2026-07-01 –, Room LW112
Join us for this hands-on demo of Unblob, the flexible firmware extractor. In this session, we will extract firmware from an EV charger, dig into the firmware, and eventually emulate it so we can interact with the services in real-time. Unblob works on both hardware and downloadable versions of firmware so we have a target rich environment.
Pre-requisites:
- Familiarity with command-line tools.
- Laptop
No prior experience needed, this session is appropriate for all skillsets.
By the end of the workshop, participants will have gained practical experience in extraction, reverse engineering, and emulation of embedded firmware. They will be equipped with the skills to understand and analyze firmware structure, write custom unblob handlers and extractors, and use full-system emulation for security research.
Workshop Duration: 2 hours
Quentin Kaiser is a former penetration tester turned binary analysis nerd. He is currently the Lead Security Researcher at ONEKEY, where he focuses on binary exploitation of embedded devices and large-scale bug-finding automation across firmware corpora.
As part of his work, he maintains the firmware extraction tool unblob among other open-source tools such as jefferson, ubi-reader, or sasquatch.
He has published extensive research on offensive security for eCOS and maintains https://ecos.wtf
, a resource hub dedicated to eCOS exploitation. He also (infrequently) updates his blog at https://quentinkaiser.be.