this whole generative ai and vibe coding thing, to me, has this very strong aura of, like david lynch would say, "big sadness"
Unveiled at #TROOPERS25 - Hexagon fuzzing unlocked
Hexagon is the architecture in Qualcomm basebands - they power most of the world's leading smartphones.
Until now, this baseband was out of reach.
We released the first open-source toolchain for system-mode Hexagon fuzzing, presented by Luca Glockow (@luglo), Rachna Shriwas, and Bruno Produit (@bruno) at @WEareTROOPERS
Full post: https://www.srlabs.de/blog-post/hexagon-fuzz-full-system-emulated-fuzzing-of-qualcomm-basebands
How we opened up mobile firmware in 3 steps:
1. Boot real iPhone basebands with a custom QEMU fork
2. Rust-powered fuzzer controls execution via JSON configs
3. Ghidra integration maps coverage across threads
This brings full visibility to Qualcomm’s 4G/5G/GPS stacks.
Reproducible. Extendable. Open source.
Hexagon’s no longer off-limits - mobile security just got a lot more transparent.
🔗 Try it yourself: https://github.com/srlabs/hexagon_fuzz
📚 Docs: https://github.com/srlabs/hexagon_fuzz/blob/main/docs/reverse_engineering.md
🖥️ Slides from Troopers25: https://github.com/srlabs/hexagon_fuzz/blob/main/docs/talk/hexagon_fuzz_troopers2025.pdf
🛠️ Issues, ideas, or contributions? PRs welcome.
I did a thing. while working on native NFC capabilities, i ended up writing a test program which reads all the info from EMV cards (such as Visa/Master/Amex) and dumps it to try and learn the payload.
the info shown in the #GTK interface is fairly basic mostly as demo, but it dumps a lot more to the shell:
https://github.com/FakeShell/nfc-tester
it may be possible to use this for malicious purposes with the right skill set, so please use it responsibly =)
Test stand is pretty roasted. It is going to take some work to get back up and running.
Advocate for Earth citizen privacy IP rights wherever you live, free of and independent of any one Government Regulation or Government Control.