Request a Demo Contact Us
Bugcrowd Named a Leader in GigaOm’s Pen Test as a Service Report
Read Now

SPI Flash for Bug Bounty Hunters

 

SPI Flash for Bug Bounty Hunters


In this presentation, Nerdwell provides a hands-on demonstration of extracting SPI flash contents from hardware devices and how bug bounty hunters can use these techniques to find impactful bugs. The talk begins with a review of SPI flash basics and use cases from the bug bounty hunter’s perspective. Nerdwell then demonstrates SPI flash extraction using low-cost Android-based tools. Lastly, he provides a detailed discussion of the types of data often found in SPI flash and how this data can be of value to bug bounty hunters.

 

About the Author


Nerdwell is a systems and security engineer with a passion for bug bounty and vulnerability research. He currently works in critical infrastructure protection and has experience supporting technology in a variety of industries, ranging from manufacturing to healthcare. With over 20 years’ experiences, Nerdwell understands firsthand the challenges of building and supporting complex technology solutions securely. In addition to finding bugs and performing security research, Nerdwell enjoys networking and sharing knowledge with fellow hackers.

More resources

Webinar

How the Government is Partnering with an Ethical Army

Watch Now
Essentials

Bugcrowd University Repository

Learn More
Report

ESG Security Leadership Study – Trends in Application Security

Read More

Get Started with Bugcrowd

Every minute that goes by, your unknown vulnerabilities leave you more exposed to cyber attacks.