Resources

Using a sample application, this blog post gives a walkthrough of the I2C communication between the STSAFE-A110 secure element and a host MCU. A tool is released to aid in understanding the I2C flow using a logic analyser.

This blog post provides a walk-through of ESP32 firmware extraction and analysis to understand the technical implementation of the Litter Robot 3.

This blog post covers exploring the Amazon VPC CNI plugin for Kubernetes, and how it can be abused to manipulate networking to expose access to other resources, including in other VPCs.

This blog post provides a summary of the Home Assistant architecture, attack surface, and our approach auditing pre-authentication components. This post summarises and links to a few published advisories, including a Critical pre-authentication vulnerability.

This blog post details a technique for breaking Apache Commons Lang's RandomStringUtils and Java's random.nextInt(bound) when the bound is odd. A tool is released which demonstrates the practicality of the attack.

This blog post is aimed to help people performing security code reviews on Golang code bases to identify dangerous code patterns.

This post is for vulnerability researchers looking at the ESP32 and would like a quick setup guide.

This blog post aims to highlight how EZ mode pairing implemented by Mirabella Genio and other Tuya Cloud IoT devices broadcast your WiFi credentials to the neighbourhood.

This blog post focuses on AES-GCM and the security impact of using the same IV (nonce) to encrypt data to the users of a web application.

This blog post details a root cause analysis for Project Zero Issue 2046 found by Sergey Glazunov.

This blog post explores how privileged Lua scripts can pop shells without dropping privileges.

A look into how scripting language interpreters can execute arbitrary commands when supplied with malicious environment variables.