Gerhard Klostermeier

Colleague of mine just released a cool tool to make #EMBA installations a breeze. It will setup a clean #Kali VM (qemu/VirtualBox) and installs everything. It even setups an easy CLI access to start analyzing right away. @securefirmware github.com/SySS-Research/…

There is a great YouTube video by @dcrainmakerblog about this issue now! Thanks for bringing attention to this very nice work by my colleague. youtube.com/watch?v=Iqd6sq…

Had a great time @WEareTROOPERS ! Even got a SAM from the legend himself! Thanks @herrmann1001. Now I can level up my Seos/iCLASS game! #TROOPERS25

As announced yesterday, the blog article by my colleagues Stefan Walter and Daniel Isern with further technical details concerning the Windows SMB security vulnerability CVE-2025-33073 is now published. blog.syss.com/posts/kerberos…

blog.syss.com/posts/bluetoot… Really good write up about hacking a BLE smart watch from a big brand. The cherry on top is the remote online account takeover by just being withing Bluetooth proximity.

Finally! A solid automotive Ethernet adapter that is build with Linux in mind. No weird drivers and tools required. crowdsupply.com/dissecto/hydra… Thanks @we155_n & @epozzobon

Happy to see our talk has been accepted at #troopers See you in Heidelberg! troopers.de/troopers25/tal…

This is how it looks if research is done with the #PicoGlitcher on two targets simultaneously :D

Great to see people putting in the effort to reproduce important security issues. Cool setup & great results!

Due to recent events, I will be more active on mastodon from now on. Happy to see you there: @mkesenheimer@mastodon.social

New Blog article about the new features of the #PicoGlitcher v2: mkesenheimer.github.io/blog/pico-glit…

Damn! This has become a really versatile glitching tool at a very fair price point. Great work!

My colleague Sebastian Auwärter found several security vulnerabilities in a PGST wireless alarm system. You can find his security advisories (SYSS-2024-070, SYSS-2024-071, SYSS-2024-072, SYSS-2024-073) and some proof-of-concept videos in the SySS blog: syss.de/pentest-blog/m…

If you like embedded device hacking, this talk has it all! Don't let the 18 minutes fool you. It is packed with everything from XXS over encrypted passwords and firmware files to even hardware security module (HSM) related research questions. You can feel the effort put into it.

RCE, backdoors, decryptable configs, guessable VPN secrets. If you are using mbNET industrial remote gateways you should update! - CVE-2024-45271 - CVE-2024-45272 - CVE-2024-45273 - CVE-2024-45274 - CVE-2024-45275 - CVE-2024-45276 syss.de/pentest-blog/k…

My colleague @BartimaeusvUruk made a fantastic voltage glitching device! Don't get me wrong, I enjoyed the #Faultier by @hextreeio, but the PicoGlitcher has a lot to offer! Check it out at: * mkesenheimer.github.io/blog/pico-glit… * github.com/MKesenheimer/f… * tindie.com/products/fault…

My #Faultier arrived today from @1bitsquared. I've just worked through the first free(!) glitching course at @hextreeio. This was fun! Thanks @ghidraninja & @LiveOverflow for providing a great tool, learning platform and a well rounded introduction into fault injection!

Finally came around to make a Mastodon account: infosec.exchange/@iiiikarus 🎉🥳

Are "MIFARE-compatible" contactless cards not playing fair? That's what you may wonder after @doegox spotted some odd behavior. Curiosity led to experiments to devise a new attack technique that uncovered some backdoors. The RFID hacking spirit lives on! blog.quarkslab.com/mifare-classic…

Great (hardware) hacking writeup! Impressive work!