5 August 2022

A journey into IoT – Unknown Chinese alarm – Part 3 – Radio communications

Disclaimer: as many other security researchers […]

26 July 2022

Zyxel authentication bypass patch analysis (CVE-2022-0342)

A few months ago, new firmware […]

7 July 2022

Automating binary vulnerability discovery with Ghidra and Semgrep

“Humans are more suited to recognize […]

20 May 2022

A journey into IoT – Unknown Chinese alarm – Part 2 – Firmware dump and analysis

Disclaimer: as many other security researchers […]

3 May 2022

Zyxel firmware extraction and password analysis

Backstory During a red teaming exercise […]

11 April 2022

Semgrep ruleset for C/C++ vulnerability research

“The attack surface is the vulnerability. […]

22 March 2022

A journey into IoT – Unknown Chinese alarm – Part 1 – Discover components and ports

Disclaimer: as many other security researchers […]

3 March 2022

A journey into IoT – Chip identification, BUSSide, and I2C

Hi! Years ago ( 🙁 ) […]

25 October 2021

GitLab CE CVE-2021-22205 in the wild

A few months ago one of […]

5 October 2021

I’ve been published on Phrack!

It finally happened… After more than […]

25 August 2021

ghidra2frida – The new bridge between Ghidra and Frida

Hi! Today I’m publishing a new […]

23 July 2021

OpenSSH ssh-agent Shielded Private Key Extraction (x86_64 Linux)

This is just a quick blog […]