1. Writing a Simple ESP8266-Based Sniffer

    In this series of blogposts we will cover advanced, security focused, aspects of the ESP8266 /ESP32 SoCs such as sniffing and injecting 802.11 and bluetooth packets, building proof-of-concept network …Read More

  2. Why Do I Write Vulnerable Code?

    You're a software engineer or architect. Imagine a security audit successfully exploited holes in the security of your system. Or worse, imagine the product was the victim of a data breach and receive…Read More

  3. Digital Security Strategy: Part 1

    At Carve we are fortunate to have clients that span across many industries, company sizes, and technology maturity levels. This series of blog posts will discuss an increasingly common theme across ou…Read More

  4. JWT, OAuth, and Algorithm Choices

    Implementing systems that securely authenticate users and authorize their activities within applications can involve multiple interactions that cross trust boundaries. When applications are written in…Read More

  5. Meltdown and Spectre. Oh My!

    Introduction Meltdown and Spectre. Oh My! There have been a lot of new terms floating around the internet these last few days: Meltdown, Spectre, etc... What does it all mean? In this post, I will exp…Read More

  6. Android 7 Cellular MiTM

    Performing security assessments of complex systems sometimes requires some technical gymnastics to "man-in-the-middle" (MITM) communications between components. MITM techniques are essential for obser…Read More