ICSREF Logo

ICSREF

0
Free
Visit Website

ICSREF is a modular framework that automates the reverse engineering process of CODESYS binaries compiled with the CODESYS v2 compiler. It can perform core analysis of arbitrary PRG programs, including: * Delimitation of binary blobs (i.e., functions/routines) * Identification of calls to dynamic libraries * Identification of calls to static libraries (other than CODESYS libraries) by Tasos Keliris @koukouviou Cite us! If you find our work interesting and use it in your (academic or not) research, please cite our NDSS'19 paper describing ICSREF: @inproceedings{keliris2019icsref, title={{ICSREF}: A Framework for Automated Reverse Engineering of Industrial Control Systems Binaries}, author={Keliris, A. and Maniatakos, M.}, booktitle={Network and Distributed System Security Symposium (NDSS)}, year={2019} }

FEATURES

ALTERNATIVES

Compact C framework for analyzing suspected malware documents and detecting exploits and embedded executables.

Joe Sandbox Community provides automated cloud-based malware analysis across multiple OS platforms.

A serverless, real-time, and retroactive malware detection tool that scans files with YARA rules and alerts incident response teams.

KLara is a distributed system written in Python that helps Threat Intelligence researchers hunt for new malware using Yara.

Java decompiler for modern Java features up to Java 14.

A tool for reading Portable Executable (PE) files with detailed information about the file structure.

dynStruct is a tool for monitoring memory accesses of an ELF binary and recovering structures of the original code.

Parse YARA rules into a dictionary representation.