Industrial Control Systems Security Research
Projects mapped to MITRE ATT&CK for ICS
Projects
DNP3 Timing Attack
A Rust-based tool demonstrating how DNP3 time synchronization can be weaponized to disrupt critical infrastructure operations.
- MITRE ATT&CK: T0820 - Exploitation of Remote Services
- GitHub: DNP3TimmingAttack
- Language: Rust
- License: AGPL-3.0
- Read the full writeup
Cisco Stratix 5400 Vulnerability Research
Security assessment uncovering GET-based RCE, CSRF, password hash exposure, and privilege escalation in industrial Ethernet switches.
- MITRE ATT&CK: T0866 - Exploitation of Remote Services, T0859 - Valid Accounts
- Read the full writeup
Advent of Code 2025 - Ladder Logic
Solving programming puzzles using Allen-Bradley Micro870 PLCs and ladder logic.
- GitHub: Advent-of-Code-2025
- Hardware: Allen-Bradley Micro870 (2080-L70E-24QBBN)
- Read the full writeup
About This Research
These projects are developed as part of ongoing research into Industrial Control Systems security, focusing on practical demonstrations of attack techniques and defensive considerations. All tools are released for educational and authorized security testing purposes only.
Responsible Disclosure: These tools should only be used in authorized environments with proper permission. Unauthorized access to industrial control systems is illegal and dangerous.
Educational Use
- Security Research: Understanding attack vectors in ICS environments
- Defensive Training: Helping defenders recognize and respond to threats
- Red Team Operations: Supporting authorized penetration testing
- Academic Study: Contributing to the body of ICS security knowledge