5 August 2022
A journey into IoT – Unknown Chinese alarm – Part 3 – Radio communications
Disclaimer: as many other security researchers […]
26 July 2022
Zyxel authentication bypass patch analysis (CVE-2022-0342)
A few months ago, new firmware […]
7 July 2022
Automating binary vulnerability discovery with Ghidra and Semgrep
“Humans are more suited to recognize […]
20 May 2022
A journey into IoT – Unknown Chinese alarm – Part 2 – Firmware dump and analysis
Disclaimer: as many other security researchers […]
3 May 2022
Zyxel firmware extraction and password analysis
Backstory During a red teaming exercise […]
11 April 2022
Semgrep ruleset for C/C++ vulnerability research
“The attack surface is the vulnerability. […]
22 March 2022
A journey into IoT – Unknown Chinese alarm – Part 1 – Discover components and ports
Disclaimer: as many other security researchers […]
3 March 2022
A journey into IoT – Chip identification, BUSSide, and I2C
Hi! Years ago ( 🙁 ) […]
25 October 2021
GitLab CE CVE-2021-22205 in the wild
A few months ago one of […]
5 October 2021
I’ve been published on Phrack!
It finally happened… After more than […]
25 August 2021
ghidra2frida – The new bridge between Ghidra and Frida
Hi! Today I’m publishing a new […]
23 July 2021
OpenSSH ssh-agent Shielded Private Key Extraction (x86_64 Linux)
This is just a quick blog […]