Exploitee.rs - User contributions [en]

Useful Reverse Engineering Tools

2025-03-26T07:31:57Z

Xenador77: /* JTAGulator */ removed additional separator

__FORCETOC__
{{Disclaimer}}

= Dissassembly & Decompilation Software =

== IDA PRO ==
IDA Pro is a sophisticated commercial software application used for reverse engineering binary executables and analyzing software. Developed by Hex-Rays, IDA Pro is widely recognized as one of the most advanced and powerful tools in the field of reverse engineering.

Key features of IDA Pro include:

# '''Disassembly and Decompilation:''' IDA Pro provides comprehensive disassembly capabilities, allowing users to view and analyze assembly code instructions. Additionally, it offers a decompiler that generates higher-level pseudocode representations of the code, aiding in understanding complex binaries.
# '''Graphical User Interface (GUI):''' IDA Pro features a rich graphical interface that enables users to navigate, visualize, and interact with disassembled code, control flow graphs, data structures, and more.
# '''Advanced Analysis Tools:''' The tool includes a range of analysis features such as function recognition, code cross-references, call graphs, and data flow analysis.
# '''Extensibility and Scripting:''' IDA Pro supports scripting in various languages, allowing users to automate tasks, customize functionality, and create plugins to extend its capabilities.
# '''Binary Analysis and Security Research:''' IDA Pro is used extensively in the field of security research, helping analysts identify vulnerabilities, study malware, and analyze the security of software systems.
# '''Collaboration:''' IDA Pro's database format enables collaboration between analysts, allowing them to share their analysis and research on a specific binary.
# '''Multiple Platforms and Architectures:''' IDA Pro supports a wide range of platforms and architectures, making it suitable for analyzing binaries across different environments.
# '''Cost:''' IDA Pro is a commercial product and is available in several editions with varying feature sets. The cost of IDA Pro can range from several hundred to several thousand dollars per "seat" or user license. As of my last update in September 2021, the price for IDA Pro with all the decompilers (including Hex-Rays Decompiler) is roughly estimated to be around $2500 per seat.

== Ghidra ==
Ghidra is a powerful open-source JAVA based software reverse engineering framework that was released by the United States National Security Agency (NSA) in March 2019.

Key features of Ghidra include:

# '''Disassembly and Decompilation:''' Ghidra can disassemble executable code into human-readable assembly language instructions and can also generate decompiled C code from binary executables. This helps analysts understand how the software functions at a higher level.
# '''Graphical User Interface (GUI):''' Ghidra features a user-friendly GUI that assists users in navigating and visualizing the disassembled code, control flow graphs, data structures, and more.
# '''Collaboration and Scripting:''' Ghidra allows users to write custom scripts and plugins in languages like Python to automate analysis tasks and customize the tool's functionality.
# '''Symbolic Analysis:''' Ghidra supports symbolic analysis, which aids in understanding program behavior by tracking values and relationships symbolically.
# '''Binary Analysis and Vulnerability Research:''' Security researchers can use Ghidra to identify vulnerabilities, analyze malware, and discover potential security weaknesses in software.
# '''Cross-Platform Compatibility:''' Ghidra is cross-platform, supporting Windows, macOS, and Linux, making it accessible to a wide range of users.
# '''Open Source and Community-Driven:''' One of Ghidra's standout features is that it is open-source software. This means that anyone can access, use, and contribute to its development. The open nature of the project encourages collaboration and innovation within the reverse engineering community.
# '''Cost:''' Ghidra is freely available for download and use, making it an accessible tool for individuals and organizations alike. The fact that it is open source contributes to its widespread adoption and popularity in the cybersecurity and reverse engineering fields.

== Binary Ninja ==
Binary Ninja is a modern and user-friendly binary analysis platform used for reverse engineering and analyzing compiled code. Developed by Vector 35, Binary Ninja is often the preferred tool for CTF players and reverse engineers looking for a developer friendly python based API.

Key features of Binary Ninja include:

# '''Interactive Graphical Interface:''' Binary Ninja offers an interactive and visually appealing interface that simplifies the process of navigating and analyzing disassembled code. The platform uses a modern design to provide a clear representation of control flow graphs, functions, and data structures.
# '''Multi-Architecture and Multi-Platform Support:''' Binary Ninja supports various processor architectures and platforms, allowing users to analyze binaries from different environments and systems.
# '''Disassembly and Decompilation:''' The platform provides disassembly capabilities to view assembly code, and it also offers a decompiler to generate high-level pseudocode representations of the binary.
# '''Advanced Analysis Tools:''' Binary Ninja includes features such as function recognition, data cross-references, call graphs, data flow analysis, and more.
# '''Plugin Ecosystem:''' Binary Ninja supports a plugin architecture that allows users to extend its functionality through custom plugins written in Python.
# '''Collaboration and Sharing:''' The platform allows users to share analysis data and collaborate on projects by exporting and importing databases.
# '''Scripting and Automation:''' Users can write scripts in Python to automate repetitive tasks and customize analysis processes.
# '''Cost:''' Binary Ninja offers different editions with varying feature sets. As of my last update in September 2021, the cost of Binary Ninja's commercial licenses ranged from around $150 to $300 for the Personal edition, while the Business edition was priced at approximately $600. More advanced editions, such as the Enterprise edition, offer additional features and flexibility at a higher cost.

== Our Recommendation ==
The cost of IDA Pro can be unobtainable for researchers on a budget therefore we recommend either using Ghidra as your sole disassembly tool or a combination of Ghidra and Binary Ninja for a low cost solution that will allow for a more expansive ability to audit binaries for vulnerabilities.

= Reversing Hardware =

= Hardware Tools =

== Tigard ==

== Saleae Logic Analyzer ==

== JTAGulator ==
According to the official [https://github.com/grandideastudio/jtagulator GitHub] repository, the JTAGulator is: <div>
<q>An open source hardware hacking tool that assists in identifying on-chip debug (OCD) interfaces from test points, vias, component pads, or connectors of an electronic device.</q>

Not only can it identify JTAG, UART, SWD, and GPIO pins, it can also be used as a logic analyzer compatible with [https://sigrok.org/wiki/Main_Page Sigrok/PulseView]

Useful Reverse Engineering Tools

2025-03-26T07:30:47Z

Xenador77: /* Hardware Tools */ Added JTAGulator and links

__FORCETOC__
{{Disclaimer}}

= Dissassembly & Decompilation Software =

== IDA PRO ==
IDA Pro is a sophisticated commercial software application used for reverse engineering binary executables and analyzing software. Developed by Hex-Rays, IDA Pro is widely recognized as one of the most advanced and powerful tools in the field of reverse engineering.

Key features of IDA Pro include:

# '''Disassembly and Decompilation:''' IDA Pro provides comprehensive disassembly capabilities, allowing users to view and analyze assembly code instructions. Additionally, it offers a decompiler that generates higher-level pseudocode representations of the code, aiding in understanding complex binaries.
# '''Graphical User Interface (GUI):''' IDA Pro features a rich graphical interface that enables users to navigate, visualize, and interact with disassembled code, control flow graphs, data structures, and more.
# '''Advanced Analysis Tools:''' The tool includes a range of analysis features such as function recognition, code cross-references, call graphs, and data flow analysis.
# '''Extensibility and Scripting:''' IDA Pro supports scripting in various languages, allowing users to automate tasks, customize functionality, and create plugins to extend its capabilities.
# '''Binary Analysis and Security Research:''' IDA Pro is used extensively in the field of security research, helping analysts identify vulnerabilities, study malware, and analyze the security of software systems.
# '''Collaboration:''' IDA Pro's database format enables collaboration between analysts, allowing them to share their analysis and research on a specific binary.
# '''Multiple Platforms and Architectures:''' IDA Pro supports a wide range of platforms and architectures, making it suitable for analyzing binaries across different environments.
# '''Cost:''' IDA Pro is a commercial product and is available in several editions with varying feature sets. The cost of IDA Pro can range from several hundred to several thousand dollars per "seat" or user license. As of my last update in September 2021, the price for IDA Pro with all the decompilers (including Hex-Rays Decompiler) is roughly estimated to be around $2500 per seat.

== Ghidra ==
Ghidra is a powerful open-source JAVA based software reverse engineering framework that was released by the United States National Security Agency (NSA) in March 2019.

Key features of Ghidra include:

# '''Disassembly and Decompilation:''' Ghidra can disassemble executable code into human-readable assembly language instructions and can also generate decompiled C code from binary executables. This helps analysts understand how the software functions at a higher level.
# '''Graphical User Interface (GUI):''' Ghidra features a user-friendly GUI that assists users in navigating and visualizing the disassembled code, control flow graphs, data structures, and more.
# '''Collaboration and Scripting:''' Ghidra allows users to write custom scripts and plugins in languages like Python to automate analysis tasks and customize the tool's functionality.
# '''Symbolic Analysis:''' Ghidra supports symbolic analysis, which aids in understanding program behavior by tracking values and relationships symbolically.
# '''Binary Analysis and Vulnerability Research:''' Security researchers can use Ghidra to identify vulnerabilities, analyze malware, and discover potential security weaknesses in software.
# '''Cross-Platform Compatibility:''' Ghidra is cross-platform, supporting Windows, macOS, and Linux, making it accessible to a wide range of users.
# '''Open Source and Community-Driven:''' One of Ghidra's standout features is that it is open-source software. This means that anyone can access, use, and contribute to its development. The open nature of the project encourages collaboration and innovation within the reverse engineering community.
# '''Cost:''' Ghidra is freely available for download and use, making it an accessible tool for individuals and organizations alike. The fact that it is open source contributes to its widespread adoption and popularity in the cybersecurity and reverse engineering fields.

== Binary Ninja ==
Binary Ninja is a modern and user-friendly binary analysis platform used for reverse engineering and analyzing compiled code. Developed by Vector 35, Binary Ninja is often the preferred tool for CTF players and reverse engineers looking for a developer friendly python based API.

Key features of Binary Ninja include:

# '''Interactive Graphical Interface:''' Binary Ninja offers an interactive and visually appealing interface that simplifies the process of navigating and analyzing disassembled code. The platform uses a modern design to provide a clear representation of control flow graphs, functions, and data structures.
# '''Multi-Architecture and Multi-Platform Support:''' Binary Ninja supports various processor architectures and platforms, allowing users to analyze binaries from different environments and systems.
# '''Disassembly and Decompilation:''' The platform provides disassembly capabilities to view assembly code, and it also offers a decompiler to generate high-level pseudocode representations of the binary.
# '''Advanced Analysis Tools:''' Binary Ninja includes features such as function recognition, data cross-references, call graphs, data flow analysis, and more.
# '''Plugin Ecosystem:''' Binary Ninja supports a plugin architecture that allows users to extend its functionality through custom plugins written in Python.
# '''Collaboration and Sharing:''' The platform allows users to share analysis data and collaborate on projects by exporting and importing databases.
# '''Scripting and Automation:''' Users can write scripts in Python to automate repetitive tasks and customize analysis processes.
# '''Cost:''' Binary Ninja offers different editions with varying feature sets. As of my last update in September 2021, the cost of Binary Ninja's commercial licenses ranged from around $150 to $300 for the Personal edition, while the Business edition was priced at approximately $600. More advanced editions, such as the Enterprise edition, offer additional features and flexibility at a higher cost.

== Our Recommendation ==
The cost of IDA Pro can be unobtainable for researchers on a budget therefore we recommend either using Ghidra as your sole disassembly tool or a combination of Ghidra and Binary Ninja for a low cost solution that will allow for a more expansive ability to audit binaries for vulnerabilities.

= Reversing Hardware =

= Hardware Tools =

== Tigard ==

== Saleae Logic Analyzer ==

== JTAGulator ==
----
According to the official [https://github.com/grandideastudio/jtagulator GitHub] repository, the JTAGulator is: <div>
<q>An open source hardware hacking tool that assists in identifying on-chip debug (OCD) interfaces from test points, vias, component pads, or connectors of an electronic device.</q>

Not only can it identify JTAG, UART, SWD, and GPIO pins, it can also be used as a logic analyzer compatible with [https://sigrok.org/wiki/Main_Page Sigrok/PulseView]

Useful Hardware Hacking Tools

2025-03-26T00:36:26Z

Xenador77: Added Lighting section

= About =

This page will specify some useful hardware hacking tools and advice.

= Soldering Hardware =

== Soldering Iron ==

* '''What''' (does it do): Your soldering iron heats up the solder to melt it.
* '''Why''' (get a good one): A number of reasons!
** Any iron worth its salt will have an adjustable temperature. If you're soldering at a temperature that's too hot, you could end up taking the copper pads off the board, leaving you with nothing to solder to. A temperature that's too low will result in defective, hard-to-make solder joints.
** You should also get an iron with a silicone cable. PVC cables (what you usually see on power cables) are very difficult to maneuver effectively, and if you accidentally touch your iron to them, they'll melt! Silicone cables flex much more easily and can withstand higher temperatures.

Cheap option: PINECIL ($25) https://pine64.com/product/pinecil-smart-mini-portable-soldering-iron/. Make sure to get a silicone USB-C cable! There's one available on their store.

Pricier option:
Quicko/Quecoo ($50) T12-956/952. 952 is cheaper, and I'm not totally sure of the difference. I'd go for the option here with the metal handle.
https://www.aliexpress.com/item/32803295956.html

== Solder ==

* '''What''': Solder is a conductive alloy with a low melting point, usually some combination of tin and lead. When in liquid form (i.e., when you touch your iron to it), it binds to copper surfaces. When you remove your iron, it quickly hardens and creates a solid electrical connection between whatever it's bound to.
* '''Why''': Bad solder may lie on its packaging about what it's made of or contain impurities. Good quality solder will flow better and contain flux (see below) that will assist you when soldering.

I'd recommend Kester solder, but it's not available in small quantities. If you're just starting to read this page, you neither want nor need to buy a pound of solder. I'm going to defer to the expertise of my fellow Exploitee.rs Discord member "Myself" and recommend Chipquik solder in its place: https://www.chipquik.com/store/index.php?cPath=600_610

Purchase 63/37 solder at a diameter of 0.031". Go with whichever quantity you can afford. 63/37 (63% tin, 37% lead) is a "eutectic" alloy, meaning that it goes from liquid to solid at a single temperature. The alternative, 60/40, undergoes a gradual transition where some of the metal is crystalline and some is molten. During this process, the joint has to be held perfectly still during the transition or you end up with a gray "cold" joint where the structure is disrupted, it's mechanically weak, and it may even silently unstick from things. Using a eutectic sidesteps all that and gives perfect joints a lot more easily. 0.031" is good for most work you'll be doing: it'll be pretty clear when you'll need larger or smaller solder.

(Thanks again to Myself for the above explanation.)

== Flux ==

* '''What''': Flux helps heat and solder flow.
* '''Why''': When you use flux, your joints will be stronger, look better, and be easier to make. It's optional in the same way that boots are optional when walking through 2 feet of snow.
* '''When''' (to use it): Always. There is no such thing as too much flux. (As you solder more, you'll eventually settle on the "right" amount to use that balances clean-up with ease of use.)

AMTECH flux (my personal favorite) is considered by many to be the best general-purpose flux for electronics.
Breathing it doesn't make you feel like it will kill you, and it's relatively easy to clean up. (Not that you need to: it's no-clean! You can leave it on the board with no consequences!)

Buy it from the wonderful Louis Rossmann: https://store.rossmanngroup.com/amtech-nc-559-v2-30-cc-16160.html
Check the "plunger-needle" option, but ALSO grab a set of dispensing tips from ChipQuik: https://www.chipquik.com/store/product_info.php?products_id=906002.
These can be extremely useful if you need to add more or less flux when soldering. The plastic tips also require much less force to dispense.

<blockquote>
'''Caution''': Not all flux is suitable for soldering electronics; Acid flux types contain hydrochloric acid, zinc chloride or ammonium chloride, which are corrosive.
</blockquote>

== Fume Extractors ==

* '''What''': Removes harmful solder fumes in the air.
* '''Why''': Dying ten years early from inhalation of toxic fumes means ten years less of soldering.
* '''When''': Whenever you're soldering in a poorly ventilated area.

I'm admittedly terrible about this, more so than I should be. If you can crack a window open and turn on a fan, do that. Fresh air is better than any fume extractor, and it's good for you anyway!

If you can't open a window, you can at least pretend you care by buying a cheap fume extractor, which is basically just a computer fan with a carbon filter on top of it.

I personally use the Aoyue AO486: https://www.sra-solder.com/aoyue-486-fume-extractor-and-smoke-absorber-fan

== Stand ==

* '''What''': Holds your iron and your iron cleaner.
* '''Why''': Cheaping out on a stand poses a major safety issue (not a remote, far-off, "better safe than sorry" one!) and a usability issue.

Wow, does it seem easy to cheap out on this. Don't! Cheap stands will have open iron holders that are really easy to accidentally stick a finger or hand in. You '''will''' burn yourself if you use those. And don't settle for a stand that includes a sponge as a cleaner. Sponges do not work well for iron cleaning. Even if they do for some, they're much more of a pain to use.

Go for an iron holder with a good, solid, shrouded holder and a brass wire cleaner. My personal recommendation is the Hakko 633-01 holder. https://hakkousa.com/633-01-iron-holder-with-599b-tip-cleaner.html

As Myself put it (smart guy!): "it's twice the price of the cheapies and ten times as nice. Making it nice and heavy is important so the cord doesn't pull it off the table."

== Wick ==
* '''What''': "Wicks" up excess solder.
* '''When''': When there's just too much solder on the board, and you can't redistribute it without making a mess or creating solder bridges.
* '''Why''': Bad wick will fall apart easily and have too few copper strands (meaning you'll need to use more wick for the same amount of solder)

Solder wick is like high school. It can be useful, but no one I know has a good experience with it. I get my wick from NorthridgeFix. (https://northridgefix.com/product/premium-desolder-braid-wick-10ft-length/) Their stuff can be overpriced, but the wick is good, and their videos are a fantastic free resource, so it's worth supporting them.

== Lighting ==
* '''What''' : Exactly what it sounds like, a source of light so you can see what you're doing.
* '''Why''' : SMDs (surface-mounted devices) are small, and being able to see them makes soldering them significantly easier.

Task lamps that can be repositioned as needed are ideal and can often be obtained inexpensively at garage sales or thrift stores.

Useful Hardware Hacking Tools

2025-03-26T00:17:06Z

Xenador77: /* Flux */ information concerning acid type flux

= About =

This page will specify some useful hardware hacking tools and advice.

= Soldering Hardware =

== Soldering Iron ==

* '''What''' (does it do): Your soldering iron heats up the solder to melt it.
* '''Why''' (get a good one): A number of reasons!.
** Any iron worth its salt will have adjustable temperature. If you're soldering at a temperature that's too hot, you could end up taking the copper pads off the board, leaving you with nothing to solder to. A temperature that's too low will result in defective, hard to make solder joints.
** You should also get an iron with a silicone cable. PVC cables (what you usually see on power cables) are very difficult to effectively maneuver, and if you accidentally touch your iron to them, they'll melt! Silicone cables flex much more easily and can withstand higher temperatures.

Cheap option: PINECIL ($25) https://pine64.com/product/pinecil-smart-mini-portable-soldering-iron/. Make sure to get a silicone USB-C cable! There's one available on their store.

Pricier option:
Quicko/Quecoo ($50) T12-956/952. 952 is cheaper and I'm not totally sure the difference. I'd go for the option here with the metal handle.
https://www.aliexpress.com/item/32803295956.html

== Solder ==

* '''What''': Solder is an conductive alloy with a low melting point, usually some combination of tin and lead. When in liquid form (i.e. when you touch your iron to it), it binds to copper surfaces. When you remove your iron, it quickly hardens and creates a solid electrical connection between whatever it's bound to.
* '''Why''': Bad solder may lie on its packaging about what it's made of, or contain impurities. Good quality solder will flow better and contain flux (see below) that will assist you when soldering.

I'd recommend Kester solder, but it's not available in small quantities. If you're just starting to read this page, you neither want nor need to buy a pound of solder. I'm going to defer to the expertise of my fellow Exploitee.rs Discord member "Myself" and recommend Chipquik solder in its place: https://www.chipquik.com/store/index.php?cPath=600_610

Purchase 63/37 solder at a diameter of 0.031". Go with whichever quantity you can afford. 63/37 (63% tin, 37% lead) is a "eutectic" alloy, meaning that it goes from liquid to solid at a single temperature. The alternative, 60/40, undergoes a gradual transition where some of the metal is crystalline and some is molten. During this process, the joint has to be held perfectly still during the transition or you end up with a gray "cold" joint where the structure is disrupted, it's mechanically weak, and it may even silently unstick from things. Using a eutectic sidesteps all that and gives perfect joints a lot more easily. 0.031" is good for most work you'll be doing: it'll be pretty clear when you'll need larger or smaller solder.

(Thanks again to Myself for the above explanation.)

== Flux ==

* '''What''': Flux helps heat and solder flow.
* '''Why''': When you use flux, your joints will be stronger, look better, and be easier to make. It's optional in the same way that boots are optional when walking through 2 feet of snow.
* '''When''' (to use it): Always. There is no such thing as too much flux. (As you solder more, you'll eventually settle on the "right" amount to use that balances clean-up with ease of use.)

AMTECH flux (my personal favorite) is considered by many to be the best general-purpose flux for electronics.
Breathing it doesn't make you feel like it will kill you, and it's relatively easy to clean up. (Not that you need to: it's no-clean! You can leave it on the board with no consequences!)

Buy it from the wonderful Louis Rossmann: https://store.rossmanngroup.com/amtech-nc-559-v2-30-cc-16160.html
Check the "plunger-needle" option, but ALSO grab a set of dispensing tips from ChipQuik: https://www.chipquik.com/store/product_info.php?products_id=906002.
These can be extremely useful if you need to add more or less flux when soldering. The plastic tips also require much less force to dispense.

<blockquote>
'''Caution''': Not all flux is suitable for soldering electronics; Acid flux types contain hydrochloric acid, zinc chloride or ammonium chloride, which are corrosive.
</blockquote>

== Fume Extractors ==

* '''What''': Removes harmful solder fumes in the air.
* '''Why''': Dying ten years early from inhalation of toxic fumes means ten years less of soldering.
* '''When''': Whenever you're soldering in a poorly ventilated area.

I'm admittedly terrible about this, moreso than I should be. If you can crack a window open and turn on a fan, do that. Fresh air is better than any fume extractor, and it's good for you anyway!

If you can't open a window, you can at least pretend you care by buying a cheap fume extractor, which is basically just a computer fan with a carbon filter on top of it.

I personally use the Aoyue AO486: https://www.sra-solder.com/aoyue-486-fume-extractor-and-smoke-absorber-fan

== Stand ==

* '''What''': Holds your iron and your iron cleaner.
* '''Why''': Cheaping out on a stand poses a major safety issue (not a remote, far-off, "better safe than sorry" one!) and a usability issue.

Wow, does it seem easy to cheap out on this. Don't! Cheap stands will have open iron holders that are really easy to accidentally stick a finger or hand in. You '''will''' burn yourself if you use those. And don't settle for a stand that includes a sponge as a cleaner. Sponges do not work well for iron cleaning. Even if they do for some, they're much more of a pain to use.

Go for an iron holder with a good, solid, shrouded holder and a brass wire cleaner. My personal recommendation is the Hakko 633-01 holder. https://hakkousa.com/633-01-iron-holder-with-599b-tip-cleaner.html

As Myself put it (smart guy!): "it's twice the price of the cheapies and ten times as nice. Making it nice and heavy is important so the cord doesn't pull it off the table."

== Wick ==
* '''What''': "Wicks" up excess solder.
* '''When''': When there's just too much solder on the board and you can't redistribute it without making a mess or creating solder bridges.
* '''Why''': Bad wick will fall apart easily and have too few copper strands (meaning you'll need to use more wick for the same amount of solder)

Solder wick is like high school. It can be useful, but no one I know has a good experience with it. I get my wick from NorthridgeFix. (https://northridgefix.com/product/premium-desolder-braid-wick-10ft-length/) Their stuff can be overpriced, but the wick is good and their videos are a fantastic free resource so it's worth sup[porting them.

User talk:Xenador77

2025-03-25T21:55:21Z

Xenador77: /* Xenador77's Talk Page */ remove unnecessary header

If I mess anything up, please let me know so I can avoid doing so in the future.

If I don't respond, I likely didn't see the message, feel free to contact me elsewhere.

X/Twitter: https://x.com/xenador77
<div/>
GitHub: https://github.com/xenador77

User talk:Xenador77

2025-03-25T21:54:42Z

Xenador77: Create talk page and add contact info

= Xenador77's Talk Page =

If I mess anything up, please let me know so I can avoid doing so in the future.

If I don't respond, I likely didn't see the message, feel free to contact me elsewhere.

X/Twitter: https://x.com/xenador77
<div/>
GitHub: https://github.com/xenador77

Attacking Embedded Devices

2025-03-25T21:39:07Z

Xenador77: Minor formatting/grammar adjustment

__FORCETOC__
{{Disclaimer}}

= Attacking Embedded Devices =
This page is intended to be a set of resources on attack types, methodologies, and general embedded device hacking principles. This should include information for beginners on intro topics like how to solder and recommended hardware.

== Beginner Topics ==
* [[Getting Started In Hardware Hacking]]

== Hardware Hacking ==

=== Methodology ===
* [[Understanding Secure Boot]]

=== Tools ===
* [[Useful Hardware Hacking Tools]]

=== Debug Protocols ===
* [[UART]]
* [[JTAG]]
* [[SWD]]

== Flash Storage ==
* [[eMMC]]
* [[NAND]]
* [[NOR]]
* [[SPI]]

== Firmware/Software Hacking ==

=== Acquiring Firmware Updates ===

====== The Easy Way ======
----
Firmware can often be found on the manufacturer's official website, along with patch notes, user manuals, and heavily abridged 'Data Sheets' that may occasionally include some interesting information about the device.

====== The Fun Way ======
----
Some devices attempt to prevent self-updating by limiting access to the firmware and pushing out updates to devices connected to the internet. Thankfully, programs like WireShark can be used to record the information sent from the manufacturer to the device.
* [[How To MiTM]]

=== Reverse Engineering ===

* [[Useful Reverse Engineering Tools]]

Attacking Embedded Devices

2025-03-25T21:36:04Z

Xenador77: /* Acquiring Firmware Updates */ Added brief summary of firmware acquisition methods

__FORCETOC__
{{Disclaimer}}

= Attacking Embedded Devices =
This page is intended to be a set of resources on attack types, methodologies and general embedded device hacking principals. This should include information for beginners on intro topics like how to solder as well as include recommended hardware.

== Beginner Topics ==
* [[Getting Started In Hardware Hacking]]

== Hardware Hacking ==

=== Methodology ===
* [[Understanding Secure Boot]]

=== Tools ===
* [[Useful Hardware Hacking Tools]]

=== Debug Protocols ===
* [[UART]]
* [[JTAG]]
* [[SWD]]

== Flash Storage ==
* [[eMMC]]
* [[NAND]]
* [[NOR]]
* [[SPI]]

== Firmware/Software Hacking ==

=== Acquiring Firmware Updates ===

====== The Easy Way ======
----
Firmware can often be found on the manufacturer's official website, along with patch notes, user manuals, and heavily abridged 'Data Sheets' that may occasionally include some interesting information about the device.

====== The Fun Way ======
----
Some devices attempt to prevent self-updating by limiting access to the firmware and pushing out updates to devices connected to the internet. Thankfully, programs like WireShark can be used to record the information sent from the manufacturer to the device.
* [[How To MiTM]]

=== Reverse Engineering ===

* [[Useful Reverse Engineering Tools]]