Request a Demo Contact Us
Join us at Black Hat Europe on December 4-7, 2023
Join Us

SPI Flash for Bug Bounty Hunters


SPI Flash for Bug Bounty Hunters

In this presentation, Nerdwell provides a hands-on demonstration of extracting SPI flash contents from hardware devices and how bug bounty hunters can use these techniques to find impactful bugs. The talk begins with a review of SPI flash basics and use cases from the bug bounty hunter’s perspective. Nerdwell then demonstrates SPI flash extraction using low-cost Android-based tools. Lastly, he provides a detailed discussion of the types of data often found in SPI flash and how this data can be of value to bug bounty hunters.


About the Author

Nerdwell is a systems and security engineer with a passion for bug bounty and vulnerability research. He currently works in critical infrastructure protection and has experience supporting technology in a variety of industries, ranging from manufacturing to healthcare. With over 20 years’ experiences, Nerdwell understands firsthand the challenges of building and supporting complex technology solutions securely. In addition to finding bugs and performing security research, Nerdwell enjoys networking and sharing knowledge with fellow hackers.

More resources

Hacker Resources

Platform Behavior Standards

Learn More

Expanding Risk Reduction with a Crowdsourced Security Platform

Read More

AI Safety and Compliance: Securing the New AI Attack Surface

Register Now

Get Started with Bugcrowd

Every minute that goes by, your unknown vulnerabilities leave you more exposed to cyber attacks.