Skip to main content
Malware Kindergarten

To do list

Done:
#

  • Write posts about previous projects
  • Create a Linux rootkit
  • Create a Windows malware (Horrible task, but I did it)
  • Create a U-Boot Secure Boot bypass lab

To do:
#

  • Be fluent in ARM64 assembly
  • Reverse engineer a real hardware device (probably a router or a smart TV)
  • Reverse more in general
  • Learn more about hardware security (side channels, fault injection, etc.)
  • Create a PCIe DMA attack lab (with an FPGA card, using PCILeech for example)

Future projects:
#

  • Host an open source IA to help with reverse engineering and hardware security. Current idea is to make a plugin in Ghidra that can be used to automatically rename functions, variables, etc. based on the context and the code. It would be a great help for reverse engineers and security researchers. (Obviously, this has already been done, but I want to make my own version to hold my own data and to have a better understanding of how it works)

  • Create a custom meta-layer containing all the tools an ethical hacker needs to do their job. The attacker would simply have to flash the output of the Yocto build on a custom board (probably a Raspberry Pi) and would have all the tools they need to do their job. The meta-layer would contain tools to attack networks, hardware, software, etc. It would be a great help for ethical hackers and security researchers. (This is a long term project, but I think it would be really cool to have a custom meta-layer capable of developing modular embedded firmware, tailorable to an attacker’s specific requirements and tactical needs)