Author: Gabriel Gonzalez

If you’ve ever had to explore the interfaces of a USB-enabled device, you know how opaque and undocumented many of them can be. While working on this problem, I put together a small tool I now routinely use to discover commands and better understand how these devices behave. Like most tools born out of real…

Lately I’ve been refining a set of heuristics to cut through the noise when dealing with extracted strings during reverse engineering. Anyone who’s spent enough time staring at an endless list of meaningless bytes knows how quickly your attention drifts. By filtering out the junk up front—using chi-square checks, pattern detection, and a couple of…

Tired of scrolling through endless walls of garbage when running strings on a binary? Same here. When you’re doing quick triage before diving into reverse engineering, most of what strings spits out is just useless noise — random bytes that happen to form printable characters but don’t mean anything. To make my life easier, I…

The below code is a very efficient and simple way of converting chunks of Bytes to code. This becomes specially handy when analyzing large binaries, specially firmware. The script first asks for the start and end addresses (these are both auto-filled based on the selected address on the disassembly vie and the last address of…

For the last 20 years I have been closely working in the SATCOM industry both helping develop prototypes and securing the most critical systems out there so I am pretty interested in research topics in this area. The recent work by Bisping et al. presents several interesting attack vectors against commercial VSAT satellite modems. The presented…

In my previous post, I detailed some tests into fault injection techniques on the nRF52 family experimenting with crowbar circuits, and ultimately being surprised by the effects of an analog CMOS switch, the MAXIM4619. After observing its higher overvoltage and ringing effects compared to a traditional crowbar circuit, many of you reached out asking how…