{"product_id":"faultycat","title":"Faulty Cat","description":"\u003cdiv class=\"contentGroup\"\u003e\n\u003cp\u003e\u003cstrong\u003eThe FaultyCat is the \"bump key\" of hardware auditing. \u003c\/strong\u003eIt sends high-energy electro-magnetic pulses into target devices, which can cause them to glitch. often revealing encryption keys, bypassing security checks or resetting protection mechanisms.\u003c\/p\u003e\n\u003cp\u003eWhen starting a hardware audit - the FaultyCat should be the\u003cstrong\u003e first tool you reach for\u003c\/strong\u003e: it can be used to quickly check if the target device is protected, and if not, glitch it to reveal secrets or bypass protection.\u003c\/p\u003e\n\u003cp\u003eBuilt on the foundations on an open-source product (the PicoEMP) - the FaultyCat has extra functionality, but remains economical, easy-to-use and safe. \u003cb\u003eVersion 2.2\u003c\/b\u003e adds extended functionality.\u003c\/p\u003e\n\u003cp\u003eIt's portable and self-contained - it's powered by 3xAA batteries - so you're never caught short.\u003cbr\u003eThe onboard RapsberryPi controller is fully accessible and programmable by the user for custom functionality.\u003c\/p\u003e\n\u003c\/div\u003e\n\u003cdiv class=\"grid\" style=\"margin-top: 2em;\"\u003e\n\u003cdiv class=\"grid-item small--one-whole medium--one-half large--one-half text-left product-image-container\"\u003e\n\u003cimg src=\"https:\/\/cdn.shopify.com\/s\/files\/1\/2175\/8571\/files\/FaultyCat---Feature---2.png?v=1775083081\"\u003e\n\u003cul class=\"markers-list\"\u003e\n\u003cli data-y=\"5\" data-x=\"64\" data-feature-id=\"1\" class=\"feature-marker\"\u003e1\u003c\/li\u003e\n\u003cli data-y=\"30\" data-x=\"34\" data-feature-id=\"2\" class=\"feature-marker\"\u003e2\u003c\/li\u003e\n\u003cli data-y=\"41\" data-x=\"38\" data-feature-id=\"3\" class=\"feature-marker\"\u003e3\u003c\/li\u003e\n\u003cli data-y=\"21\" data-x=\"31\" data-feature-id=\"4\" class=\"feature-marker\"\u003e4\u003c\/li\u003e\n\u003cli data-y=\"14\" data-x=\"28\" data-feature-id=\"5\" class=\"feature-marker\"\u003e5\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\n\u003cdiv class=\"grid-item small--one-whole medium--one-half large--one-half text-left\" style=\"text-align: start;\"\u003e\n\u003cdiv data-feature-id=\"1\" class=\"feature-item\"\u003e\n\u003ch3\u003e1. Direct Voltage glitching\u003c\/h3\u003e\n\u003cp\u003ePrecisely glitch and spike signals such as reset or voltage to manipulate the target system\u003c\/p\u003e\n\u003c\/div\u003e\n\u003cdiv data-feature-id=\"2\" class=\"feature-item\"\u003e\n\u003ch3\u003e2. External Triggers\u003c\/h3\u003e\n\u003cp\u003eTrigger the FaultyCat manually or electronically device via dedicated pins. Use external triggers such as timers or sensors.\u003c\/p\u003e\n\u003c\/div\u003e\n\u003cdiv data-feature-id=\"3\" class=\"feature-item\"\u003e\n\u003ch3\u003e3. Voltage Triggers\u003c\/h3\u003e\n\u003cp\u003eMonitor the target's voltage levels and trigger at glitch at preset voltage levels. Allows for triggering glitches during critical phases, such as device boot.\u003c\/p\u003e\n\u003c\/div\u003e\n\u003cdiv data-feature-id=\"4\" class=\"feature-item\"\u003e\n\u003ch3\u003e4. Analog Input\u003c\/h3\u003e\n\u003cp\u003eMonitor and log analog data from the target; build a knowledge-base of actions and responses to make repeatable operations.\u003c\/p\u003e\n\u003c\/div\u003e\n\u003cdiv data-feature-id=\"5\" class=\"feature-item\"\u003e\n\u003ch3\u003e5. JTAG\/JWD Scanner\u003c\/h3\u003e\n\u003cp\u003eBuilt-in JTAG\/JWD Scanner finds and detects hidden JTAG\/JWD pads to find undocumented debug interfaces.\u003c\/p\u003e\n\u003c\/div\u003e\n\u003c\/div\u003e\n\u003c\/div\u003e\n\u003cdiv class=\"grid\"\u003e\n\u003cdiv class=\"grid-item small--one-whole medium--one-whole large--one-half text-left\"\u003e\n\u003ch2\u003e\u003cstrong\u003eWhat's included\u003c\/strong\u003e\u003c\/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e1x FaultyCat 2.2\u003c\/strong\u003e\u003c\/li\u003e\n\u003cli\u003e1x Inductor Tip\u003c\/li\u003e\n\u003cli\u003e1x USB-C Cable\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\n\u003cdiv class=\"grid-item small--one-whole medium--one-whole large--one-half text-left\"\u003e\n\u003ch2\u003e\u003cstrong\u003eTechnical Resources\u003cbr\u003e\u003c\/strong\u003e\u003c\/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https:\/\/github.com\/ElectronicCats\/faultycat\/wiki\" rel=\"noopener\" target=\"_blank\"\u003eUser Manual \/ Wiki\u003c\/a\u003e\u003c\/li\u003e\n\u003cli\u003e\u003ca href=\"https:\/\/github.com\/ElectronicCats\/faultycat?tab=readme-ov-file\" rel=\"noopener\" target=\"_blank\"\u003eGitHub Repository\u003c\/a\u003e\u003c\/li\u003e\n\u003cli\u003e\u003ca href=\"https:\/\/physicalexploit.com\/docs\/products\/code\/assistant\" rel=\"noopener\" target=\"_blank\"\u003eDoppelgänger Assistant Documentation and Configuration\u003c\/a\u003e\u003c\/li\u003e\n\u003cli\u003e\u003ca href=\"https:\/\/physicalexploit.com\/docs\/products\/code\/flashing_firmware\" rel=\"noopener\" target=\"_blank\"\u003eFirmware \u0026amp; Flashing Documentation\u003c\/a\u003e\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\n\u003c\/div\u003e\n\u003cdiv class=\"contentGroup\"\u003e\n\u003ch2\u003eWhat is hardware hacking?\u003c\/h2\u003e\n\u003cp\u003eHardware Auditing techniques can be grouped into two categories: Side-Channel Attacks (SCA) and Electro-magnetic Fault Injection (EMFI). Which technique you need depends a lot on the target device. If the chip is locked but you've got access to its power, clock and data lines - Side Channel Attacks would be possible and effective.\u003c\/p\u003e\n\u003cp\u003eHowever, if the target is protected: hardened against side-channel attacks, or its power, clock and data lines aren't exposed, or you cannot modify the device: EMFI would be the best candidate.\u003c\/p\u003e\n\u003cp\u003eSide-Channel attacks capture privileged data by using an unprotected or unexpected source. Imagine two people talking in a glass sound-proof room: lip-reading allows us to derive what is being said via the visual prompts - a \"side-channel\" - as opposed to hearing it, the \"protected channel\". In hardware, a common example is extracting encryption keys by monitoring micro-fluctuations in the power-consumption when the processor is calculating them.\u003c\/p\u003e\n\u003cp\u003eSide-Channel attacks are not necessarily passive: side-channel extraction can be induced by glitching the target device: briefly spiking power or manipulating the target's clock line can evoke unexpected behaviour, which leads to leaks. In the contect of the glass room: turning off the lights or tapping on the glass may provoke a different behavior from the people talking - they may reveal different or unexpected information.\u003c\/p\u003e\n\u003cp\u003eElectro-magnetic Fault Injection creates faults in a target system without touching it - by directing high-energy electro-magnetic pulses into the chip. These pulses can cause glitches and unexpected behavior. Timing glitches to match important chip processes can allow you to jump or bypass normal behavior - like password verification.\u003c\/p\u003e\n\u003cp\u003eThere are two approaches to EMFI: using ultra-precise, ultra-sensitive devices (such as the ChipSHOUTER) to create highly accurate, repeatable experiments. The second approach is to use a simple device designed to send large electrical pulses to cause unexpected behavior.\u003c\/p\u003e\n\u003cp\u003eThe FaultyCat wiki has extensive information on EMFI Glitching and what it can achieve - \u003ca href=\"https:\/\/github.com\/ElectronicCats\/faultycat\/wiki\/1.-Understanding-Faulty-Cat#what-is-emfi-and-how-it-works\" rel=\"noopener\" target=\"_blank\"\u003eclick here for more information.\u003c\/a\u003e\u003c\/p\u003e\n\u003ch2\u003eHardware Audit Lifecycle\u003c\/h2\u003e\n\u003cp\u003eKey to understanding hardware auditing is the lifecycle. Typically - the end goal is total device control - dumping firmware, bootloaders, or getting a root shell.\u003c\/p\u003e\n\u003cp\u003eIf your target device has no protection: you can concentrate on firmware extraction.\u003cbr\u003eIf the target is locked, you'll need to unlock it, typically via Side-Channel attacks and tools.\u003cbr\u003eLikewise, if it's protected, you'll need to use EMFI to bypass protection, and then use Side Channel Attacks to unlock the target, before extracting firmware.\u003c\/p\u003e\n\u003cp\u003eThe following table provides a summary of the Hardware Audit Lifecycle.\u003c\/p\u003e\n\u003cdiv class=\"hwaudit\"\u003e\n  \u003cdiv class=\"hwaudit__grid\"\u003e\n\n    \u003c!-- ============ HARDENED ============ --\u003e\n    \u003cdiv class=\"hwaudit__col\"\u003e\n      \u003ch2 class=\"hwaudit__title\"\u003eHardened Devices\u003c\/h2\u003e\n\n      \u003cdiv class=\"hwaudit__tags\"\u003e\n        \u003cdiv class=\"hwaudit__tag-row\"\u003e\n          \u003cspan class=\"hwaudit__pill hwaudit__pill--red\"\u003eRestrictions\u003c\/span\u003e\n          \u003cdiv class=\"hwaudit__tag-items\"\u003e\n            \u003cspan\u003eHardened Protection\u003c\/span\u003e\n            \u003cspan\u003eNo exposed traces\u003c\/span\u003e\n            \u003cspan\u003eCannot modify hardware\u003c\/span\u003e\n          \u003c\/div\u003e\n        \u003c\/div\u003e\n        \u003cdiv class=\"hwaudit__tag-row\"\u003e\n          \u003cspan class=\"hwaudit__pill hwaudit__pill--blue\"\u003eApproach\u003c\/span\u003e\n          \u003cdiv class=\"hwaudit__tag-items hwaudit__tag-items--bold\"\u003e\n            \u003cspan\u003eEMFI\u003c\/span\u003e\n          \u003c\/div\u003e\n        \u003c\/div\u003e\n        \u003cdiv class=\"hwaudit__tag-row\"\u003e\n          \u003cspan class=\"hwaudit__pill hwaudit__pill--blue\"\u003eTools\u003c\/span\u003e\n          \u003cdiv class=\"hwaudit__tag-items\"\u003e\n            \u003cspan\u003eChipShouter\u003c\/span\u003e\n            \u003cspan\u003eFaultyCat\u003c\/span\u003e\n          \u003c\/div\u003e\n        \u003c\/div\u003e\n      \u003c\/div\u003e\n\n      \u003cdiv class=\"hwaudit__chip\"\u003e\n        \u003cimg src=\"https:\/\/cdn.shopify.com\/s\/files\/1\/2175\/8571\/files\/Chip-Protected.png?v=1775740137\" alt=\"Hardened chip\"\u003e\n      \u003c\/div\u003e\n\n      \u003cdiv class=\"hwaudit__bottom\"\u003e\n        \u003cspan class=\"hwaudit__pill hwaudit__pill--purple\"\u003eTechniques\u003c\/span\u003e\n\n        \u003cdiv class=\"hwaudit__card\"\u003e\n          \u003cdiv class=\"hwaudit__card-icon\"\u003e\u003cimg src=\"https:\/\/cdn.shopify.com\/s\/files\/1\/2175\/8571\/files\/EMFI-4.png?v=1775740137\" alt=\"\"\u003e\u003c\/div\u003e\n          \u003cdiv class=\"hwaudit__card-text\"\u003e\n            \u003cstrong\u003eFault Injection\u003c\/strong\u003e\n            \u003cspan\u003eNon-invasive, non-destructive\u003c\/span\u003e\n          \u003c\/div\u003e\n        \u003c\/div\u003e\n        \u003cdiv class=\"hwaudit__card\"\u003e\n          \u003cdiv class=\"hwaudit__card-icon\"\u003e\u003cimg src=\"https:\/\/cdn.shopify.com\/s\/files\/1\/2175\/8571\/files\/EMFI-3.png?v=1775740137\" alt=\"\"\u003e\u003c\/div\u003e\n          \u003cdiv class=\"hwaudit__card-text\"\u003e\n            \u003cstrong\u003eBit flips, register corruption\u003c\/strong\u003e\n            \u003cspan\u003eForced unexpected conditions\u003c\/span\u003e\n          \u003c\/div\u003e\n        \u003c\/div\u003e\n        \u003cdiv class=\"hwaudit__card\"\u003e\n          \u003cdiv class=\"hwaudit__card-icon\"\u003e\u003cimg src=\"https:\/\/cdn.shopify.com\/s\/files\/1\/2175\/8571\/files\/EMFI-2.png?v=1775740137\" alt=\"\"\u003e\u003c\/div\u003e\n          \u003cdiv class=\"hwaudit__card-text\"\u003e\n            \u003cstrong\u003eRoutine \u0026amp; Instruction Skips\u003c\/strong\u003e\n            \u003cspan\u003eGlitch into unauthorised code\u003c\/span\u003e\n          \u003c\/div\u003e\n        \u003c\/div\u003e\n      \u003c\/div\u003e\n    \u003c\/div\u003e\n\n    \u003c!-- ============ PROTECTED ============ --\u003e\n    \u003cdiv class=\"hwaudit__col\"\u003e\n      \u003ch2 class=\"hwaudit__title\"\u003eProtected Devices\u003c\/h2\u003e\n\n      \u003cdiv class=\"hwaudit__tags\"\u003e\n        \u003cdiv class=\"hwaudit__tag-row\"\u003e\n          \u003cspan class=\"hwaudit__pill hwaudit__pill--red\"\u003eRestrictions\u003c\/span\u003e\n          \u003cdiv class=\"hwaudit__tag-items\"\u003e\n            \u003cspan\u003eNo open interfaces\u003c\/span\u003e\n            \u003cspan\u003eFirmware protection\u003c\/span\u003e\n          \u003c\/div\u003e\n        \u003c\/div\u003e\n        \u003cdiv class=\"hwaudit__tag-row\"\u003e\n          \u003cspan class=\"hwaudit__pill hwaudit__pill--green\"\u003eWeaknesses\u003c\/span\u003e\n          \u003cdiv class=\"hwaudit__tag-items\"\u003e\n            \u003cspan\u003eExposed power rails\u003c\/span\u003e\n            \u003cspan\u003eExposed clock rails\u003c\/span\u003e\n          \u003c\/div\u003e\n        \u003c\/div\u003e\n        \u003cdiv class=\"hwaudit__tag-row\"\u003e\n          \u003cspan class=\"hwaudit__pill hwaudit__pill--blue\"\u003eApproach\u003c\/span\u003e\n          \u003cdiv class=\"hwaudit__tag-items hwaudit__tag-items--bold\"\u003e\n            \u003cspan\u003eSide Channel Techniques\u003c\/span\u003e\n          \u003c\/div\u003e\n        \u003c\/div\u003e\n        \u003cdiv class=\"hwaudit__tag-row\"\u003e\n          \u003cspan class=\"hwaudit__pill hwaudit__pill--blue\"\u003eTools\u003c\/span\u003e\n          \u003cdiv class=\"hwaudit__tag-items\"\u003e\n            \u003cspan\u003eChipWhisperer HuskyPlus\u003c\/span\u003e\n          \u003c\/div\u003e\n        \u003c\/div\u003e\n      \u003c\/div\u003e\n\n      \u003cdiv class=\"hwaudit__chip\"\u003e\n        \u003cimg src=\"https:\/\/cdn.shopify.com\/s\/files\/1\/2175\/8571\/files\/Chip-Locked.png?v=1775740137\" alt=\"Protected chip\"\u003e\n      \u003c\/div\u003e\n\n      \u003cdiv class=\"hwaudit__bottom\"\u003e\n        \u003cspan class=\"hwaudit__pill hwaudit__pill--purple\"\u003eTechniques\u003c\/span\u003e\n\n        \u003cdiv class=\"hwaudit__card\"\u003e\n          \u003cdiv class=\"hwaudit__card-icon\"\u003e\u003cimg src=\"https:\/\/cdn.shopify.com\/s\/files\/1\/2175\/8571\/files\/Glitch-Power-Analysis.png?v=1775740137\" alt=\"\"\u003e\u003c\/div\u003e\n          \u003cdiv class=\"hwaudit__card-text\"\u003e\n            \u003cstrong\u003ePower Analysis\u003c\/strong\u003e\n            \u003cspan\u003eFor key + secrets extraction\u003c\/span\u003e\n          \u003c\/div\u003e\n        \u003c\/div\u003e\n        \u003cdiv class=\"hwaudit__card\"\u003e\n          \u003cdiv class=\"hwaudit__card-icon\"\u003e\u003cimg src=\"https:\/\/cdn.shopify.com\/s\/files\/1\/2175\/8571\/files\/Glitch-Power.png?v=1775740137\" alt=\"\"\u003e\u003c\/div\u003e\n          \u003cdiv class=\"hwaudit__card-text\"\u003e\n            \u003cstrong\u003ePower Glitching\u003c\/strong\u003e\n            \u003cspan\u003eBypass protection routines\u003c\/span\u003e\n          \u003c\/div\u003e\n        \u003c\/div\u003e\n        \u003cdiv class=\"hwaudit__card\"\u003e\n          \u003cdiv class=\"hwaudit__card-icon\"\u003e\u003cimg src=\"https:\/\/cdn.shopify.com\/s\/files\/1\/2175\/8571\/files\/Glitch-Clock.png?v=1775740137\" alt=\"\"\u003e\u003c\/div\u003e\n          \u003cdiv class=\"hwaudit__card-text\"\u003e\n            \u003cstrong\u003eClock Glitching\u003c\/strong\u003e\n            \u003cspan\u003eBypass protection routines\u003c\/span\u003e\n          \u003c\/div\u003e\n        \u003c\/div\u003e\n      \u003c\/div\u003e\n    \u003c\/div\u003e\n\n    \u003c!-- ============ UNPROTECTED ============ --\u003e\n    \u003cdiv class=\"hwaudit__col\"\u003e\n      \u003ch2 class=\"hwaudit__title\"\u003eUnprotected Devices\u003c\/h2\u003e\n\n      \u003cdiv class=\"hwaudit__tags\"\u003e\n        \u003cdiv class=\"hwaudit__tag-row\"\u003e\n          \u003cspan class=\"hwaudit__pill hwaudit__pill--red\"\u003eRestrictions\u003c\/span\u003e\n          \u003cdiv class=\"hwaudit__tag-items\"\u003e\n            \u003cspan\u003eUnlabeled interfaces\u003c\/span\u003e\n            \u003cspan\u003eUndocumented chip\u003c\/span\u003e\n          \u003c\/div\u003e\n        \u003c\/div\u003e\n        \u003cdiv class=\"hwaudit__tag-row\"\u003e\n          \u003cspan class=\"hwaudit__pill hwaudit__pill--green\"\u003eWeaknesses\u003c\/span\u003e\n          \u003cdiv class=\"hwaudit__tag-items\"\u003e\n            \u003cspan\u003eSecurity through obscurity\u003c\/span\u003e\n          \u003c\/div\u003e\n        \u003c\/div\u003e\n        \u003cdiv class=\"hwaudit__tag-row\"\u003e\n          \u003cspan class=\"hwaudit__pill hwaudit__pill--blue\"\u003eApproach\u003c\/span\u003e\n          \u003cdiv class=\"hwaudit__tag-items hwaudit__tag-items--bold\"\u003e\n            \u003cspan\u003ePin Enumeration\u003c\/span\u003e\u003cbr\u003e\n\t    \u003cspan\u003eFirmware Extraction\u003c\/span\u003e\n          \u003c\/div\u003e\n        \u003c\/div\u003e\n        \u003cdiv class=\"hwaudit__tag-row\"\u003e\n          \u003cspan class=\"hwaudit__pill hwaudit__pill--blue\"\u003eTools\u003c\/span\u003e\n          \u003cdiv class=\"hwaudit__tag-items\"\u003e\n            \u003cspan\u003eWHIDBoard\u003c\/span\u003e\n            \u003cspan\u003eMACOBox\u003c\/span\u003e\n            \u003cspan\u003eBusPirate\u003c\/span\u003e\n          \u003c\/div\u003e\n        \u003c\/div\u003e\n      \u003c\/div\u003e\n\n      \u003cdiv class=\"hwaudit__chip\"\u003e\n        \u003cimg src=\"https:\/\/cdn.shopify.com\/s\/files\/1\/2175\/8571\/files\/Chip-Unprotected.png?v=1775740137\" alt=\"Unprotected chip\"\u003e\n      \u003c\/div\u003e\n\n      \u003cdiv class=\"hwaudit__bottom\"\u003e\n        \u003cspan class=\"hwaudit__pill hwaudit__pill--purple\"\u003eTechniques\u003c\/span\u003e\n\n        \u003cdiv class=\"hwaudit__card\"\u003e\n          \u003cdiv class=\"hwaudit__card-icon\"\u003e\u003cimg src=\"https:\/\/cdn.shopify.com\/s\/files\/1\/2175\/8571\/files\/HW-Pin-Enumeration.png?v=1775740137\" alt=\"\"\u003e\u003c\/div\u003e\n          \u003cdiv class=\"hwaudit__card-text\"\u003e\n            \u003cstrong\u003ePin Enumeration\u003c\/strong\u003e\n            \u003cspan\u003eAutomatically detect lines\u003c\/span\u003e\n          \u003c\/div\u003e\n        \u003c\/div\u003e\n        \u003cdiv class=\"hwaudit__card\"\u003e\n          \u003cdiv class=\"hwaudit__card-icon\"\u003e\u003cimg src=\"https:\/\/cdn.shopify.com\/s\/files\/1\/2175\/8571\/files\/HW-Logic.png?v=1775740137\" alt=\"\"\u003e\u003c\/div\u003e\n          \u003cdiv class=\"hwaudit__card-text\"\u003e\n            \u003cstrong\u003eLogic Analyser\u003c\/strong\u003e\n            \u003cspan\u003eConvert captures to data\u003c\/span\u003e\n          \u003c\/div\u003e\n        \u003c\/div\u003e\n\n        \u003cdiv class=\"hwaudit__card\"\u003e\n          \u003cdiv class=\"hwaudit__card-icon\"\u003e\u003cimg src=\"https:\/\/cdn.shopify.com\/s\/files\/1\/2175\/8571\/files\/HW-Multi-Interface.png?v=1775740137\" alt=\"\"\u003e\u003c\/div\u003e\n          \u003cdiv class=\"hwaudit__card-text\"\u003e\n            \u003cstrong\u003eMulti Protocol Support\u003c\/strong\u003e\n            \u003cspan\u003eConnect with any interface\u003c\/span\u003e\n          \u003c\/div\u003e\n        \u003c\/div\u003e\n        \u003cdiv class=\"hwaudit__card\"\u003e\n          \u003cdiv class=\"hwaudit__card-icon\"\u003e\u003cimg src=\"https:\/\/cdn.shopify.com\/s\/files\/1\/2175\/8571\/files\/HW-BaudDetection.png?v=1775740137\" alt=\"\"\u003e\u003c\/div\u003e\n          \u003cdiv class=\"hwaudit__card-text\"\u003e\n            \u003cstrong\u003eAuto Speed Detection\u003c\/strong\u003e\n            \u003cspan\u003eAutomatically detect speeds\u003c\/span\u003e\n          \u003c\/div\u003e\n        \u003c\/div\u003e\n\n      \u003c\/div\u003e\n    \u003c\/div\u003e\n\n  \u003c\/div\u003e\n\u003c\/div\u003e\n\u003ch3\u003eCase Study: Hacking an automotive ECU\u003c\/h3\u003e\n\u003cp\u003eIn depth, hands-on presentation using FaultyCat-type product to glitch secrets from an automotive controller circuit.\u003c\/p\u003e\n  \u003cfigure style=\"margin-top: 1em;\"\u003e\n   \u003cvideo lite-youtube=\"\" videoid=\"0tkdst3JE0g\" posterquality=\"maxresdefault\" params=\"rel=0\"\u003e\n           \u003cimg slot=\"image\" src=\"https:\/\/cdn.shopify.com\/s\/files\/1\/2175\/8571\/files\/YT-Thumb.png?v=1775081615\"\u003e\n   \u003c\/video\u003e\n\u003c\/figure\u003e\n\u003c\/div\u003e","brand":"Lab401","offers":[{"title":"Default Title","offer_id":52451564519771,"sku":"EC-FAULTYCAT","price":165.0,"currency_code":"EUR","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/2175\/8571\/files\/FaultyCat---Top.png?v=1775066561","url":"https:\/\/lab401.com\/en-es\/products\/faultycat","provider":"Lab401","version":"1.0","type":"link"}