PLCinject
Brought to you by www.SCADACS.org. Compiling As easy as $ make Usually this is enough. Then you can find the binary in the current dir. Troubleshooting This tool depends on the Snap7 library available at http://sourceforge.net/projects/snap7/. Compilation error We include the libraries of the latest release (1.4.0) and use the Linux x86_64 version for compiling. If you need a different version, you'll have to pick it from the snap7/release/ dir and copy it to lib/. If that won't work, you'll have to get the full release of Snap7, compile it yourself and copy the library to lib/. cannot open shared object file PLCinject is dynamically linked with the Snap7's shared library in lib/. If you (re)move the binary or the library, it won't work. Usage The directory given by parameter -f must only contain the blocks to download to the plc. The filename convention is <blocktype>_<blocknumber>.mc7 (e.g. "FC_1000.mc7") usage: plcinject -c ip [-r rack=0] [-s slot=2] [-b block] [-p block] [-f dir] [-d] -d Display available blocks on PLC -p Block that has to be injected/patched with a call instruction: OBx, FBx or FCx on PLC, e.g. OB1 -b Block to call -f Path to your block(s) you want to inject
FEATURES
SIMILAR TOOLS
A hardware security validation toolkit for x86 platforms that provides bootable tools for checking platform configuration registers and managing SecureBoot keys.
A comprehensive collection of wordlists for bruteforcing and password cracking, covering various hashing algorithms and sizes.
An industrial control system testing tool that enables security researchers to enumerate SCADA controllers, read register values, and modify register data across different testing modes.
Hashcat is a fast and advanced password recovery utility that supports various attack modes and hashing algorithms, and is open-source and community-driven.
An open-source phishing toolkit for businesses and penetration testers.
Comprehensive manual for mobile app security testing and reverse engineering with technical processes for verifying controls.
A Graphical Realism Framework for Industrial Control Simulation organized as 5 VirtualBox VMs for realistic ICS network simulation.
A data-mining and deep web asset search engine for breach analysis and prevention services.
Python tool for monitoring user-select APIs in Android apps using Frida.
PINNED
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.