We at @emproofsecurity open-sourced a free firmware reverse engineering workshop for self-study. Topics: ELF analysis, cracking, malware triage, embedded-Linux, bare-metal, crypto-key extraction, anti-analysis. Docker setup and solutions included. github.com/emproof-com/works…

Our work on solving @Raspberry_Pi's RP2350 Hacking Challenge is now online! 5 different attacks and lots of lessons learned. Joint work with Aedan Cullen, Kévin Courdesses, @ghidraninja and @azonenberg! Full paper: usenix.org/system/files/woot… Source code: github.com/bhamsec/woot25-rp…

Google Wifi Pro - Glitching from Root to EL3 - Part 1 In this first post, we explain in detail, how we were able to inject EM glitches in order to characterize Qualcomm's IPQ5018 SoC susceptibility to EM glitches. raelize.com/blog/google-wifi…

Efabless is shut until further notice! Read this post to find out how past, current and future shuttles will be affected. linkedin.com/posts/tinytapeo…

Developers assume code runs deterministically, but fault injection attacks can prove otherwise. Are these attacks really “magical” and unpredictable? Or is there a method to the madness? Join @0x696e6f6465 down the rabbit hole of #hardwarehacking 🐇 🕳️ security.humanativaspa.it/fa…

Hey everyone! We have some great news! The @hextreeio ( aka. @ghidraninja and @LiveOverflow ) Faultier and GlitchTags are now also available in the German (EU) store! Get them now! It is only a small initial batch! :) 1bitsquared.de/products/faul…

I have finally release my book on Attacking and Securing U-Boot! The goal is to provide a *hands-on* approach to the bootloader via a VM that includes practical examples so any security consultant or embedded developer. amazon.com/dp/B0DJ7M2JNN

Binwalk v3 now under active development. Faster, smarter, Rustier. Beta testers and bug reports welcome! github.com/ReFirmLabs/binwal…

We have a few seats left at our in-person training at @hardwear_io 2024: Applied Fault Injection 2.0 We've added new targets (including a RISC-V target) & new challenges, and you get FI targets & equipment to take home. Learn how to hack chips with us! hardwear.io/netherlands-2024…

We at @1bitsquared started a collaboration with @hextreeio ( aka. @ghidraninja and @LiveOverflow ). We are now offering the Faultier power glitch tool and Glitch Tag targets! They work great with @hextreeio hardware security courses. 1bitsquared.com/products/fau…

The NXP LPC2388 Read Protection fully bypassed 🥳 Video blog📽: youtu.be/tcqLgjmzUzM

Happy to announce the release of our LLVM-based (dis)assembler framework, Nyxstone. It supports all architectures of LLVM, label-support in the assembler comes with Python & Rust bindings.

We published our favorite moments from the first month of our Hardware Hacking Bootcamp. Our second month is just starting now. Join now 👉 ast.fyi/bootcamp youtu.be/f9W5-Ppqh5c

Riscure's @jzvw designed a chip and taped out on Sky130, then decapped it and sniffed the AES keys with a near field probe! We talk about it in the next Efabless webinar: efabless.zoom.us/webinar/reg…

Cover reveal! 25% discount on B&N pre-orders at barnesandnoble.com/w/serious… Had a blast working with @billpollock's @nostarch again. Please repost :)

MD5 4d37c6712a2239962005eda3be6367b4

I finished the challenges over the weekend - and had a lovely time doing so. I can highly recommend this to anyone with an interest in hardware security!

Fantastic work by Courk on performing a SCA attack on the Flash Encryption feature of @Espressif's ESP32-C3 and ESP32-C6: courk.cc/breaking-flash-encr… A custom board is used to perform the attack, which requires no external (expensive) oscilloscope. Also, a temperature controlling circuit is present to stabilize the temperature of the target. Interestingly, the attack was still feasible even though the ESP32-C6's AES engine is supposedly hardened with masking... Interesting!

YosysHQ is hiring! With the start of the new year we are looking to add both an EDA Formal & Synthesis Tool Developer to our team. Find all you need to know via the link below & send your application to office@yosyshq.com yosyshq.com/jobs

New year, new goodies! 👾 We’ve just released the Curious Bolt: a hardware hacking multi-tool. It’s simultaneously a voltage glitcher ⚡️, a logic analyzer 🕵️‍♀️, and a diff power scope 📈, all accessible via Python! bolt.curious.supplies