Skip to content

This repository contains the tools we used in our research on the Google Titan M chip

License

Notifications You must be signed in to change notification settings

quarkslab/titanm

Repository files navigation

Titan M tools

In this repository, we publish the tools we used in our research on the Google Titan M chip.

We presented our results at Black Hat EU 21 and at the ROOTS workshop within DeepSec.

  • citadelimgloader: the Ghidra loader for Titan M firmware files
  • nugget_toolkit: the set of tools to trace messages and communicate with the chip (including an exploit for a known vulnerability and a fuzzer)
  • bin2rec: a set of scripts used to convert firmware files into rec files that can be used with the SPI rescue feature
  • BHEU_2021: the materials of our presentation at BlackHat Europe 2021 (the slides and the white paper)
  • BHUSA_2022: the materials of our presentation at BlackHat USA 2022

NOTE

This project uses submodules. So after cloning the repository, do not forget to run:

$ git submodule update --init --recursive