IOT

Part 10 of Flare-On 6 CTF Writeup

This is the tenth part of the Flare-On 6 CTF WriteUp Series.10 - MugatuThe challenge readsHello,I’m working an incident response case for Derek Zoolander....

Flare-On 6 CTF WriteUp: Part 11

This is the eleventh part of the Flare-On 6 CTF WriteUp Series.11 - vv_maxThe challenge readsHey, at least its not subleq.Subleq is an esoteric...

Flare-On 6 CTF WriteUp: Part 12

This is the twelfth and final part of the Flare-On 6 CTF WriteUp Series.12 - helpThe challenge readsYou're my only hope FLARE-On player! One...

Analyzing bare metal firmware binaries using Ghidra

In this post we will be looking at analyzing a STM32 firmware binary in Ghidra. In particular the firmware is for the STM32F103C development...

To Start Up or Not to Start Up

This is Part 1 of a three-part blog post that will look to describe what a bootloader is and where it fits into the...

Deciding Whether to Boot or Not – Das U-Boot

In this post, we will be describing the bootloader that goes by the name of Das U-Boot. We will delve into the following...

Should You Boot or Not? Evaluating a Practical Attack Vector

In this post, we will be completing the loop on our three-part series by describing a specific attack vector that is available upon successful...

Improving IoT binary security with AFL++ fuzzing

American fuzzy lop is a security-oriented fuzzer that employs a novel type of compile-time instrumentation and genetic algorithms to automatically discover clean, interesting test...

AFL++: A Fuzzing Approach for IoT Binaries

In the previous part, we looked at fuzzing simple IoT binaries with AFL++. These programs accepted input from a file and were straightforward to...

Latest articles