Request a Demo Contact Us

SPI Flash for Bug Bounty Hunters


SPI Flash for Bug Bounty Hunters

In this presentation, Nerdwell provides a hands-on demonstration of extracting SPI flash contents from hardware devices and how bug bounty hunters can use these techniques to find impactful bugs. The talk begins with a review of SPI flash basics and use cases from the bug bounty hunter’s perspective. Nerdwell then demonstrates SPI flash extraction using low-cost Android-based tools. Lastly, he provides a detailed discussion of the types of data often found in SPI flash and how this data can be of value to bug bounty hunters.


About the Author

Nerdwell is a systems and security engineer with a passion for bug bounty and vulnerability research. He currently works in critical infrastructure protection and has experience supporting technology in a variety of industries, ranging from manufacturing to healthcare. With over 20 years’ experiences, Nerdwell understands firsthand the challenges of building and supporting complex technology solutions securely. In addition to finding bugs and performing security research, Nerdwell enjoys networking and sharing knowledge with fellow hackers.

More resources


The Total Economic Impact™ Of Bugcrowd Managed Bug Bounty

Read More

AI Bias Assessment

Read More

Ultimate Guide to AI Security

Read More

Get Started with Bugcrowd

Every minute that goes by, your unknown vulnerabilities leave you more exposed to cyber attacks.