LINICS
LINICS®️ is a Linux®️ based platform for ICS (Industrial Control Systems) security professionals. LIN+ICS = LINICS. (Linux®️ is the registered trademark of Linus Torvalds in the U.S. and other countries.)
LINICS Includes a number of specialised ICS security tools including those developed by Hacktonics. It also includes some general purpose IT security tools that are often used in OT security. LINICS directly addresses the lack of easy to deploy and use OT security tools by locating them in one distribution. All tools included in LINICS are mapped to MiTRE ATT&CK®️ for ICS for users to easily navigate through the various stages of attack and impact.
LINICS is a free resource for use by the community and we welcome people to get in touch with us to contribute tools to it.
System Requirements
LINICS is based on Debian 12 (Bookworm). It is available for 64-bit PC (AMD64) architectures. Recommended minimum system requirements are: 4 GB RAM, 50 GB Hard Disk and 2 Processor Cores.
Release Notes and Bug Reporting
The current release is LINICS 1.01. You can find details about the release on our Github page including information about the various tools included in LINICS. You can also report bugs through Github.
Downloads
You can download a LINICS ISO to install or one of our pre-built VMs for VMware, Virtualbox and KVM. An OVF download is also provided.
Join the LINICS Community
We have a number of Discord channels to discuss all things LINICS. Join the discussions and contribute.
MITRE ATT&CK ICS Tool Mapping
The below table contains a mapping of the tools included in LINICS®️ to the tactics of the MiTRE ATT&CK for ICS framework. Clicking on a column will allow you to sort.
| Tools | ||||||||||||||||||||
| Tactics | Nmap | Grassmarlin | PLCScan | Burpsuite | Wireshark | Metasploit | Hydra | John | Ettercap | Bettercap | smod | OPC-UA Exploitation Framework | Industrial Exploitation Framework (ISF) | Industrial Security Exploitation Framework (ISEF) | Nikto | Ethersploit/IP | arp-scan | netdiscover | dirb | Zathrics |
| 01. Initial Access | Y | Y | Y | Y | ||||||||||||||||
| 02. Execution | Y | Y | Y | |||||||||||||||||
| 03. Persistence | Y | |||||||||||||||||||
| 04. Privilege Escalation | Y | Y | Y | Y | Y | |||||||||||||||
| 05. Evasion | Y | Y | ||||||||||||||||||
| 06. Discovery | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | |||||
| 07. Lateral Movement | Y | Y | Y | |||||||||||||||||
| 08. Collection | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | |||||
| 09. Command and Control | Y | |||||||||||||||||||
| 10. Inhibit Response Function | Y | Y | Y | Y | Y | Y | Y | Y | ||||||||||||
| 11. Impair Process Control | Y | Y | Y | Y | Y | Y | Y | Y | Y | |||||||||||
| 12. Impact | Y | Y | Y | Y | Y | Y | ||||||||||||||