Research Blog

Blog Posts

By Zoltan Madarassy June 30, 2022

Golang code review notes

This blog post is aimed to help people performing security code reviews on Golang code bases to identify dangerous code patterns.

golang go codereview

By Daniel Hodson June 06, 2022

ESP-IDF setup guide

This post is for vulnerability researchers looking at the ESP32 and would like a quick setup guide.

iot embedded mcu esp32 esp-idf lsp ccls llvm qemu gdb xtensa debugging

By Mykel Pritchard December 09, 2020

Tuya IoT and EZ Mode Pairing

This blog post aims to highlight how EZ mode pairing implemented by Mirabella Genio and other Tuya Cloud IoT devices broadcast your WiFi credentials to the neighbourhood.

iot wifi esp8266 esp8285 tuya EZ Mode Tuya Link SmartConfig ESPTouch

By Sebastien Macke September 25, 2020

Attacks on GCM with Repeated Nonces

This blog post illustrates the security consequences of nonce-reuse in AES-GCM with a Proof of Concept exploit on a vulnerable demo application

crypto web