This workshop will introduce attendees to the world of firmware analysis. It will discuss only structured firmwares---i.e. firmware containing a file system---by opposition to monolithic firmwares also known as baremetal firmwares. Students will discover two major steps of this analysis workflow which are also the most firmware specific ones: extraction of the filesystem and its cartography. Various open-source tools will be introduced, including two developed by Quarkslab: Pyrrha, a mapper collection for firmware analysis, and its underlying API Numbat. Based on this latter, attendees will be able to develop their own cartography tools with a nice UI. All along this workshop, a strong focus will be made on the tasks that could be automated by some existing or future tools but also on the limits of this automatization.
Requirements:- This workshop requires attendees to be able to script in Python.