Readable Thrift

April 25, 2018

Readable Thrift is a Java library for converting binary Thrift protocol messages to and from a human-friendly JSON text format. This makes reverse engineering and tampering with binary format Thrif...
Proxmark3 Amiibo simulator

June 15, 2018

A fuzzing-oriented Amiibo simulator made with Proxmark3. Presented at REcon Montreal and HOPE in 2018.
Reversing the Animal Crossing letter system

August 5, 2018

While reverse engineering Animal Crossing I was asked to look into how the letter system in the game worked. How do the villager NPCs in the game interpret your letters? This is the resulting Twitt...

May 13, 2019

CVE-2019-1862 and CVE-2019-1904 are a pair of vulnerabilities I discovered in the Cisco IOS XE web management interface (WebUI) while working at Red Balloon Security.
Fuzzing Games with Dolphin Emulator

June 16, 2019

To assist in finding more software vulnerabilities in games like Animal Crossing, I modified the Dolphin emulator to add a fuzzing capability into the debugger.
Renesas RX Ghidra module

June 26, 2019

While reverse engineering a device that uses the Renesas RX62T processor I found that there weren’t any flow-based disassemblers available for the architecture (just the objdump utility that came w...