Introduction to appliance reverse engineering

Do you need to analyze a product that was shipped with a locked down operating system ? This workshop will cover the basic of analyzing this type of product.

This workshop is a follow-up to Leveraging UART, SPI and JTAG for firmware extraction


Do you need to analyze a product that was shipped with a locked down operating system ? This workshop will cover the basic of analyzing this type of product.

The following topics will be covered :

  • Making a locked down operating system easier to debug.
  • Extracting files from a virtual machine and sending files to a virtual machine.
  • Tools to reverse engineer common format (.war, .jar and .pyc).
  • Identifying the endpoints of an appliance.
  • Identifying points of interest to find vulnerabilities.
Participants should bring:

The following tools are required for the workshop :

  • VirtualBox
  • A Linux VM (if your main OS isn't Linux based).
  • It's recommended to download the content of the workshop before the start of the workshop. Link will be provided a few days before the event.
Participants must know or have:

Entry-level workshop.


Olivier Arteau ,

Olivier Arteau is a security researcher that works for Desjardins. In his early day, he was a web developer and transitioned into the security field during his university. He gave in the last few years a good amount of workshop for the user group MontreHack and is also part of the organization of a few CTFs (Mini-CTF OWASP and NorthSec).