Foundry Zero's Avatar

Foundry Zero

@foundryzero.co.uk

We're a specialised supplier providing cyber security research, engineering services and training.

23 Followers  |  7 Following  |  15 Posts  |  Joined: 06.01.2025  |  1.7408

Latest posts by foundryzero.co.uk on Bluesky

OffensiveCon25 - Ken Gannon- Chainspotting 2: The Unofficial Sequel to the 2018 Talk “Chainspotting”
YouTube video by OffensiveCon OffensiveCon25 - Ken Gannon- Chainspotting 2: The Unofficial Sequel to the 2018 Talk “Chainspotting”

OffensiveCon impressed the team last year, and this year was no disappointment. Those who enjoy logic bug exploit chains should check out Ken Gannon walking through his last-minute discovery of a full chain to exploit a Galaxy S24 for Pwn2Own Ireland 2024: www.youtube.com/watch?v=LAIr....

23.05.2025 07:09 — 👍 0    🔁 0    💬 0    📌 0
Post image

To celebrate the great work done by the Foundry Zero team over the last financial year, the team had an action-packed day out. There was an escape room and team meal, followed by an Italian 3-course meal masterclass.

There was enough focaccia left to keep everybody full for the rest of the week!

08.05.2025 11:56 — 👍 1    🔁 0    💬 0    📌 0
Picture of the dune board game being played

Picture of the dune board game being played

This month we're playing Dune!
Allegedly an alliance-based strategy game, our Spacing Guild managed to score an early victory before the alliance mechanics had started to kick in!

A great time plotting and scheming, I think Dune is one we're all hoping to play again soon!

#Socials #BoardGameNight

11.04.2025 14:43 — 👍 1    🔁 0    💬 0    📌 0
Preview
GitHub - foundryzero/ghidra-deep-links: A cross-platform plugin for Ghidra that provides deep linking support. This enables the generation of clickable disas:// links that can be included in 3rd party... A cross-platform plugin for Ghidra that provides deep linking support. This enables the generation of clickable disas:// links that can be included in 3rd party applications. - GitHub - foundryzer...

We're happy to announce a new update to Ghidra Deep Links!
github.com/foundryzero/...

Now with draw.io support!

With this update, complete draw.io objects can be copied straight from Ghidra without the fuss of adding symbol names or editing in the links yourself!

#Ghidra #ReverseEngineering

20.03.2025 10:37 — 👍 1    🔁 0    💬 0    📌 0

Really excited to have the team out at @re-verse.io Vector35's new conference in Orlando, learning about Windows Internals and Binja scripting.

Conference starts tomorrow and the talk schedule looks great. Definitely a future conference to keep an eye on.

#training #cybersecurity #binja

27.02.2025 09:06 — 👍 1    🔁 0    💬 0    📌 0
Preview
GitHub - foundryzero/llef: LLEF is a plugin for LLDB to make it more useful for RE and VR LLEF is a plugin for LLDB to make it more useful for RE and VR - foundryzero/llef

We're currently working on a big release for LLEF (github.com/foundryzero/...).

If you have ideas that could make the use of LLDB easier, please get in touch. We accept PRs, we accept ideas, we even will occasionally listen to wild rants about LLDB.

#llef #lldb #debugging #reverseengineer #revr

18.02.2025 08:54 — 👍 0    🔁 0    💬 0    📌 0
Post image

For this month’s virtual social we played Blood On The Clocktower - a team-based social deduction game. The good team had fun unravelling the web of unreliable information sowed by the evil team (and the storyteller!).

I suspect it’ll make an appearance at an upcoming office games night.

#socials

13.02.2025 14:51 — 👍 0    🔁 0    💬 0    📌 0
Preview
Security research & development careers - Foundry Zero

We are recruiting talented developers and researchers to make and/or break things with us.

If you want to keep your career technical long after they said you can't, come talk to us

careers.foundryzero.co.uk

#cybersecurity #careers #revr #vulnerabilityresearch #softwaredevelopment #staytechnical

11.02.2025 08:26 — 👍 0    🔁 0    💬 0    📌 0
A breakdown of a file format in hex, highlighted by coloured lines explaning how the header format works.

A breakdown of a file format in hex, highlighted by coloured lines explaning how the header format works.

We love learning new things at Foundry Zero, and one of the ways we share this is via our internal Lightning Talks programme. Way back in March last year, one of the team showed us how to develop Ghidra loaders for unsupported data formats.
#ghidra #reverseengineering #infosec

06.02.2025 10:23 — 👍 0    🔁 0    💬 0    📌 0
Post image

In October the whole company went to @hexacon.bsky.social! The conference was fantastic, with just our kind of talks: low-level, full of technical detail, and covering a range of interesting topics. It being in paris, we also enjoyed some good team meals out and your classic party on a boat #infosec

29.01.2025 15:24 — 👍 1    🔁 0    💬 0    📌 0
A web page that shows activity on a SPI connection based on data sent and other parameters.

A web page that shows activity on a SPI connection based on data sent and other parameters.

We love learning new things at Foundry Zero, and one of the ways we share this is via our internal Lightning Talks programme. Last year we had 21 different talks!

In November one of the team gave us an overview of SPI, I2C and UART, along with simulators he built to help us understand how they work

22.01.2025 07:45 — 👍 0    🔁 0    💬 0    📌 0

Training booked for the majority of the company today. Getting out to ringzer0, hardwear, @offensivecon.bsky.social, @accuconf.bsky.social, re//verse, and some others.

Really hyped to get the feedback from the attendees.

#cybersecurity #compsci #training #conferences

16.01.2025 11:23 — 👍 1    🔁 1    💬 0    📌 0
A image that shows a piece of code. On top there is an expression (param_1 & 1) * 2 + (param_1 ^ 1). On the bottom is a deobfuscated version, param_1 + 1. In the middle there is a custom Ghidra DSL, explained in the post.

A image that shows a piece of code. On top there is an expression (param_1 & 1) * 2 + (param_1 ^ 1). On the bottom is a deobfuscated version, param_1 + 1. In the middle there is a custom Ghidra DSL, explained in the post.

RULECOMPILE - Undocumented Ghidra decompiler rule language.
A blog post about how frustration with poor decompilation led me to dive deep into Ghidra's decompiler to discover (and reverse-engineer) - an obscure, undocumented DSL
msm.lt/re/ghidra/ru...
#reverseengineering #ghidra

30.12.2024 19:34 — 👍 14    🔁 9    💬 0    📌 0
A bowl of multicoloured mini eggs in a white bowl.

A bowl of multicoloured mini eggs in a white bowl.

The best thing for the office in these low-light days.
The worst thing for the office new year's resolutions.

The regular jingle of this bowl being refilled causes a Pavlovian response in our researchers.

#officesnacks #minieggs

08.01.2025 10:38 — 👍 0    🔁 0    💬 0    📌 0
Preview
GitHub - foundryzero/binder-trace: Binder Trace is a tool for intercepting and parsing Android Binder messages. Think of it as "Wireshark for Binder". Binder Trace is a tool for intercepting and parsing Android Binder messages. Think of it as "Wireshark for Binder". - foundryzero/binder-trace

We made and maintain BinderTrace, a handy tool for analysing Binder transactions on Android.

You can read about it (and Binder) here:
github.com/foundryzero/...

You can get access to it here:
github.com/foundryzero/...

#android #binder #reverseengineering #compsci

07.01.2025 09:48 — 👍 0    🔁 0    💬 0    📌 0
LLEF - LLDB Enhanced Features

We made and continue to maintain LLEF (LLDB Extended Features). LLEF provides the kind of features that make using debuggers bearable for LLDB.

You can read about it here: foundryzero.co.uk/2023/07/13/l...

And you can get access to it here:

github.com/foundryzero/...

#reverseengineering #lldb

07.01.2025 09:42 — 👍 0    🔁 0    💬 0    📌 0

@foundryzero.co.uk is following 7 prominent accounts