ICSREF Logo

ICSREF

0
Free
170
10 May 2023
10 September 2025
Visit Website

ICSREF is a modular framework for automated reverse engineering of industrial control systems binaries, with specific focus on CODESYS binaries compiled using the CODESYS v2 compiler. The framework provides automated analysis capabilities for PRG programs through several core functions: - Binary blob delimitation to identify functions and routines within compiled code - Detection and identification of calls to dynamic libraries used by industrial control systems - Recognition of calls to static libraries while excluding CODESYS-specific libraries The tool targets the CODESYS platform, which is widely deployed in programmable logic controllers (PLCs) and industrial automation systems. By automating the reverse engineering process, ICSREF reduces the manual effort typically required to analyze industrial control system binaries. The framework was developed by Tasos Keliris and documented in academic research presented at the Network and Distributed System Security Symposium (NDSS) in 2019.

FEATURES

SIMILAR TOOLS

A command line steganography tool that uses LSB technique to hide files within images without visible alteration.

Semi-tethered jailbreak for iPhone 5s to iPhone X, running iOS 12.0 and up, using the 'checkm8' bootrom exploit.

Comprehensive manual for mobile app security testing and reverse engineering with technical processes for verifying controls.

An Active Defense framework for detecting and responding to phishing attacks in Office 365 Message Trace logs.

An open-source phishing toolkit for businesses and penetration testers.

Web-based tool for browsing mobile applications sandbox and previewing SQLite databases.

A Graphical Realism Framework for Industrial Control Simulation organized as 5 VirtualBox VMs for realistic ICS network simulation.

iOS Reverse Engineering Toolkit for automating common tasks in iOS penetration testing.

A data-mining and deep web asset search engine for breach analysis and prevention services.

PINNED

Proton Pass Logo

Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.

Data Protection
NordVPN Logo

NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.

Network Security
Mandos Logo

Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Consulting
Checkmarx SCA Logo

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security
Orca Security Logo

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security
DryRun Logo

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security
CybersecTools logoCybersecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

VAT: NL005301434B12

Copyright © 2025 - All rights reserved