Readable Thrift

April 25, 2018

Readable Thrift is a Java library for converting binary Thrift protocol messages to and from a human-friendly JSON text format. This makes reverse engineering and tampering with binary format Thrif...
Proxmark3 Amiibo simulator

June 15, 2018

A fuzzing-oriented Amiibo simulator made with Proxmark3. Presented at REcon Montreal and HOPE in 2018.
Reversing the Animal Crossing letter system

August 5, 2018

While reverse engineering Animal Crossing I was asked to look into how the letter system in the game worked. How do the villager NPCs in the game interpret your letters? This is the resulting Twitt...
More Animal Crossing debug mode reversing

November 2, 2018

More details on the Animal Crossing debug mode registers.

May 13, 2019

CVE-2019-1862 and CVE-2019-1904 are a pair of vulnerabilities I discovered in the Cisco IOS XE web management interface (WebUI) while working at Red Balloon Security.
Fuzzing Games with Dolphin Emulator

June 16, 2019

To assist in finding more software vulnerabilities in games like Animal Crossing, I modified the Dolphin emulator to add a fuzzing capability into the debugger.
Renesas RX Ghidra module

June 26, 2019

While reverse engineering a device that uses the Renesas RX62T processor I found that there weren’t any flow-based disassemblers available for the architecture (just the objdump utility that came w...

August 17, 2021

Simulate or interact with Nintendo Joy Bus devices using an iCEBreaker FPGA dev board. Code available at