@DisCo: Binary-Level Vulnerability Detection
Annotated Translated Disassembled Code (@DisCo)
AHA: Infrastructure Decision Support for Disaster Management
All Hazards Analysis Core (AHA)
ATIS: Malware Analysis and STIX Data Transformation
Any Threat Intelligence to STIX (ATIS)
ATTAR: Remote Testing Framework for Security Analysis and Protection
A remote testing and validation tool using SSH for automated software testing, particularly effective in cybersecurity applications
Cerberus
Safety Instrumented System (SIS) for Extreme Fast Charging (XFC) Infrastructure - Analysis Software
Cirrus: Cloud Feasibility Assessment Tool for Grid Professionals
Cirrus provides grid and utility professionals with strategic guidance for cloud integration, enhancing operational resilience and efficiency through tailored feasibility assessments and resource planning.
CSET: Cyber Security Evaluation Tool
A desktop or web-based tool guiding asset owners through evaluating control system and IT security practices against industry standards.
CyOTE: Detecting Cyber Attacks in Operational Technology Environments
CyOTE Research Tool Library (CRTL)
CyStAR: Cyber-Physical Threat Detection and Asset Monitoring
Cyber State Awareness for Resilience (CyStAR)
DaRT: Malicious Code Disassembly for Risk-Free Transport
DaRT (Disassembly and Reassembly for Transport)
DISCOverflow: Project Code Structure Visualization Tool
Automatically disassembles project code data into a graph database for efficient and secure code analysis.
EFAC: Infrastructure Analysis for Enhanced Disaster Resilience
Essential Function Analysis Capability (EFAC)
Empowering Counterintelligence: A Proprietary Pipeline for Analyzing Critical Infrastructure Influence
Adversarial Socio-Technical Network Analysis (ASTNA) is a data processing pipeline for extracting a knowledge graph from SEC Documents to enable robust socio-technical analysis of critical infrastructure influence.
EMV: Exploit, Malware, and Vulnerability Scoring GUI
A customizable application that allows users to create and apply their own scoring schema to cyber issues, interfacing with STIX objects and supporting export functions.
ESE: Comprehensive STIX1-to-STIX2 Conversion Tool
Enhanced STIX Elevator (ESE)
HPCACT-2022: Video Annotation for Anomaly Detection in Data Centers
Anomalous and normal High Performance Computing datacenter activities
ICSNPP: Industrial Control System Network Protocol Parsers
A series of industrial control system protocol parsers developed by INL for the Zeek network security monitoring framework to enhance incident response capabilities.
Infrastructure eXpression: Discovery Tools
Automates the collection and conversion of network vulnerabilities into STIX format, streamlining vulnerability management and sharing.
Malcolm: Network Traffic Analysis
Network traffic analysis suite offering easy upload, powerful traffic analysis, and streamlined deployment for security operations.
MaSDE: Real-Time Dynamic Estimation for a Resilient Power Grid
Master State Distributed Estimator (MaSDE)
MASFIC: Streamlined Contingency Analysis for Power Utilities
MASFIC (MASTERRI Automated SAPHIRE File Intermediary Converter) is a powerful software application designed to streamline contingency analysis and risk assessment in power grids.
MaSTI: Network Monitoring for Enhanced Control System Protection
Master State Threat Identifier (MaSTI)
NAVV Tool: Network Architecture Verification & Validation Tool
Automates network traffic analysis using Zeek IDS logs, generating an Excel summary for easy data sorting and analysis.
OpDefender: Real-Time Network Traffic Analysis
A cybersecurity solution for control system networks, featuring smart switches and a network HMI for real-time attack prevention and network traffic control.
PacketSight: Mitigating Unusual Network Packets
This software identifies, examines, and mitigates unusual network packets using a multi-dimensional latent space representation.
Parsnip Parser Creation Application:
Parsnip aims to automate 90% of the repetitive tasks involved in parser development
Polyglot Framework: Cross-Platform Tool Development
Polyglot is a framework that simplifies the process of creating or modifying tools for a wide range of devices and operating systems. It is especially useful for embedded, esoteric, or old targets that lack easy and consistent solutions.
PowDDeR v2: Power Distribution Designing for Resilience Application
Updated software tool for power distribution design, analyzing system resilience to disturbances in real and reactive power.
PowDDeR: Power Distribution Designing for Resilience Application
Measures power system resilience by analyzing responses to disturbances, such as natural or human-caused ones
Scramble
Simulated control and cybersecurity testing tool for microgrid implementations, providing realistic response analysis.
SPEMMCRA: Control Strategy Testing for Microgrid Implementations
Simulated control and cybersecurity testing tool for microgrid implementations, providing realistic response analysis.
STAR: Structured Threat Automated Response
Automates response actions for cybersecurity threats by executing STIX Course of Action objects in Python.
STIG: Graph-Based Threat Intelligence and Response System
Structured Threat Intelligence Graph (STIG)
STIXEnforcer: Advanced STIX 2.1 Data Enrichment and Error Correction Tool
Structured Threat Information Expression Style Enforcer
STOAT: Automated Scoring Tool for Software Weaknesses
Scoring Threat Object Analysis Tool (STOAT)
STOTS: Network Threat Analysis and Visualization Suite
Structured Threat Observation Tool Set (STOTS)
Vendor 0: FPE Library for Structured File Encryption
Encryption library for structured files like JSON, addressing the need for secure data handling in sensitive utility information management.
WiiBin: Machine Learning Binary Analysis for Reverse Engineering
What Is It Binary (WiiBin)