Skip to content

Referring sites and talks

Michael Messner edited this page Dec 3, 2024 · 77 revisions

2024

  • Industrial Embedded Systems Hardware Penetration Testing Course - Udemy course

image


  • NanoKVM vulnerability report based on EMBA run - Github issue

image


  • One Day Pentest - Post

image


  • Basics of EMBA: A Firmware Analyze Tool for Cybersecurity - Medium article

image


  • Reverse Engineering the Eufy Ecosystem: A Deep Dive into Security Vulnerabilities and Proprietary Protocols - Paper
Intro page EMBA note
image image

  • SET-TOP BOX RE: 6-PART SERIES - Blogpost

image


  • 0xFFF: Understanding Unknown Binaries - Firmware Recon - Blogpost
Main article Intro with EMBA shoutout
image image

  • Firmware Guide for Pen Testers - Blogpost

image


  • Crowdstrike: The Aftermath - PSW #836
PSW in action EMBA in the PSW
image image

  • THIS WEEK IN SECURITY: SNOWFLAKE, THE CVD TENSION, AND KASPERSKY’S EXIT — AND BREAKING BSOD - Hackaday weekly news
News overview EMBA in the weekly news
image image

  • CyMed: A Framework for Testing Cybersecurity of Connected Medical Devices - Paper [EN]
Paper abstract EMBA in the paper
image image

  • ECLYPSIUM TOOLBOX: EXTENDING SUPPLY CHAIN SECURITY TO NEW IT/OT/IOT DEVICES - Blog
Introduction Eclypsium Toolbox
image image

Introduction Evaluation of SBOM matching
image image

  • Using Open Source and Built-In Tools for Supply Chain Validation - Eclypsium webinar
Analyzing Firmware with EMBA EMBA Tips and Tricks
image image

  • Internet of Things Security: Firmware Approach - Paper

  • Corpus Christi: Establishing Replicability when Sharing the Bread is Not Allowed - Paper

  • A Crash Course in Hardware Hacking Methodology: The Ones and Zeros - Article

  • Packet Protector PP009: Don't Forget the Firmware - Podcast
PP009 EMBA reference
image image

  • 20 essential open-source cybersecurity tools that save you time - Article
Introduction EMBA reference
image image

  • LINUX SUPPLY CHAIN VALIDATION CHEAT SHEET - Blog
Introduction EMBA reference
image image

  • Blackbox-Fuzzing of IoT Devices Using the Router TL-WR902AC as Example - Paper
Introduction EMBA in the paper
image image

Agenda EMBA on stage
image image

  • SNHACK Attack: How Hackers Could Turn Your Smart Pet Feeder into an All-You-Can-Eat Buffet - Post
Paper intro EMBA reference
image image

  • FITS: Inferring Intermediate Taint Sources for Effective Vulnerability Analysis of IoT Device Firmware - Paper
Paper intro EMBA reference
image image

  • FLATLINED: ANALYZING PULSE SECURE FIRMWARE AND BYPASSING INTEGRITY CHECKING - Blog
Paper intro EMBA results
image image

  • Automated firmware security static analysis tools - Blog

image


  • Multiple vulnerabilities in Lantronix EDS-MD IoT gateway for medical devices - Pentagrid advisory

image


  • Difficulties in Dynamic Analysis of Drone Firmware and Its Solutions - Paper

image

2023

  • EXPLORING EMBA: UNRAVELING FIRMWARE SECURITY WITH CONFIDENCE by Paul Asadoorian - Link

image


  • HELP NET SECURITY - EMBA: Open-source security analyzer for embedded devices - Link

image


  • Paul's Security Weekly - LogoFAIL, Default Passwords and Android Hacking – PSW #810

image


  • Unveiling Vulnerabilities: A Deep Dive into WiFi Camera Security - Link [EN]

image


image


  • 41 Open-source and Free Vulnerability Scanners For Pentesting and Web App Security - Link [EN]

Picture from live BruCON (thx to @twallutis) EMBA on the stream
image image

  • Software Bill of Materials (SBOM) in Practice - Link [EN]

  • Free IoT Security Seminar by KU Leuven - Web site [EN]
Training overview EMBA in Walkthrough documentation
image image

Training overview EMBA live in class
image image

  • Leveraging EMBA for Static Firmware Vulnerability Analysis in Physical Security Products - Blog post [EN]
Our Open-Source Initiative with EMBA Example report
image image

CVE-2023-22906: Introduction CVE-2023-22906: EMBA
image image

  • ISSA Talk by Nate Warfield - Building on Shaky Ground: Unveiling the Vulnerabilities of Firmware - Schedule/Slides [EN]
EMBA: Overview EMBA: Vulnerability Research

image


  • Small term paper on the topic of the Internet of Vulnerable Things by Tobias Müller - Hochschule Offenburg Paper/Github page [EN]

image


image


  • Shmoocon 2023 firetalk by Amit Serper - A 15-minute Crash Course to Building your Own IoT Hacking Lab at Home Schedule/Slides [EN]
Intro From a binary blob to a Linux filesystem

2022 and before

  • DEF CON 30 Talk by Jay Lagorio - Tear Down this Zywall: Breaking Open Zyxel Encrypted Firmware Schedule/Slides/Recording [EN]
DEF CON EMBA: The future

[Languages: DE = German / EN = English]