Captures flags with @TeamTasteless. Assistant Professor at @unibirmingham and maintainer of FirmWire & avatar2.
Joined August 2011
- Tweets 662
- Following 445
- Followers 2,003
- Likes 638
26 Photos and videos
nSinus-R (@nsr@infosec.exchange) retweeted
A virtual iteration of our training on fuzzing custom embedded systems is coming up end of March.
One cool story about this: The participants of our training in 2024 exploited a bunch of devices at Pwn2Own Tokyo 2026!🔥
Details: ringzer0.training/countermea…
1
1
10
1,137
28 Dec 2025
In case you missed the live version, the recording of our talk is now available: media.ccc.de/v/39c3-of-boot-…!
27 Dec 2025
En route to #39c3 - come to our talk at 4pm!
I will only be there today and tomorrow, but happy to meet-up & chat.
Also, if you are at #39c3 and often dump SPI flash-chips please let me know, I might have something for you that I'm looking for feedback on 🙂
1
10
1,130
nSinus-R (@nsr@infosec.exchange) retweeted
27 Dec 2025
En route to #39c3 - come to our talk at 4pm!
I will only be there today and tomorrow, but happy to meet-up & chat.
Also, if you are at #39c3 and often dump SPI flash-chips please let me know, I might have something for you that I'm looking for feedback on 🙂
2
7
54
11,708
nSinus-R (@nsr@infosec.exchange) retweeted
20 Nov 2025
🤩A hush settles as the RP2350’s challengers—Marius Muench and Thomas Roth—begin their story
What started as a public hacking challenge became a trail of breakthroughs, from unverified vector boots to secrets pulled straight out of OTP memory.
👉hardwear.io/netherlands-2025…
#RP2350
1
4
621
nSinus-R (@nsr@infosec.exchange) retweeted
17 Nov 2025
🔍 It’s reverse engineering mayhem as participants trace how basebands whisper to each other inside the Shannon modem, mapping flows that feel straight out of a sci-fi network core.
In action Marius Muench; Tobias Scharnowski at #hw_ioNL2025
👉hardwear.io/netherlands-2025…
#fuzzing
4
10
1,224
21 Oct 2025
Our @defcon'33 talk is online:
youtu.be/FXIScbxJTZw!
Ever wondered how to get banned from online games without cheating? We've got you covered! Check out this talk for fun hacks tripping off modern anticheats.
Joined work with @Cowtickle & @TomChothia.
1
5
11
3,021
21 Oct 2025
More information about our research, slides, and additional resources are available at: game-research.github.io
217
nSinus-R (@nsr@infosec.exchange) retweeted
28 Sep 2025
I absolutely love this paper, so much reverse engineering alpha
the researchers who won the rpi hacking challenge came together to describe in detail how they overcame the defenses of a secure-by-design chip, incl. custom laser fault injection and single instruction skips
4
49
192
15,955
nSinus-R (@nsr@infosec.exchange) retweeted
19 Sep 2025
We have an exciting piece of vulnerability research 🕵️‍♂️ to share, conducted in collaboration with external researchers from VU Amsterdam. Find out more about the L1TF vulnerability, a CPU vulnerability on some Intel CPUs (Skylake and older).
goo.gle/3I69VDv
4
41
145
15,999
nSinus-R (@nsr@infosec.exchange) retweeted
19 Sep 2025
#SecureBoot is the clubs bouncer🕺🚫—but a double glitch is like sneaking past while he blinks
That’s the magic (and mischief) in the #RP2350. @nSinusR & @ghidraninja will show you how it happened at #hw_ioNL2025 and why fixing it makes chips stronger
👉hardwear.io/netherlands-2025…
3
10
1,017
nSinus-R (@nsr@infosec.exchange) retweeted
23 Jul 2025
📶 Ever wondered how your phone seamlessly switches between 2G, 3G, 4G and 5G?
Join Marius Muench & @ScepticCtf at #hw_ioNL2025 to peel back the layers of #basebandfirmware to show how your device talks to the world—from older 2G networks to modern 5G
👉hardwear.io/netherlands-2025…
3
9
1,206
12 Aug 2025
Our work on solving @Raspberry_Pi's RP2350 Hacking Challenge is now online! 5 different attacks and lots of lessons learned.
Joint work with Aedan Cullen, KĂ©vin Courdesses, @ghidraninja and @azonenberg!
Full paper: usenix.org/system/files/woot…
Source code: github.com/bhamsec/woot25-rp…
ALT Preview of paper: "Security Through Transparency: Tales from the RP2350 Hacking Challenge". The image shoes the upper half of the first page of hthe paper.
1
37
135
20,403
nSinus-R (@nsr@infosec.exchange) retweeted
14 May 2025
new baseband rehosting research just dropped!
BaseBridge dynamically identifies relevant regions from a memory dump which are then loaded into the FirmWire emulator to enrich global state.
this leads to way higher fidelity, more coverage during fuzzing, and finally more bugs.
1
22
101
8,489
nSinus-R (@nsr@infosec.exchange) retweeted
11 May 2025
📢 Excited to announce that the results on BaseBridge, our project on improving cellular baseband emulation, are going public this week. @dyonwg_ will present at @IEEESSP on Monday 3pm, while David and I will be on stage at @offensive_con on Saturday 11am with more details! 1/6
1
4
28
3,091
nSinus-R (@nsr@infosec.exchange) retweeted
25 Apr 2025
We are excited to announce that the 1st Workshop on Software Understanding and Reverse Engineering (SURE) will be co-located at ACM CCS 2025 in Taiwan! We invite the community to submit their awesome research sure-workshop.org/.
So, what is SURE? More in the 🧵
1
11
28
3,102
nSinus-R (@nsr@infosec.exchange) retweeted
1 Apr 2025
No joke, another video! @nsinusr and Tomasz share the ins and outs of modern SIM hacking! youtu.be/2ou_MxSmiVo
1
4
13
1,419
5 Mar 2025
Really enjoyed speaking at the inaugural edition of
@REverseConf!
You can find our slides on tricks with SIMs and interposers here: tinyurl.com/reverse25-simsal…
ALT Roadmap of the SIMsalabim re-verse.io talk. It shows the backplane of a disassembled Pixel 6 phone together with a iconized SIM and a picture of an interposer. Five locations are marked: (0) SIM interface, (1) Baseband, (2) Attack Surface, (3) Vulnerabilities, (4) Interposer
18
75
3,759
nSinus-R (@nsr@infosec.exchange) retweeted
23 Jan 2025
SIM cards: more than just storage. Join Marius Muench (@nsinusr) & Tomasz Lisowski as they reveal SIM vulnerabilities, baseband exploits, and turning SIM interposers into attack tools. Live demos & insights await! re-verse.sessionize.com/sess… #REverse2025 #BasebandHacking
6
30
2,193
14 Jan 2025
Results of the RP2350 Hacking Challenge are now public - I'm happy that my entry qualified as one of the winning breaks!
Also huge shout out to the other winners: @aedancullen, KĂ©vin Courdesses, @IOActive & @hextreeio - awesome work!
Thanks for the challenge @Raspberry_Pi!
14 Jan 2025
Security through transparency: all chips have vulnerabilities, and most vendors' strategy is not to talk about them. In contrast, we aim to find and fix them.
Read the results of our RP2350 Hacking Challenge: rpltd.co/rp2350-challenge-up…
3
4
38
2,340
13 Jan 2025
🚨Upcoming Training with @_ringzer0: Join @ScepticCtf and me to learn about reversing, fuzzing, and attacking low-level firmware.
Austin, March 18th-21st.
More information: ringzer0.training/bootstrap2…
1
3
10
3,860