Continuing our journey with the Flipper Zero, this time exploring NFC relay attacks on credit cards!
👉 More info here! dev.to/gvi/flipper-ze…
English
Guillaume VINET
474 posts
Guillaume VINET
@Galiath3
Senior Expert in Embedded System Cybersecurity
Katılım Ağustos 2012
64 Takip Edilen161 Takipçiler
Built a transparent NFC reader with Flipper Zero. Now, what about a transparent card emulator to send rogue commands to NFC readers?
👉 Learn more: dev.to/gvi/flipper-ze… #FlipperZero #NFC #Hacking #Cybersecurity
English
"Unlock the full potential of your Flipper Zero! Turn it into a transparent reader and dive deep into hacking the low-level NFC card communication protocols. 🔥💳 #FlipperZero #NFCHacking
dev.to/gvi/hacking-nf…
English
An old white-box 2019 post of mine has resurfaced! It explores attacking ECDSA in white-box crypto using Side-Channel techniques. Fine-tuning tracing parameters can make your trace generation faster and smaller while retaining crucial leakage data. eshard.com/posts/optimize…
English
Want to add a custom board in Qemu? Damien Cauquil’s amazing SSTIC 2024 work adds the ATSAMD21G18A chip! Discover papers, videos, and code on GitHub now! #Qemu #SSTIC2024 github.com/quarkslab/ssti…
English
Think the highest security configuration guarantees top security? Not always! Discover why in my latest blog post on MCUBoot vs. simulated fault injection: MCUBoot Under (good) Pressure | Part 3: Less is more? #MCUBoot #FaultInjection #Simulation eshard.com/posts/mcuboot-…
English
#mcuboot < 1.11.0 high vulnerabilities. The TLV structure utilized in the firmware image might be susceptible to manipulation: an unprotected TLV entry could be inserted without detection. Patch in progress github.com/mcu-tools/mcub…
English
Interesting blog post detailing Renesas chip emulation using Unicorn @quarkslab blog.quarkslab.com/emulating-rh85…
English
Guillaume VINET retweetledi
Español
Guillaume VINET retweetledi
In December 2022 Quarkslab's team of @_cryptocorn_ @virtualabs @Mad5quirrel and @RobinDavid1 participated in the #pwn2own Toronto contest to exploit a Netgear RAX30 router.
In this new blog post they recount their journey against time and randomness
blog.quarkslab.com/our-pwn2own-jo…
English
Guillaume VINET retweetledi
HydraBus v1.0 Rev1.4 is now available on @digikey
Digi-Key Electronics (USA / Worldwide)
digikey.com/en/products/de…
For more details see hydrabus.com/buy-online
English
Guillaume VINET retweetledi
Presenting a short walkthrough on our journey running QEMU AFL++ on android we've done a few months ago
@hackerschoice alephsecurity.com/2021/11/16/fuz…
Itai Greenhut@Gr33nh4t
I just compiled #QEMU for AFL on @Android! Now I can do blackbox #fuzzing from anywhere😉 #Noxpwaste
English
Guillaume VINET retweetledi
Come see us at #EuroCyberWeek Tomorrow @RobinDavid1 will explain what it takes to automate checking software defects through combining static analysis, fuzzing and dynamic symbolic execution. "One framework to rule them all" (C&ESAR 2021). conf.researchr.org/details/cesar-…
European Cyber Week@EUCyberWeek
The opening of the #EuropeanCyberWeek with the C&ESAR conference this year will focus on the theme of automation in #cybersecurity Info: bit.ly/3jlJV7S Organized by @DGA et @Armees_Gouv
English
Guillaume VINET retweetledi
Recently researchers from universities in Singapore, China, and Switzerland have discovered a novel way to compromise the security of SGX. In our latest Security Highlight, we discuss how SmashEx may threaten SGX applications. Read more in our highlight: riscure.com/blog/security-…
English
Guillaume VINET retweetledi
@is_eqv and I just published the source code of our hypervisor-based snapshot fuzzer for complex network targets (+ vulns in firefox): github.com/RUB-SysSec/nyx…. Check it out!
GIF
English
Guillaume VINET retweetledi
I had the privilege of early access, but now @NPRougier's book is available online, AND open access! No more excuses for ugly plots! labri.fr/perso/nrougier…
Folgert Karsdorp@FolgertK
I love spending hours tinkering with visualizations, so I'm very excited about @NPRougier's book Scientific Visualization – Python & Matplotlib. Will it cure my procrastination? 🤷♂️ But it's really good, full of informative and aesthetical visualizations! github.com/rougier/scient…
English
Guillaume VINET retweetledi
@angealbertini Yes! Code and models are here github.com/eurecom-s3/loa…
the slides of the bh talk are here i.blackhat.com/EU-21/Wednesda…
if you're interested, we also have an academic paper about this work eurecom.fr/publication/66…
English
Guillaume VINET retweetledi
👏Our researchers @DamianoMelotti @max_r_b @doegox just finished their talk about reversing Google's Titan-M chip.
Partial chip pinout, Ghidra loader, an open source API client, a fuzzer, 1st ever code exec exploit, slides & white paper now available here
github.com/quarkslab/tita…
English
Guillaume VINET retweetledi
My crusade is finished. @ProjectJupyter now includes a simple command-line tool for running notebooks.
Meet `jupyter execute`
#using-a-command-line-interface" target="_blank" rel="nofollow noopener">jupyter.readthedocs.io/en/latest/runn…
English
Guillaume VINET retweetledi
Yesterday I was introduced to a new education-focused @risc_v simulator, qtrvsim. It lets you visualise what is happening in single stage and pipelined CPUs running RISC-V code. And there is also a webassembly port, so it runs in the browser! dev.jakubdupak.com/qtrvsim/
English