MS
MarlinSpike
Home Demo Sign In

MarlinSpike

v1.9.0

What

MarlinSpike is a passive OT/ICS network topology mapping engine. It analyzes packet captures (PCAP files) or live network traffic to build a complete picture of industrial control system networks — without transmitting a single packet.

The output is an interactive topology map with asset inventory, protocol breakdown, Purdue Model classification, risk findings, attack target prioritization, and C2/beacon/exfiltration detection.

How — 5-Stage Analysis Chain

Ingest Dissect Classify Analyze Report

Packet data is streamed through the analysis engine in configurable chunks, parsed into conversations and flows, classified by protocol and device role, analyzed for risk and attack surface, then rendered as a structured report with topology, asset inventory, and risk findings.

Protocols

OT / ICS:
Modbus EtherNet/IP CIP S7comm DNP3 OPC-UA BACnet PROFINET HART-IP BSAP ROCPlus FINS GENISYS C1222
Layer 2 / Discovery:
LLDP CDP STP LACP

Standards

Built By

River Risk Partners