Embedded & Shredded - Advanced Embedded System Hacking

Instructor:  Caleb Davis
Dates:  June 15 to 18 2026
Location:  Hilton DoubleTree Montreal
Capacity:  20

This training provides an in-depth, hands-on approach to reverse engineering embedded systems, covering firmware analysis, hardware debugging, and PCB reverse engineering. Participants will extract, analyze, and modify firmware using advanced techniques in Ghidra while learning to decode proprietary communication protocols with logic analyzers. The course also explores hardware-focused attacks, including live data exfiltration via debugging interfaces such as SPI, JTAG, and SWD, as well as chip depopulation and deadbugging methods for accessing embedded storage. Additionally, participants will reverse-engineer PCBs to map critical components, identify attack vectors, and reconstruct undocumented hardware designs.

Course Overview

Participants will begin with a hardware-focused approach to reverse engineering, learning how to visually inspect and document embedded devices to identify key components, debug interfaces, and potential vulnerabilities. PCB reverse engineering techniques will be covered in depth, including tracing connections, extracting board schematics, and reconstructing circuit functionality to facilitate firmware and hardware attacks.

Next, the training will focus on firmware extraction and analysis, guiding participants through various data exfiltration techniques such as direct memory access via debugging protocols, chip-off methods, and live system interaction. Using Ghidra and its specialized plugins, participants will reverse-engineer firmware to analyze structures, locate security mechanisms, and develop controlled modifications for further exploitation.

The course will conclude with an exploration of embedded security mechanisms and attack vectors, including encryption, disabled debugging interfaces, and hardware-based exploits such as glitching and fault injection. By the end, participants will have a comprehensive skill set for reverse engineering both hardware and firmware, enabling them to analyze, assess, and manipulate embedded systems effectively.

Requirements

Hardware:

• Logic Analyzer (Saleae, DSLogic, HiLetgo)
• Generic Universal Programmer (T56, T48, DataMan, FlashcatUSB, Xeltek)
• Universal Debugger (Segger, JTAGulator)

Software:

• STM32CubeIDE
• Ghidra (svd-loader / typeLoader)
• Logic Analysis Software (Logic2)
• Universal Debugger Software (Segger Tools)
• Universal Programmer Software (XGPro)

Prerequisites:

• Participants should have a foundational understanding of embedded electronics
• Experience with firmware analysis, vulnerability research, or low-level system debugging is recommended
• Familiarity with common tools and techniques for hardware interface probing, binary analysis, and debugging embedded systems will be helpful
• While prior hands-on experience with firmware extraction and debugging is beneficial, a general understanding of these concepts is sufficient to follow the material

Learning Objectives

• Develop the ability to systematically analyze embedded devices through visual inspection, identifying critical components, communication protocols, and potential attack surfaces
• Utilize logic analyzer tools to decode embedded communication protocols using both manual techniques and automated post-decoding methods
• Perform chip depopulation and deadbugging techniques to access embedded storage and conduct live data exfiltration on powered systems via hardware debugging protocols
• Use Ghidra with advanced plugins to perform in-depth reverse engineering of bare-metal firmware
• Develop an intermediate understanding of embedded security mechanisms, including encryption, disabled debug interfaces, and side-channel defenses

Who Should Attend

The training is designed for intermediate to experienced hardware hackers, developers, or cybersecurity professionals who want to expand their knowledge.

Who Should NOT Attend

Professionals with zero to little hacking or development experience.

BIO

Caleb Davis is a founding member of the Cybersecurity organization, SolaSec. Caleb operates out of the Dallas/Fort Worth area and has a degree in Electrical Engineering from the University of Texas at Tyler. He is an inventor/patent holder and has a background in embedded hardware/software development. He leads a team of experts that regularly perform penetration testing across a wide variety of products including medical devices, ATMs, chemical control systems, security solutions, and other commercial products. Additionally, Caleb has a passion for integrating security into the product development life cycle and has helped several organizations in their approach to shifting left.

To Register

Click here to register.