Kinda useful notes collated together publicly
updated at Jan. 15, 2024, 10:53 a.m.
CSAW Embedded Security Challenge 2019
updated at Feb. 25, 2024, 4:17 a.m.
Discovering vulnerabilities in firmware through concolic analysis and function clustering.
updated at April 2, 2024, 5:40 p.m.
Tool for decrypting the firmware files for Samsung SSDs
updated at April 18, 2024, 8:33 p.m.
IoTGoat is a deliberately insecure firmware based on OpenWrt.
updated at April 19, 2024, 1:40 p.m.
Low-level NAND Flash dump and parsing utility
updated at April 21, 2024, 1:25 p.m.
a tool to analyze filesystem images for security
updated at April 24, 2024, 3:31 p.m.
Standalone Utility for FACT-like extraction
updated at April 29, 2024, 9:16 a.m.
IEEE 802.15.4/ZigBee Security Research Toolkit
updated at May 4, 2024, 8:24 a.m.
Script for searching the extracted firmware file system for goodies!
updated at May 9, 2024, 3:06 a.m.
HomePwn - Swiss Army Knife for Pentesting of IoT Devices
updated at May 9, 2024, 5:19 p.m.
Given an Arduino compatible microcontroller or Raspberry PI (experimental), JTAGenum scans pins[] for basic JTAG functionality and can be used to enumerate the Instruction Register for undocumented instructions. Props to JTAG scanner and Arduinull which came before JTAGenum and forwhich much of the code and logic is based on. Feel free to branch and modify religiously (readme, credits, whatever)
updated at May 9, 2024, 9:12 p.m.