Pull up your bootloader

Hardware
SoC usually have the capability to customize the hardware behavior at system boot based on the value of input pin states called configuration word. However, the set of pull-up and pull-down resistors that control the configuration word can be hard to locate, especially on chips using BGA casings. In this study you will see that you don't always have to use expensive equipment to uncover these pins, sometimes all you need is a scope, a decent camera and knowing what you're looking for.

E-ink maiden: Bring your reader to the reverser

Hardware
Reverse-engineering
As a team of security researchers, we like poking at software and tinkering with common household objects for fun. So, one of our researchers bought an electronic paper reader tablet, and instead of reading ebooks on the train, started having fun with it!

Practical DMA attack on Windows 10

Hardware
Pentest
Among the various security assessments performed by Synacktiv, some involve attacking the security hardening of a laptop or workstation master image that will be massively deployed in an infrastructure. The purpose of this kind of security assessment is to give the client an overview of its level of maturity regarding security concerns and provide him with some recommendations in order to increase his level of security. This post describes how Synacktiv defeated a workstation security measures by using a hardware appro...