | Scala 711 | PostgreSQL 712 | MYSQL 713 | --------------------------------------------------------------------------------