The McAfee Advanced Threat Research team conducts security research with the aim of staying ahead of the evolving threat landscape to expose and reduce attack surfaces. This series of white papers discuss laboratory security research techniques that are generally known among the professional community of security researchers. The white papers are provided to elevate collaboration and security within the industry and are not to be used for unlawful purposes. Security researchers are responsible for lawfully obtaining equipment and for complying with contracts and licenses for their research.
Industrial Control System (ICS) Simulation
Ever wondered how SCADA or ICS systems actually work? This short paper focuses on a demo unit we built and the security risks that can accompany these often overlooked environments.
Learn MoreGlitching U-Boot by Shorting the NAND Flash
Rewatched “the Matrix” and wondering what glitching is? In this context, it’s not Déjà vu, but a technique to bypass hardware checks and get a root prompt. In this guide, we apply it to U-Boot.
Learn MoreWatchdog Bypass Techniques
Watchdog timers can be the bane of exploit-developers existence. We detail techniques to halt, kill, or bypass watchdog timers, even in cases where there are redundant WDTs.
Learn MoreAndroid SSL Pinning Bypass: Android 7-10
Unpin developer supplied certificates to decrypt app data over SSL (Android versions 7-10)
Learn MoreData Science Tips & Tricks
This simple guide details some of the common tools, configuration steps, and issues data scientists might uncover as they begin to build their first machine learning models and applications.
Learn MoreCross-Compiling Legacy Systems
An in-depth “how-to” guide on cross-compiling legacy systems, for when you can’t seem to find the necessary tools to automate the process.
Learn MoreAndroid SSL Pinning Bypass: Android 4-6
Unpin developer supplied certificates to decrypt app data over SSL (Android versions 4-6)
Learn MoreRF Selective Jamming
This whitepaper details an innovative just-in-time jamming technique developed by McAfee Advanced Threat Research and demonstrates a unique use case for an attack against a popular garage door.
Learn MoreXML Sanitization Bypass Tool
XML provides built-in input sanitization, typically allowing only standard printable characters. This tool identifies ASCII-printable memory addresses for a given library, which can be used to construct shellcode for XML-based exploits. This tool is meant for research purposes only!
Learn More