OPTIGA™ Trust M Host Library for C

SCARR is a Side-Channel Analysis (SCA) framework

Fault attack agaisnt EdDSA demonstrated on an Arduino Nano board, allowing for partial key recovery and fake signatures.

PWN is an open security automation framework that aims to stand on the shoulders of security giants, promoting trust and innovation.

Artifacts for "Phoenix: Rowhammer Attacks on DDR5 with Self-Correcting Synchronization" (IEEE S&P '26)

Zion Key Management Api

Lists various tools used in hardware hacking.

Hardware Security Labs

SIde-Channel Analysis toolKit: embedded security evaluation tools

FlippyRAM is an automated framework for testing and analyzing Rowhammer vulnerabilities in DRAM. It combines rowhammer tools and supports both Docker and ISO-based execution, making it a powerful resource for hardware security research.

Cypherock EMFI device is a low-cost tool to induce electromagnetic fault injections on general purpose MCUs and SOCs to study various chip level attack vectors

Zion Key Management Service

Yosys plugin for logic locking and supply-chain security

Repository to store all design and testbench files for Senior Design

Privacy-focused secure messenger with post-quantum E2EE (PQXDH/ML-KEM), OpenMLS groups, SFrame voice/video, Sealed Sender. Flutter (iOS/Android) + Tauri (Desktop). Self-hostable, Kubernetes-native, Apache-2.0.

🐢 The hardware heart of TurtlPass — firmware for passwords born in hardware, offline and reproducible (RP2040 / RP2350).

Additional material for our paper "Breaking all the Things - A Systematic Survey of Firmware Extraction Techniques for IoT Devices" (CARDIS 2018)

Secure cross-platform USB HID keyboard dongle that types passwords and text from Android and iOS apps into any computer or console, without exposing secrets to the host.

Proof of Concept implementation + Brief Tutorial of the Meltdown and Spectre attacks [+ Flush/Realod]

Flucky - Advanced Bluetooth HID Attack Platform 🦆 Professional-grade wireless security testing tool featuring automatic BLE connectivity, psychological awareness testing, LOLBAS integration, and military-grade encryption. Built exclusively for authorized red teams, academic research, security awareness training, and educational purposes.