JTAGulator alternative for RP2040 microcontroller based development boards including RPi Pico.
Connect the RP2040 microcontroller based development board running blueTag to your computer using USB cable. Connect the development board's GPIO pins (GPIO0-GPIO15 so 16 channels in all) to your target's testpoints on the PCB. Connect the development board's "GND" pin to target's "GND". Connect to your RP2040 using a terminal emulator. blueTag supports auto-baudrate detection so you should not have to perform any additional settings. Press any key in the terminal emulator program to start using blueTag. The firmware methodically pokes at all of the connected lines to figure out what kind of interface it is (JTAG, I2C, SPI, etc) and which line is hooked to which pin of that interface for you.
iaito is the official graphical interface for radare2, a libre reverse engineering framework. Based on radare2 and Qt-5/6. Iaito was the original name before being forked as Cutter. Use all your favourite r2 plugins and scripts (nothing is specific to iaito). Focus on simplicity, parity with commands, features, keybindings. Forensics, bindiffing, binary patching... not just a static disassembler.
r2 is a complete rewrite of radare. It provides a set of libraries, tools and plugins to ease reverse engineering tasks. Distributed mostly under LGPLv3, each plugin can have different licenses (see r2 -L, rasm2 -L, ...).
The radare project started as a simple command-line hexadecimal editor focused on forensics. Today, r2 is a featureful low-level command-line tool with support for scripting with the embedded Javascript interpreter or via r2pipe.
r2 can edit files on local hard drives, view kernel memory, and debug programs locally or via a remote gdb/windbg servers. r2's wide architecture support allows you to analyze, emulate, debug, modify, and disassemble any binary.
Ever wanted to be an old-school game programmer? Learn how classic game hardware worked. Write code and see it run instantly. An IDE and full emulator, running natively in a web browser. Supports a large number of platforms, from game consoles to microcomputers to arcade game mainboards. Supports C development for sure, I don't know about any other languages. Has a full devkit, too - a disassembler, memory explorer, logic probe, scanline I/O checker, even an asset editor.
Github: https://github.com/sehugg/8bitworkshop
Has real instructions for compiling and running it, not just Docker webshit.
This project the result of reverse engineering the iconic Commodore 64 game Archon (c) 1983 by Free Fall Associates.
The reproduction code is intended to be a true replication of the source logic with the exception of original memory locations.
The code is fully relocatable and pays no heed to original memory locations. Original memory locations are provided as comments above each variable, constant or routine for reference.
Extensive comments have been provided to help understand the source code.
This repository is my own list of tools / useful stuff for pentest, defensive activities, programming, lockpicking and physical security (all resources are in English only).
OpenLGTV is a collective, non-commercial project for legal reverse engineering and research of LG (Smart and non Smart) TVs firmware, which is partially Open Source. The main goal of the project is to improve the functionality of the TVs by adding new features, fixing bugs and providing new software.
Github: https://github.com/OpenLGTV
SamyGO is a project for legal reverse engineering and research on Samsung Television firmwares which is Open Sourced, partially. We try to fix problems that in the firmware. We don't want money from you. We make this modifications for us and ourself but you are allowed to join us.
(The recent set of Samsung TV Firmwares is based on Linux core (GPL), which our work will be building upon. Therefore all work done is in compliance with and subject to the GPL.)
SamyGo supports LED, LCD and Plasma TV models made by Samsung from 2009.
Repair info and schematics for mostly older MFM hard drives. The maintainer is getting their hands on as many ancient drives as possible and reverse engineering the circuitry, not only so people will (hopefully) be able to repair them, but possibly so that replacements can be manufactured.
A collection of tools I use to reverse engineer PAL (programmable array logic) devices. These tools are meant to satisfy my needs. I'm sharing them here in case someone finds them useful.
Stuff discovered while analyzing the malware hidden in xz-utils 5.6.0 and 5.6.1.
This repository contains RCEd code extracted from Stuxnet binaries via disassembler and decompilers.
Many of you might find it wrong that both I and Mr. Amr Thabet copyrighted our code, I mean it is "stolen" code extracted from malware binaries, right?
I understand that it might look silly, but both of us spent hundreds, if not thousands, of hours between ASM code trying to figure out what was behind those binaries and we are providing the product of our hard work (i.e. readable C code) to you for free. It is not a simple job and it is not a short job, both our licenses are extremely permissive, you can do whatever you want with the code provided in this repository, the only thing I'd like to ask you is that our job get recognized and that when you use this code for analysis, blog posts, or university thesis you show us your support by giving us credit for what we did.
That's all. Thanks to all of you!
I've reverse engineered the power board from a Thinkpad 700C. The P/N is 35G4785, and the FRU number is 48G3712. A very similar or identical board is also present in the Thinkpad 700. The schematic isn't perfect. Open a bug report if you find a mistake. Not all components were identified. A number of parts did not have designators on the silkscreen, so I assigned them new ones starting at 300.
The circuit board has four layers and an aluminum core, presumably for heat dissipation.
Do not fabricate this design. The PCB layout is for reference only. There are ground plane cuts in layer User.9 that need to get transferred to the ground plane. There are minor footprint differences as well. There are still unidentified components in the bill of materials.
Did you know that Ghidra automatically detects and renders image and audio files embedded in a binary, including animated GIFs?
Open surprise in Ghidra for a nice surprise.
Build with make. I used CC=arm-linux-androideabi-gcc for the heck of it.
This is a playground (and dump) of stuff I made, modified, researched, or found for the Flipper Zero.
There's a lot of everything in here, from customized apps, BadUSB scripts, hardware specs for modders, GPIO interface shenanagains and interface pinouts, hardware troubleshooting, sound and music stuff, and sub-GHz captures and dissections for just about everything. It's an impressive collection.
A reverse-engineering tool for docker environments. Takes all network connections from your docker containers and can export them as:
- graphviz .dot files
- structurizr dsl
- json stream of elements
OS-independent, it uses different strategies to get container connections. Produces detailed connections graph with ports. Fast, scans ~400 containers in around 5 seconds. Right now only established and listen connections are listed.
This project aims to reproduce the LMSI CM-153 card needed to operate a Philips CM-100 CD-ROM drive. This drive was originally released in 1985 and used an early version of the LSMI protocol to connect. Later versions of LMSI cards, such as the CM-260, are not compatible with earlier drives (I do not know what the exactly compatibilities are). So an early card is required. The CM-153 is a very uncommon part to find due to it's limited use, high cost, and the fact that it would probably be tossed out with the computer when upgraded being separated from its original drive.
Thanks to Roland who has a working CM-100 and CM-153 we have some pretty high quality reference images of what this card looks like. It uses all off the shelf 74 series logic chips and one 8251A UART controller. It should therefore be possible to recreate without needing any rare chips or ROM dumps.
The card has been fully reverse engineered and tested to be functional. It has been demonstrated to work using this driver with a CM100 drive.
FISSURE is an open-source RF and reverse engineering framework designed for all skill levels with hooks for signal detection and classification, protocol discovery, attack execution, IQ manipulation, vulnerability analysis, automation, and AI/ML. The framework was built to promote the rapid integration of software modules, radios, protocols, signal data, scripts, flow graphs, reference material, and third-party tools. FISSURE is a workflow enabler that keeps software in one location and allows teams to effortlessly get up to speed while sharing the same proven baseline configuration for specific Linux distributions.
The framework and tools included with FISSURE are designed to detect the presence of RF energy, understand the characteristics of a signal, collect and analyze samples, develop transmit and/or injection techniques, and craft custom payloads or messages. FISSURE contains a growing library of protocol and signal information to assist in identification, packet crafting, and fuzzing. Online archive capabilities exist to download signal files and build playlists to simulate traffic and test systems.
A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM. Full featured hex editor. Byte patching. Patch management. Copy and paste byte sequences. String and hex pattern highlighting. Pattern matching DSL. Huge file support. Can disassemble 16 different architectures' code and counting.