ICSREF
ICSREF is a modular framework for automated reverse engineering of industrial control systems binaries, with specific focus on CODESYS binaries compiled using the CODESYS v2 compiler. The framework provides automated analysis capabilities for PRG programs through several core functions: - Binary blob delimitation to identify functions and routines within compiled code - Detection and identification of calls to dynamic libraries used by industrial control systems - Recognition of calls to static libraries while excluding CODESYS-specific libraries The tool targets the CODESYS platform, which is widely deployed in programmable logic controllers (PLCs) and industrial automation systems. By automating the reverse engineering process, ICSREF reduces the manual effort typically required to analyze industrial control system binaries. The framework was developed by Tasos Keliris and documented in academic research presented at the Network and Distributed System Security Symposium (NDSS) in 2019.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A command line steganography tool that uses LSB technique to hide files within images without visible alteration.
Semi-tethered jailbreak for iPhone 5s to iPhone X, running iOS 12.0 and up, using the 'checkm8' bootrom exploit.
Comprehensive manual for mobile app security testing and reverse engineering with technical processes for verifying controls.
An Active Defense framework for detecting and responding to phishing attacks in Office 365 Message Trace logs.
An open-source phishing toolkit for businesses and penetration testers.
Web-based tool for browsing mobile applications sandbox and previewing SQLite databases.
A Graphical Realism Framework for Industrial Control Simulation organized as 5 VirtualBox VMs for realistic ICS network simulation.
iOS Reverse Engineering Toolkit for automating common tasks in iOS penetration testing.
A data-mining and deep web asset search engine for breach analysis and prevention services.
PINNED
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.