TL;DR: This is a deep-dive into a nice concept for a security token & password manager that turned into a horrible product due to lack of proper R&D and Threat Modeling. Prologue: After my first success in bypassing APPROTECT readout protection of the NRF52-based Slok smartlock with #PocketGlitcher (i.e. …

Recently I bought a X-RAY machine from China to have some ghetto-style desktop setup in order to inspect/reverse engineer some PCBs and hardware implants.

Yet another Multipurpose Breakout Board to hack hardware in a clean and easy way! Few months ago I have presented #FocacciaBoard: a similar multipurpose breakout board that uses the famous FT232H to handle multiple protocols commonly found in (I)IoT devices (i.e. UART, JTAG, SWD, SPI, I2C).

A Multipurpose Breakout Board to hack hardware in a clean and easy way! TL;DR: Go grab a copy of the Gerbers and 3D-printed Case STL files at https://github.com/whid-injector/Focaccia-Board and print through your favorite FAB. Prologue Even before the appearance of the word (I)IoT, I was breaking hardware devices, as many of…

In the previous post https://medium.com/@LucaBongiorni/usbsamurai-a-remotely-controlled-malicious-usb-hid-injecting-cable-for-less-than-10-ebf4b81e1d0b I have talked a bit about USBsamurai based on C-U0007. With this blog-post I wanna bring more light regarding: Which are the differences between C-U0007 & C-U0012 How to Build USBsamurai with a C-U0012 How to flash the C-U0012 with the LIGHTSPEED Firmware

TL;DR: The Video is self-explanatory. (Wanna know how to make it? Read the article below.) All started with this Tweet last April, when I wanted a damn cheap USB implant capable of injecting keystrokes. It had to be: Remotely Controllable Fast in Typing Tiny as f***k Cheaper than a…

Few months ago I was testing some TCP & Wiegand based Access Control Systems that also had RFID reading capability and a lovely Fingerprint reader embedded. Most of my time was spent on hardware security related tasks. However, since I love to mess-up with chemical compounds… I decided to test…

While driving to work I have seen the advertisement of a Fireworks Festival that’s going to happen in the city. And, as usual, my curiosity brought me to one question: “How they trigger the fireworks?” Back when I was a contractor I have worked for a company which the main…

As you may know, I am close to release WHID Elite. And as pedantic hardware developer I wanna be sure everything works, even the smallest details. Last week I was looking for new targets to test WHID Elite’s Radio Hacking capabilities and suddenly I found an interesting one: an Electrocuting…