Useful Links
Computer Science
Cybersecurity
Embedded Systems Security and Reverse Engineering
1. Introduction to Embedded Systems Security
2. Hardware Reverse Engineering and Analysis
3. Firmware Reverse Engineering
4. Vulnerability Discovery and Exploitation
5. Secure Design and Countermeasures
Vulnerability Discovery and Exploitation
Common Embedded System Vulnerabilities
Memory Corruption Vulnerabilities
Buffer Overflow Vulnerabilities
Stack-based Buffer Overflows
Heap-based Buffer Overflows
Global Buffer Overflows
Integer-related Vulnerabilities
Integer Overflow Conditions
Integer Underflow Conditions
Signedness Conversion Issues
Use-after-Free Vulnerabilities
Dangling Pointer Issues
Double-Free Conditions
Memory Reuse Attacks
Format String Vulnerabilities
Printf Family Vulnerabilities
Custom Format String Issues
Insecure Data Storage Issues
Unencrypted Sensitive Data
Plaintext Credential Storage
Unprotected Configuration Data
Exposed User Data
Weak Cryptographic Implementations
Deprecated Algorithm Usage
Weak Key Generation
Poor Random Number Generation
Insecure Key Management
Hardcoded Cryptographic Keys
Weak Key Storage
Key Derivation Issues
Insecure Communication Vulnerabilities
Unencrypted Communication Channels
Plaintext Protocol Usage
Missing Transport Encryption
Weak Encryption Implementation
Authentication and Authorization Flaws
Weak Authentication Mechanisms
Missing Authorization Checks
Session Management Issues
Protocol-specific Vulnerabilities
Replay Attack Vulnerabilities
Man-in-the-Middle Susceptibility
Protocol Downgrade Attacks
Hardware-level Security Flaws
Debug Interface Vulnerabilities
Unsecured JTAG Access
Exposed SWD Interfaces
Debug Port Information Leakage
Physical Attack Vulnerabilities
Fault Injection Susceptibility
Side-channel Information Leakage
Tamper Detection Bypass
Logic and Design Flaws
Authentication Bypass Vulnerabilities
Logic Error Exploitation
Race Condition Exploitation
State Machine Manipulation
Privilege Escalation Vulnerabilities
Vertical Privilege Escalation
Horizontal Privilege Escalation
Context Switching Vulnerabilities
Update Mechanism Vulnerabilities
Unsigned Update Acceptance
Rollback Attack Susceptibility
Update Integrity Bypass
Exploit Development for Embedded Systems
Architecture-specific Shellcode Development
ARM Shellcode Techniques
ARM Mode Shellcode
Thumb Mode Shellcode
Position-independent Code
MIPS Shellcode Development
MIPS32 Shellcode
MIPS64 Shellcode
Branch Delay Slot Considerations
RISC-V Shellcode Techniques
Base Instruction Set Usage
Compressed Instruction Considerations
Code Reuse Attack Techniques
Return-Oriented Programming
Gadget Discovery Methods
ROP Chain Construction
Stack Pivot Techniques
Jump-Oriented Programming
JOP Gadget Identification
Dispatcher Gadget Usage
JOP Chain Assembly
Call-Oriented Programming
Function Pointer Manipulation
COP Chain Construction
Security Mitigation Bypass Techniques
Address Space Layout Randomization Bypass
Information Leak Exploitation
Brute Force Techniques
Partial ASLR Bypass
Data Execution Prevention Bypass
ROP-based Bypass
JIT Spray Techniques
Memory Permission Manipulation
Stack Protection Bypass
Stack Canary Bypass
Stack Smashing Protection Evasion
Control Flow Integrity Bypass
CFI Policy Violation
Indirect Call Manipulation
Radio Frequency Security Analysis
Software Defined Radio Fundamentals
SDR Hardware Platforms
RTL-SDR Dongles
HackRF One
USRP Devices
BladeRF Platforms
SDR Software Tools
GNU Radio Framework
SDR# Software
GQRX Spectrum Analyzer
Universal Radio Hacker
Wireless Protocol Analysis
Bluetooth Security Analysis
Classic Bluetooth Analysis
Bluetooth Low Energy Analysis
Bluetooth Mesh Analysis
IEEE 802.15.4 Protocol Analysis
Zigbee Protocol Security
Thread Protocol Analysis
6LoWPAN Analysis
Proprietary RF Protocol Analysis
Signal Identification Techniques
Modulation Analysis
Protocol Reverse Engineering
RF Attack Techniques
Signal Capture and Analysis
Spectrum Analysis
Signal Recording
Demodulation Techniques
Replay Attack Implementation
Signal Replay Methods
Timing Considerations
Frequency Accuracy Requirements
Signal Injection and Jamming
Targeted Signal Injection
Jamming Techniques
Interference Analysis
Previous
3. Firmware Reverse Engineering
Go to top
Next
5. Secure Design and Countermeasures