In this post we discuss how to commuinicate with an unsupported chip using OpenOCD and review how to write flash programming algorithms in OpenOCD. We also demonstrate how to flash custom firmware to the target device.

In our last post, we reviewed how to use the pi-gen tool to generate an image for a Raspberry Pi that is pre-configured with many tools needed for basic hardware hacking. In this post, we will start using them on our first target.

With this post we provide an introduction to a three part series on hardware hacking and how to use a Raspberry Pi as a hardware hacking multitool. This post covers how to configure the Raspberry Pi and describes the first target that we will be using for the series

With this blog post, we'll introduce the PiFex, a basic companion board for the Raspberry Pi designed to teach users the basics of hardware hacking and embedded protocols. We will then demonstrate how to use the PiFex to access a JTAG tap on an undocumented SSD, allowing memory reads and GDB access to the SSD CPU.

As we reach the end of the year, I want to thank everyone for their continued support and business. 2023 was a great year for training and consulting. We worked with companies ranging from 4000 to 15 members, all of which brought unique perspectives to our course material and allowed us to expand on new topics and targets. A big thanks to all those who reached out for onsite training in 2023 and those who contracted with us!

One of the most common questions that I get during a training is:

“What do we need to build out an initial hardware hacking lab?”

Of course, the answer to this question can be heavily tailored based on the goals of the team and their targets, but I wanted to …

Description of the on-site course at Leahy Center

This post aims to provide a road map and example of how to replicate a fault injection attack and the hurdles and shortcomings that can occur when attempting to do so. Furthermore, by outlining the process of replicating one of these attacks, we hope that readers come away from this post more confident in generating their own fault injection attacks or replicating pre-existing work.

This blog entry aims to familiarize readers with locating an active UART on a target system, how to approach a UBoot console, and ultimately how to leverage both of these components to extract the flash memory from our target. After reading this, readers will be familiar with the screen utility the depthcharge python3 libraries.

This post reviews some of the tools needed when setting up a lab for reverse engineering embedded systems. There will be two sections, one for hardware tools and one for software tools. After reading this blog post, the reader should know what is needed to set up an introductory lab for reverse engineering embedded systems and firmware images.