Hardening U-Boot for Production
How to harden U-Boot for production by locking the console, requiring verified boot, and protecting the environment before a product ships.
Hardening FreeRTOS Applications
How to harden a FreeRTOS application with the MPU port, stack overflow detection, and unprivileged tasks so one bug cannot take the system.
Hardening Embedded Linux Userland with BusyBox and Dropbear
How to harden an embedded Linux userland with BusyBox and Dropbear, dropping privilege and shrinking what a foothold can reach.
Fuzzing Embedded Network Protocols with boofuzz
How to fuzz embedded network protocols with boofuzz to find parser crashes and memory bugs before a malformed packet does in the field.
Firmware Extraction and Analysis with binwalk
How to extract and analyze firmware with binwalk, identify and carve the filesystem, and spot encryption with an entropy scan.
Finding and Defending JTAG and SWD Debug Ports
How to find JTAG and SWD debug ports on a board, what they expose, and why enabling readout protection before shipping is essential.
Finding Hardcoded Secrets in Firmware
How to hunt hardcoded secrets in firmware, from grep to verified secret scanners, and how to keep keys out of the image.
Exploit Mitigations for Embedded C
The embedded exploit mitigations that matter, from stack canaries to MPU isolation, and how to confirm they are active on shipping firmware.
Emulating Firmware with QEMU
How to emulate firmware with QEMU to test a device’s services at scale without the hardware, with snapshots and a debugger.
Dumping eMMC and NAND Flash
How to dump eMMC and NAND flash from embedded Linux devices, verify the image, and why data at rest must be encrypted.