Software and ToolsView all on GitHub
The C-based Firmware Patching Framework for Broadcom/Cypress Wi-Fi Chips that enables Monitor Mode, Frame Injection and much more.
Bluetooth experimentation framework for Broadcom and Cypress chips.
Broadcom and Cypress firmware emulation for fuzzing and further full-stack debugging.
iOS Bluetooth in-process fuzzing.
Wireshark dissector for the iPhone Intel baseband protocol called Apple Remote Invocation (ARI).
A LoRaWAN Security Evaluation Framework for COTS Hardware
Vulnerabilities in Linux Wi-Fi
We found five CVEs in the Linux Wi-Fi stack, with some of them dating back to kernel version 5.1 (2019). Our PoCs confirm that they lead to DoS, and might also lead to RCE in rare cases.
CVE-2022-41674, CVE-2022-42719, CVE-2022-42720, CVE-2022-42721, CVE-2022-42722