tdec

Vulnerabilities published by Bluetooth SIG, Android, Apple, Intel and Qualcomm security bulletins, published at security conferences or as master thesis. If any are missing, thanks for pointing me to them !
Todo: macOS

Year | Name | CVE

2020 | Blurtooth: Exploiting Cross-Transport Key Derivation         | 2020-15802
2020 | Pairing Method Confusion                                     | 2020-10134
2020 | BIAS: Bluetooth Impersonation Attacks                        | 2020-10135
2020 | BlueRepli                                                    | ?
2020 | BLESA: Bluetooth Low energy spoofing attacks                 | 2020-9770

raplin

Cortex M CPU searchable IRQ/peripheral list

Goal: Use this when reverse engineering a binary for an unknown Cortex M CPU to help figure out exactly what you're looking at

Simple usage:
Load the binary into IDA/Ghidra
Find the vector table (usually the first 256-ish bytes right at the start of the file), and find some 'interesting' IRQ vectors that point to real code.
(The first 16 vectors are internal Cortex M stuff (reset vector, NMI etc) and will not be useful)
In the IRQ handler code pointed to by the vector, you will very often soon encounter an obvious peripheral address being loaded into a register.
Search this file for "[XXXX:YYYYYYYY]" where X = last 4 hex address of the IRQ vector, and YYYYYYYY=hex peripheral address.

sneves

/*
Constant-time integer comparisons
 
Written in 2014 by Samuel Neves <sneves@dei.uc.pt>
 
To the extent possible under law, the author(s) have dedicated all copyright
and related and neighboring rights to this software to the public domain
worldwide. This software is distributed without any warranty.
 
You should have received a copy of the CC0 Public Domain Dedication along with

rouli

#!/usr/bin/env python

import binascii, sys, json
import version, tnetstring, flow
from datetime import datetime


def create_har(flows):
    return {
        "log":{