Browsing All Posts filed under »reversing«

Why Writing Firmware Is Kinda Like Software Exploitation

March 22, 2014 by

8

We’ve been away too long. We’re slacking…well not really. (Lawler did an excellent post recently on Power Analysis attacks , but we’re still slowly catching up on the blog…) We’ve just been busy… we’ve been doing quite a bit of embedded reverse engineering and vulnerability research consultation recently (in addition to your normal infosec stuff). […]

Power Analysis with Riscure

February 11, 2014 by

0

Meeting Riscure Last year Ridley and I presented at Infiltrate 2013.  I’ve been going since the conference started and it’s pretty awesome actually.  While we were there we saw this amazing talk by this guy Jasper van Woudenberg “Hardware Sidechannel Attacks and Fault Injections.” Some other guys and I commented on how awesome it was, […]

A new Course: “Software Exploitation via Hardware Exploitation”

January 31, 2014 by

9

For the last couple of years we’ve been teaching Practical ARM Exploitation. It’s sold out at every public offering (CanSecWest 2012 and BlackHat 2012 & 2013) and we’ve been fortunate enough to give it privately to a number of really amazing organizations. In 2011 we did a talk entitled “Hardware Hacking For Software People” at […]

Infiltrate 2013: “Miami…Joeboy…Quick study”

May 25, 2013 by

0

“Case turned on the tensor beside the Hosaka. The crisp circle of light fell directly on the Flatline’s construct. He slotted some ice, connnected the construct, and jacked in. It was exactly the sensation of someone reading over his shoulder. He coughed. “Dix? McCoy? That you man?” His throat was tight. “Hey, bro,” said a directionless […]

ARM Exploitation: Switzerland

March 21, 2013 by

1

Late last year we got an email from Paul Such (the founder of SCRT Information Security) inviting us to present and lead a workshop at the Insomni’hack 2013 conference.  A workshop is like a 1-day, mini-training.  The conference is a two-track one day conference with workshops beforehand, and an all-night hacking contest and CTF afterwards. Maybe this […]

Teaming Up With Trail of Bits

August 8, 2012 by

0

Following our Blackhat 2012 training and talk we received a bunch of emails, tweets, and IMs  asking one thing: “When are you going to offer this to the public again? I couldn’t make it to the BlackHat course.” With the exception of CanSecWest and BlackHat we’ve mostly been giving this (and customized versions of similar […]

Beans on NPR

July 28, 2012 by

0

Following our talk at Blackhat 2012 entitled “Practical ARM Exploitation”, we were honored to be asked to participate in a BlackHat press conference. After getting briefed by the Media Coordinator and Vincenzo Iozzo  we summarized our talk and training in the simplest of terms to a room of reporters and journalists. After the press conference […]

SecuInside 2012 (Seoul Korea)

July 9, 2012 by

1

Uhm….so apparently CTFs have REALLY blown up! As a founding member of Kenshoto, I remember how we pushed the envelope for CTFs (building automatic scoring systems, *actual* challenges, etc.) I was also the VJ for our first two years running, lugging my 500 DVDs with me to play my favorite little esoteric cyberpunk clips from […]

A Lackluster ‘Hack Cluster': ARM Exploitation Lab Preview

March 1, 2012 by

2

As we have announced in other blogposts we’ve been researching mobile platforms quite a bit (specifically those that use the ARM microprocessor). We compiled all of our notes on ARM reverse engineering and ARM exploitation and built a course called “Practical ARM Exploitation” that we will be publicly debuting this coming week at CanSecWest.  The […]

Recon 2011 (a late retrospective)

November 28, 2011 by

0

In July 2011, Beans gave a talk at ReCon in Montreal, CA entitled “Hardware Hacking for Software People“. This year ReCon broke away from its more humble conference venue roots, took corporate sponsorship, and upgraded the venue to a MUCH nicer hotel. (After last year’s debacles, I think Hugo and Dave decided it was just […]

Follow

Get every new post delivered to your Inbox.