showing a lot of, well, not just Amazon, but various places that you can buy this stuff that'll give you an idea. Of course, if you shop around, you'll be able to get some of this stuff cheaper. So let's go ahead and talk about what our agenda is today. So we've broken this up into a number of categories. Disassembly and assembly of hardware tools

for taking things apart. Soldering, desoldering equipment. A magnification, which may come in handy. If you have that perfect eyesight, more power to you. But for some of us that may not have great eyesight or are getting a little older, magnification plays a big role into how we can actually see things

and do soldering at surface mount level type technology. We're gonna be looking at monitoring devices and technology, debugging tools. And then I'm gonna cover probably one of the most important ones. It's the odds and ends, the pieces and the parts that make your life way much easier in a lab.

And often the pieces and parts build within your lab as you kind of work through the various aspects of testing things. You go, hey, if I bought this little item here, this header, this plug, this switch, it would make my life easier. So you start building up a good assemble of those types of techs. And we're gonna be talking about those at the end also,

which I think is very important. But let's go ahead and jump out over to a screen and let's go ahead and get a camera going in here and see how this works. Oh, that's kind of interesting. I control, there we go. That's much better.

So let me get out of the way of the camera so you all can see me. So again, this is kind of my lab and we wanted to start off with looking at tools to take things apart. To start with a screwdriver set. These things are critical and I would recommend,

I had a previous screwdriver set. If I can get it apart, that did not have a box for it. And one of the things I found out is they're literally laying all over the place. Cause I never had one good place to put them or they ended up in a bag somewhere and I'll disjoint it. So get something, you can pop them in and out

and it holds them real well. This has straight slots, Phillips. The other thing you wanna consider is star tips. There's a number of small IOT devices when you go to take them apart. We'll have the star pattern tips. So you wanna take that into consideration as a big component when you're doing this.

And then you can get some other small toolkits. This is one I had sitting in my thing over here and I didn't even know I had it. So it's a good breakout with some basic sockets, needle nose, some of these different heads, stars, Phillips, straight slots, a little bigger size

than the small ones that may come in handy. And then also when you start thinking about it, kind of wrenches and different things like this, a set of cutters is always good. So you wanna have a good assortment of these. And every once in a while, I have a tendency to lose these things. So I ended up buying more sets of them over time.

Also something to consider is a pair of good cutters. Now I've had wire cutters before, small ones like this, but I like these because the tips are way much thicker. These things are actually great and they come in handy for not only cutting wire,

but here's an example of a bracelet type thing, a tracker that was hermetically sealed. This came in really handy for cutting through some of the plastic, very durable. I've used this for removing shielding that are over components where I need to get access to shielding.

So having something that can cut through metal and plastic and durable and the tip on this doesn't ship up. So having something like that is pretty critical. The other thing you wanna consider is spudges. So what's a spudge? So this one I managed to lose half the stuff that's in it, but this one has little fiberglass spudges in it.

And these are pry tools that you can use for prying things open. These are all fiberglass. Several of them are kind of mangled because they've been beat up pretty heavy. I also have some small metal thin spudges in here and some ones that look like kind of the tip guitar picks.

Those come in handy for popping up in plastic cases. And I also bought a kit and this one's been really handy that is basically metal ones. So you have to be careful with these cause they can seriously hurt you if you're not careful or do some damage to the equipment. But these come in really handy for opening certain cases,

removing certain plugs or connectors or things like that. So having a good set of spudges is pretty good. Most of these are fairly inexpensive, eight, nine, $10. You can often get a set of these. I've seen some much bigger, nicer sets that run in the 20, $30 range,

but always good to have a set of these. It'll make it very important when you're actually opening stuff up. Now the ultimate tool, what happens when you end up with a case where you can't easily clip it open, you can't easily spudge it open. There's no screws in it.

It is like a stick. I've had cases that were actually eighth inch to three eighths inch thick casing that were waterproof. What do you do? So in those cases, what I like to do is a good old fashioned Dremel tool. Now you can get these in various prices.

This one's probably the last one I got, which is reasonably new. My last one was cheaper. I think I'd paid like $35 for like a decade ago. I finally burnt it up and had to go out and buy another one. And since I obviously make more money now, I would have had and bought a better Dremel tool. So if you were actually at the RSA event,

when we were working in the IOT village, we had a lot of light bulb type tech that we were playing with. And this is what I use to cut those good old fashioned light bulbs apart that contained the IOT based technology in those. So that's kind of the general hardware type stuff.

The next thing we want to get to, this is the price list that we want to get to before we jump into some other area or start asking questions, I want to talk about some of the soldering type tools or equipment. So there's a number of solutions you can do from a soldering perspective.

You can buy soldering irons in all kinds of different prices. Years ago, I used to have like three or four soldering irons. So they were all fixed heat levels or fixed wattage. I think I had one, it was 25. I had one, it was 45. I had one, it was like 75.

And I think I had one with clear up to a hundred. Those worked for me back then, but as technology advanced, you start getting in surface mount devices, it becomes inherently more difficult to use those. They're a little more cumbersome. So I always recommend actually picking one up that is kind of variable heat. So you can change the heat on it.

And if I don't smash everything in this lab, in the process, this is one you often will see a lot of people have. And I've used this as a HAKO. And I've used this one for several years, like two or three years. It's variable heat. It worked for most point,

and you can get a lot of tips for it. But as I got more advanced and more into more detailed type work, my biggest problem with this was heat recovery. So when I went with really fine tips and I was soldering on something that was a ground,

the problem I had was this device could not keep the heat level up and it would make things harder. And so when you can't keep the heat, the heat recovery is terrible or not really good on a device. It causes you to spend more time on the device, more time on the chip, more time on the leg, and it leads to damage of the components.

You can easily end up pulling leads and stuff like that. So to keep the actual time on device down, I actually cranked the heat of this thing all the way up high as it would go. And that made it possible for me to work really quick. That kind of works for me. Other people will do other things when they're dealing with this.

But then I finally decided I wanted to move on. And I think these are right around a hundred bucks. Great product, in my opinion, for an entry-level starter. And it works pretty good. Now there are other vendors that produce soldering equipment. And one of the ones I went with, see if I can move some stuff out of the way here,

I went with a Weller. So the Weller unit, hopefully you can see it as setting back here. I think this is a WX01 or WX02. It actually has two soldering irons on it. When I purchased it, it came with a single soldering iron. This does, I think, want to say 65, 75 watts,

somewhere around there. It's pretty good, works great. This thing's capable of pushing out 150 watts of power. So you can run two irons. I turned around and actually purchased a micro-iron. So you can see this tip is really fine on the, probably can't even see it on the tip of my finger.

It's pretty small. This is actually brilliant, works really good. The difference is this is a very expensive unit. I think the retail on this was like $1,200. You can get it on sale and shop around. You can probably get it down around 800 or less. So that's kind of where we want to think

about soldering gear. You want to be able to have some good soldering gear that'll actually do what you want to do. You want to be able to deal with surface mount devices, small components, large components, need good heat recovery. Good starter unit is the HECO. You can also get smaller range wellers

that'll work pretty good. So I would shop around and ask other people that have different equipment what they use. You'll find out a lot of people use the HECO, but you'll find a lot of people are fans of Weller or some of the other products.

So I definitely encourage you when you get ready to go out there, if that works for you, HECO works for you, get it and use it. I used it for like two and a half years and I loved it, had no problems other than the heat recovery issue. So where do we go from there? So the next area I want to talk about, now let's go ahead and start off

with asking some questions. So Jonathan, are there any questions out there? Yes, so it looks like right off the bat here, we've been talking a lot about like sharp tools and hot ends on the solder iron, things like that.

One question that came up was what kind of safety equipment do you keep on hand with your lab? And do they include things such as maybe like goggles, first aid kit, fire extinguisher? So I don't have a first aid kit. Well, I do have a first aid kit, it's my wife's. She knows how to use 911.

Hopefully she won't have to do that. But for safety equipment, there's some other things to think about. Obviously when you're soldering, you don't want to have breathe all of the nasty smoke. That's a health and safety issue. So I would recommend a fan. So here's actually a fan that you can purchase that happens to be on a articulated arm.

So this works pretty good. The other thing I have in my actual lab, it's not within the picture range, but let me see if I can pull it off here, is a good old fashioned fire extinguisher. So, and I also have safety goggles

and safety gear associated with that. So I would definitely recommend that if you set up a lab where you're going to be using hot equipment and sharp equipment or whatever the case may be, you want to be able to put out any fires that may actually show up. Luckily, I've never had to actually

use this fire extinguisher. And speaking on that same thing, it comes in handy when you start thinking about soldering the gear. This particular soldering gear here, if you go away from it, after a period of time, it shuts off, which is nice. The HECO does not. So are there any other questions

or you want to move on from here? Let me see here, taking a look at the list. I think we're okay to move on. Okay, good. So let's go ahead and jump into the next thing. And that is kind of magnification. So what kind of gear is available for actually magnifying or looking at things?

I have a number of things that I use. One of them happens to be these goggles. So they have adjustable eyepieces on them. You can turn a light on. This is good for close up looking. So you have to hold the item up close. So you can't really do any soldering with that, but that comes in handy for quick examination of devices.

One of the other things I have in here, I haven't used it in a while, but I used to use it quite a bit. And that is a pin camera. This is a USB pin camera that I can shine into things. It goes into smaller places, works pretty good. I also have actually a borescope, an endoscope

that can actually be put through small holes and you can actually see stuff. That one's kind of packed away right now. The other equipment that I have is, you may have seen this if you've been to the IOT village where Rapid7 is working. This is a device that comes in pretty handy.

Small bench camera with a screen. You can actually magnify it, has variable settings on it. You can focus it. You can also hook a USB up to it and feed it into a TV. In this particular case, I went ahead and actually covered this with rubber.

The purpose of the rubber in this case is to protect it. So I could actually put energized equipment on here and look at it also. So some of the other equipment I have is, this is another USB microscope and there's so many on the market.

Which one's better than another one? Gosh, you know, that one's kind of a hard one. You can spend anywhere from 20 or 30 bucks up to three or $400 for one of these. I've seen these that would go clear to 5,000 X, which was absolutely amazing. You could actually see the runs on a silicon chip with it.

So it was kind of amazing. But that's again, a very high end. So, but when we get into something bigger, something you want to solder under. This is the more expensive solution right here, which is a microscope.

This is a great microscope that I have. This one does everything from 3X, I believe all the way up to 90X. Has the ability to mount a camera on it. It's variable focal length. And you can actually slide it in and out, which makes it really handy for this type of work

for magnification. And I do a lot of surface mount device work underneath this. I've used this for re-balling BGAs and stuff like that. But this is an expensive unit and they vary in price based on whether you go up to the higher caliber. This, like I said, this is 90X. It's about a $600 unit.

But if we kind of move away from that and go, what can somebody who's entry level or right above entry level, looking for a good scope. Here's one I use for a number of years and I loved it. So this here is also an amp scope. This one will do a 10 to 20X power.

It is a fixed focal length. This device costs about $185. It is a brilliant piece of equipment. I have several of these that I use in various training that I've done in the past. And I would recommend if you're looking for a scope and you don't have the big money, look at something like that, look at amp scopes

and look at what they have to offer from a price point. And I think this model here was 185 and it worked like a champ. Again, I used it for a number of years, but then I kind of got greedy and wanted something that was like super ass cool. So I went ahead and bought this for work in my lab.

So what else can we dig into here? I think some of the most important thing we want to talk about in the area of soldering is to look at some of the other components that you may need for action soldering. And when you get into soldering, it's kind of critical. You want to be able to, you want to have typical solder.

So let's go ahead and switch out the screen so we can actually dig into some of this stuff a little closer, then we'll pop back to the other screen because we can actually show this stuff a little better here.

So here from the solder standpoint, there's a number of different brands out there. This particular brand sticks one half to another, but I would get the small stuff. This one here happens to be the 0.3 millimeters. I use lead solder. I hate lead-free solder. Some people may like it.

I think it's horrible to work with. So I think this works much better in every case that I've ever worked with. And you also want to get solder wick. Solder wick comes in really handy for removing and cleaning solder off the board. But when you're thinking about actually removing solder

and you want to dig in and remove surface mount devices, the ultimate solution for removing surface mount devices, in my opinion, easily, is this product right here. If you have not used this Chip Quick

surface mount dungarees removal kit, you're missing out. This will make life much easier. It comes with a flux. So you put the flux on it and then it comes with this, looks like solder. This is not solder. It's way more brittle. It's a low temperature metal. And what it'll do is it'll absorb the solder

and it'll keep the temperature down low. So let's say you're actually trying to move a T-SOP 48, which is a 48 pin typical in memory chip that is soldered down with 48 pins. It's kind of hard to keep 48 pins melted.

But with this stuff, once you put it on there, you can easily spread it across each one of the leads, gump it on there pretty good, and it'll stay melted and you can lift the chip completely off the device. It's a true lifesaver. So let's kind of move on. Are there any questions?

Do we have any questions from the audience? Jonathan, any questions from the audience? Looks like the question list is empty here. One quick thing that did come up. You mentioned earlier you're gonna provide a parts list,

but one high level question. Most of the parts that you've just mentioned now, such as like the Chip Quick and solder, you generally purchase that going through maybe like SparkFun or maybe through Amazon. Again, knowing that you're gonna provide the parts list, just a high level question. Yeah, typically when I buy this stuff,

I'll be honest with you, everyone, I'm kind of lazy. I'm an Amazon kind of guy. I can usually turn stuff around and a lot of times Amazon has stuff available quicker. So if Amazon has it available within 24 hours to 48 hours, I'm gonna pay that little extra and have that sent to me quickly. But yet, you can go off and buy this stuff

from a number of vendors, a number of organizations that sell these type of products, hacker groups, hacker organizations, technology organizations, AliExpress. For a lot of the stuff you're gonna see today,

you can easily just order it and have it straight shipped from China. But again, I have a tendency to be a little lazy and when I want it, I like want it now. I don't wanna wait a week for it because if I think I need it, I need it now. And that's usually how I go with Amazon. So you'll see a lot of the blinks on here

going off to Amazon or Weller or some of the other places for equipment manufacturers and buying it that way. Okay, so let's kind of move on here. So the next area we wanna look at is monitoring equipment. So when we start thinking about monitoring equipment,

how do we gain access to circuit boards and how do we start looking at data? One of the first things is kind of that USB to serial component. And I think a lot of people online are probably familiar with these. These are reasonably inexpensive, it's a bus pirate. And this will give you that level of access

to be able to look at, start looking at devices. One of the other things, I'm not a big fan of this. I have a tendency to like using this in a different way. There's other software you can actually install on these and actually turn these into debuggers for Atmel chips.

So if you need to debug or read data off an Atmel chip, you can easily take these and put, I think it's SDK 500 V2 software on it. I think we demoed this last year at the IT village was hands-on exercises that actually did that.

We're using reprogrammed bus pirates. So that's pretty good. The other thing, and I'm a fan of this, I have a whole box of these sitting around here. And it's the Shikra. The Shikra has a lot of capabilities and here's kind of the little data sheet that comes with it. So we have the UART, we have JTAG

and you can use OpenOCD that, and you can use SPI for actually reading memory off chips. And this device comes in really handy. I typically use this for UART. And like I said, I actually love this device quite a bit.

And then there's other things you can do. There's other FTDI devices that can be used. Here's just a couple I have in my lab that I purchased for other purposes and reasons. And then there's another one I have. This one I bought not too long ago. I guess it's probably about three or four months ago.

And this one actually has four UARTs built into it. So it is a USB. It has four UARTs and you can switch them between three volts and five volts. So you can either hook them up here or hook them up into the actual plug jacks. This is nice. You plug it in and four UART functions show up.

This makes it much more easier for hooking into multiple connection points on an actual device for doing UART testing or analysis. People have seen the work that I did on the inner chip communication. I like to use one of these. It works out pretty good for capturing multiple UARTs

for analysis as data, as it flows through a system. And also let's go ahead and move on to logic analyzers. So I wanna point out that Jonathan is actually gonna be speaking tomorrow evening. Is it tomorrow evening or tomorrow morning, Jonathan?

Yep, tomorrow evening. And he's gonna do a talk on using logic analyzers. So there's a lot of different logic analyzers you can buy. I think Jonathan has one of these. He's actually gonna show. He has another one. These are cheap. This is like 12 bucks.

It does like 24, 24, 25 megahertz. Another one that I have, this one is a Sele. This is their four channel one. It's no longer being manufactured but Sele had a whole stinking warehouse full of them. And they're selling these.

These are more pricey, they're a hundred bucks but it's a Sele, this is a high quality. Now what I use is I do have a Sele. I have the eight channel. The eight channel, I think this is like $600. This is the, I think it's a hundred megahertz eight channel.

This one's the actual pro. Works great for everything I'm doing in the lab. And if you're not doing it for a job and you're just a hacker or whatever in your education and your learning you can actually get an edu kind of version of this which will save you a significant amount of money

when it comes to logic analyzers. So also some of the things you may wanna consider earlier you may have seen the O scope and that was in the back of my room. I have an O scope. I use it sometimes for basically a signal chasing

but other than that, I don't use it that much for most of the tech that I have. But when you want one, it's nice to have one and they come into a number of price ranges. Anything from typical ones you can run off your desktop or laptop with a small plugin board

all the way to a high end digital built-in logic analysis type of stuff in the thousands of dollars. The one I have was a Textronics. I'm a big fan of Textronics since I came from the military and I think mine was like five or $600 and I believe it was a 50 megahertz box

and it works pretty good. So moving from there, another area as a hacker that you wanna get into is often the RF stuff. You wanna start digging into RF. So one of the big RF areas is often Bluetooth low energy. So these are the go-to Bluetooth dongles.

These are CSR 8510s. These are the ones that'll work with pretty much any of the Bluetooth developed software out there. They have the right chip sets in them but these will only go up to, I believe 4.2 version. I don't think they'll support five.

I don't think I have anything here actually it supports five right now. It's something I need to add to my lab myself. So that's one of them. Another thing is the Nordic. The Nordic makes a dongle that you can use with NRF connect their desktop product. And this happens to be it.

I think I paid 25 or $35 for this. So I would recommend having one of these for Bluetooth. This has a lot of cool capabilities and there's a number of development boards and testing boards that are available out there that give you the ability to take what you're doing with Bluetooth to almost any level you want.

Another device I have that actually like, it's pretty good. This is a Hulong. This is about $100 I think it was. This device I've had it for a couple of years. So hopefully they'll come out with a newer version at sports five.

But this gives you the ability to and it has to be run on a Windows box. Gives you the ability to capture Bluetooth. So it'll actually see the announcements coming out on Bluetooth and it'll actually let you pick one of the devices out of the list of Bluetooth low energy devices. And as soon as it, and once you pick it out

it'll start to output all that stuff to Wireshark directly. And then once it'll actually capture the pairing process and the entire authenticated process. Basically, I don't want to say man in the middle but capturing all of the data and outputting it correctly to Wireshark for analysis.

So it's one of the best ones out there. NRF, there used to be a NRF sniffer. I think it was sniffer that was available that would run on a desktop. This thing's like way better. This actually has all three BLE channels.

So it picks up all the data. It doesn't miss that much data. So it makes it a lot much better. So would recommend that. And of course, if you get into some other stuff having the Uber Tooth one is probably good. I haven't used this in a while. I heard people complaining that it's really updates on the software or follow-up work

on the software arena hasn't been done. Which is kind of sad because I think it was a very brilliant capable tool but hopefully they'll continue supporting that. And we'll see some new capabilities come out in reference to that. Moving from that, typically I don't have a ton of things. I think here we have a yardstick

which is under the gigahertz range capturing. And then of course, and I know I have land around here. Somewhere, which I have no idea where it's laying at. I'm like terrible in my lab, but I have a, oh, there it is. I have a hacker RF that may come in handy

for some people that are really want to do the work dealing with RF communication. So I'd recommend buying what you can afford, you know finding an area that fascinates you on the hardware hacking area

and to spend as much in that area that you can afford for the best tools. I would recommend shopping around. Some of these tools here may have newer versions. There may be better release products out there. This is constantly a changing field. What I bought a few years ago doesn't necessarily meet the needs now in a lot of cases.

So I often find myself as I'm doing new projects and new testing that I have to go out and actually buy new equipment and new hardware. It seems to be an unending process. It's kind of like being married and a homeowner. You're always looking for an excuse to buy new tools

for around the house. It's the same way as a hardware hacker. You're never going to be content until you have all the tools ever made on the face of the earth, but shop wisely. And I think you could do a pretty good gathering up the needed stuff, being able to do the work. So there's one other area before we take a quick break

and actually look at, or has some questions. Another tool, let's not forget critical tools, a multimeter. Literally, I don't think there's ever on any engagement or any testing or any device I've tore apart where I was hacking on, where I didn't use a multimeter.

These are cheap. You don't need an expensive one. Mostly I use this on the continuity field for actually tracing out runs on boards and stuff like that. Comes in very handy. I also use it for checking voltages prior to hooking stuff up to make sure that I'm matching the voltages correctly because that can really screw things up

if you get it wrong. Also moving from there, let's go ahead and quickly cover the area dealing with debuggers. Matter of fact, let's kind of stop right there. And before we get into chip readers and debuggers and see if there are any questions.

Open. Oh, good. Yeah, it looks like a couple popped up here. So yeah, I guess the first question we have here is, this is with regards to the physical non-RF signal quality that we're speaking of earlier.

So you had mentioned the oscilloscope. And also I know that you've mentioned that you aren't really going too in depth with it these days because you don't really need it. So I'm curious, or excuse me, the question's asking, I am curious, would your answer to that be the Sele does okay for that sort of thing? And would you recommend a Sele over an oscilloscope?

The answer to that is yes. I think my go-to is with Sele Logic Analyzer 100% now for almost everything I'm doing. Almost everything I'm looking at is digital. Sele's come out with the, oh gosh, what was the name of it? I'm losing my mind here, just a second.

Oh yeah, their Logic tool, which is what interacts with the Sele. They came out with Logic too. And the cool thing with Logic too, it basically gives so much more features to the actual product. And one of the features is kind of continued streaming. Instead of capturing, just capturing data

like you often will do, this will actually let you loop that capture so it continues to run. So I find myself taking a Logic Analyzer and using it like a probe, looking for ongoing signals, timing signals and stuff like that,

clock signals that are ongoing, burst traffic, because I can easily stop on something and as this thing continues to run, see burst traffic. Literally it gives me a way to do some digital signal tracing. Maybe it's not the most effective way, but I think it's the most cost effective way. So definitely would recommend

if you're going to spend the money, buy yourself a good Logic Analyzer. That besides the multimeter or is the item that I inevitably use on every engagement and every testing that I do. Any other questions or is that it?

That's it. All right, so let's go ahead and let's jump into chip readers. So, hey, you happen to have a device and it has a flash memory chip and you want to be able to get the data off that flash memory chip, what are you going to do it with? So there's a lot of inexpensive solutions out there.

This one here is an actual TL-866 Plus. This comes with a slew of sockets that go in for it. This is like a T-SOP socket and they get eight pin or 16 pin sockets

and then eight pin sockets. List goes on and on. There's like 30, 20 or 30 sockets you actually get with the socket that I purchased. That is actually a, oh gosh, there we go. It's a WSON, WSON eight sockets.

So you drop it in. These are a little more pricey but the TL-866 is not that expensive. I think I paid 130 bucks for the one that I have here. Although when you buy this and it comes with this particular socket,

this T-SOP 48 socket, this will not work for all T-SOP 48 which is typically NAND flash chips. So you need to go out and buy this one to go with it. And you can get these off AliExpress or maybe some other sources.

And this is the, get it right there, NAND08 socket. And typically, typically this is the socket that's used on the chips that have literally a larger memory. You start getting in at 128 meg, 256 meg chips and higher.

You're actually going to go over to this socket here. That seems to be the case. So that's one of them that I have. Like I said, I have several chip readers. I can't remember the number of this covers. I think it's like seven or 8,000 different chips that are actually supported by this.

So does it cover every chip that I encounter? The answer to that is no. Does it cover a large number of them? Yes, it does. I mean, it probably covers two thirds of them that I come across. One of the other chip readers I have is this RT809H.

So the RT809H, here it is here. Similar, a little bigger physical construction. This one comes in handy. You cannot use, you can use these sockets. So all of the inline sockets that came out of the TL866 that are straight pin to pin wiring and don't contain any kind of circuitry,

you can use them on this. But if it happens to be the TSOP48s, those actually had circuitry built into them. So you have to buy a socket that'll actually work on it. And this is a straight pin for pin one. So I use this one typically as a backup.

There's times that the TL866 doesn't work or doesn't have what I'm looking for. So I jump over to this one. It works pretty darn good. Also this one, you can get various sockets for. Here happens to be a socket for it. This was like a $40 socket. This is a BGA.

This is a 63 ball BGA NAN flash memory socket. I think I played 45 and had that shipped over from AliExpress from China. The crazy thing is I ordered it right when this whole COVID thing hit this fan.

So it took like two months to get to me versus the typical 30 days that I often have up wait or shorter time period. So that's one of the readers. So some of the other readers I have in my arsenal here is dealing with embedded multi chip packages

and embedded multi medium controllers. So these you actually find a lot when you're dealing with embedded systems and especially some consumer grade IOT.

These are actually for reading BGA's. This is an embedded multimedia chip for 153 ball BGA. So you open it up, you drop the chip in there, plug it in, it's USB three,

plug it into your computer, hit this button here and that chip will mount up just like a file system. It'll mount up just like an SD card will mount up and it'll actually mount the entire file systems on the device most of the time. And from there, you can quickly recover the data. Sometimes you can alter the data.

One of the exercises I did, I actually use that to pull the data and then use one of these in all data and then DD it back to the actual chip and then rebuild the BGA, put it back on the device to gain root level access. So these are great and they come in a number of different sizes.

So that's known as a embedded multi-chip package type thing. Again, you'll find these in a lot of devices. That means it contains both RAM and flash memory in the actual chip. But these ones are kind of pricey like $135. There is a cheaper version. This is pretty much the same thing

but it's done up just like an SD card. And then you just plug it in like an SD card into your computer and it'll mount the chip up just like a file system. Now these ones are a little cheaper. I think they're well under a hundred dollars like 90 bucks or something like that.

Also, if you need to deal with embedded multi-chip package or embedded multimedia chips, I would recommend doing a little Googling on that because this example here, people have actually built these. So there's ways to build these. Of course, you may have to dead bug the chip

which means you're gonna need a good microscope because you end up soldering to the pads of the chip on the underside. But there's only like five connections or four connections that have to be made on the chip. And you can literally actually read it. So there's a lot of documentation out there. So you can take the hacker mode and save yourself a lot of money.

But again, it'll take a lot more time. So any questions there on chip readers? And again, most of these chip readers were 120 to $140 right around there. One question that came up with regard

to the chip readers here that I'm seeing is and this is a little bit of a backfill. I do apologize. One question that came up earlier is is it actually worth picking up an old benchtop logic analyzer off eBay or going with some of the newer USB tools?

Cost is a limiting factor for this individual. You know, I don't know enough about any of the benchtop logic analyzer tech that you're talking about. I haven't worked with any of those. Typically most of the stuff I did with is the USB stuff. I mean, if you're looking for a logic analyzer just to give it a try, I'll be honest with you.

A lot of these, when you start getting into these smaller ones, 24 megahertz, I have not used this. So obviously it's $12 from a logic analyzer standpoint. This gives you an entry point just to get familiar. And I think the logic programs put out by Sally will actually work on these.

And there's a couple of other ones. And Jonathan's going to talk about this in more detail tomorrow. So I definitely swing by his presentation. I would start off if money's limited. I mean, can you come up with 12 bucks, give one of these things a try. I bet you nine times out of 10 on most standard consumer grade IOT, this is going to be fine. I've only run into issues when I'm dealing

with commercial level devices where a megahertz rating like this would not have worked. So just an example. That makes sense. And another backfill question here. Asher says, such a great lab, Daryl. One question, what do you use for on-chip debugging

other than the Shekra? Oh, on-chip debugging? Yeah, we're actually get into that next. If you want to do on-chip debugging or pulling firmware out of the chips and all that type of stuff. That's the next section that we're going to dive into.

Okay, perfect. And I think we'll put a pin in that question because it sounds like it'll be answered. Next question here reads, what are these readers used for? What are you reading off these chips? Sorry, noob. Thank you. Oh, there's nothing wrong with that, man. I mean, we were all learning at one time. Five years ago, I couldn't have told you any of this stuff at all.

So what we're doing is these chips I'm talking about are flash memory chips. This is where the embedded devices holds its operating system. It's also where it holds configuration settings and data associated with the functionality of that device. So if you want to be able to pull off the firmware

for some kind of offline analysis, you want to do some offline debugging with IDA Pro or something like that, then you need to be able to extract the firmware. So to be able to extract the firmware, you need to gain some level of access. Chip readers come in handy for doing what I consider off-board reading.

So you desolder the chip, remove it from the board, drop it into the reader, dump all of the memory out of that chip, and then you solder the chip back on the board. I have a tendency, since I'm fairly good at soldering and desoldering and stuff like that,

that I will often do that. I will literally just pull the chip versus trying to do it in circuit because I found it's sometimes much easier. In some cases, not always, but in a number of cases. The only time it's more difficult is when you're dealing with like a ball grid-erated chip, a BGA chip, where the pins are underneath.

So when you remove it, the complexity of putting it back on is fairly complex. So hopefully that answered that question. Makes sense. And one final question here. It's asking about the Flipper Zero. Individual's asking, what are your thoughts on the upcoming Flipper Zero?

Is it a great asset or a gimmick? Kickstarter problems apply. Flipper Zero. I don't think I've seen that. Have you seen that? Have you looked at it? Yeah, it looks super interesting, actually. I'm additionally not familiar with it. Looks super slick. Looks like you can do a lot of hardware analysis with it. I think it looks kind of cool. It's very powerful for Sub-1 gigahertz.

From what I'm seeing there, it looks somewhat similar to the yardstick with maybe a few additional features, but it looks pretty slick in my opinion. Yeah, like I mentioned, there is always new tech being developed. So often I don't dig into those unless it happens to be on my table

or something I need to work on. And then I go out looking and I try to look for the right tool, the right solution, the one that's gonna help me do the job the easiest and the quickest. So, hey, great. Thanks for bringing that up. I'll have to look at that once we get offline here. Yeah, and Daryl, we actually had the inventor of the Flipper Zero present

at our event back in May. So anyone who's listening, you can always check that video out as he goes through all the features. And so the story of why he built it. Outstanding, Sam. Thank you very much. We'll check that out. So kind of moving on from there.

Just wanting to get into some debugging. There was some area I did miss earlier and we may jump on it at the end if we have time, but we're gonna start with debuggers. The first thing I wanna look at is, not necessarily a debugger, but pretty darn close to it.

This is fairly racy, about 150 to $170. It's a JTAGulator. I have not used this in a while. Don't ask me why. I guess I had need to figure out where the JTAG connections are in a while. But if you're in a bind and you need to figure out

if there's any exposed JTAG connectors on a chip that you can't identify, this is the tool for doing it. You just plug all these in here. You hit reset, go. You have some software you can run on this thing and it gives you the ability to go through all of the testing sequences

for all the different wiring combinations that you could possibly generate by plugging this thing in and checks for various JTAG connections. It can also be used for UART. I don't use it for UART. Typically that's easy enough to spot

with a logic analyzer fairly quickly, but yet a good tool to have in your arsenal if you're doing a lot of, especially if you're doing a lot of debugging devices where you can't identify whether a JTAG's available. They also added some features to this

that will actually go through and do IO testing. So it'll do a series of tests, information feed and capture based on identifying the various IOs on a processor. So that's also a great feature. So when it gets into logic,

or not logic analyzer, but debuggers, how can I interact with the chip? How can I interact with the processor? And some of them may be, hey, how can I pull firmware out of a processor that actually has flash in the processor? Which seems to be the thing I often do.

I have a whole slew of debuggers. I got dozens and probably a dozen of them laying around here somewhere for various things. But there's one that I have that's like a go-to, at least mainly for ARM processors. And that's a J-Link, J-Link Seager. J-Link is a great product.

This is a commercial version. These are kind of pricey. Based on the speed and the capabilities of the hardware, the price goes up and up. I think this one was like $600, can easily go upwards of a thousand or more for the solution. But there is hope.

If you're interested in the Seager J-Link and you are basically a student or somebody learning, you can buy the EDU version. When I first started learning and wasn't using it for commercial use, I purchased that. It was like $70. Has all the similar capabilities. Its speed of data reads probably not as fast,

but it's pretty good. Another thing I do is a habit of mine, is I always tape the pin out for all of the pins on some of these devices. Cause I rarely throw a 20 pin plug in there and use it. I often use single plugs because often we use this for, not only for standard J-Tag,

but I use it for a serial wire debug or CJ tag. This will do a CJ offset also, which is a subset of J-Tag that is also like serial wire debug. But so if you're like me and you can't memorize all these pins on everything,

actually doing a printout and sticking them in the back is a nice little feature that I use to help speed me along. But again, it's a great product. And for mainly ARM processors, I go to on this. But then also I will use various debuggers for different products. So if you TI chips, the CC debugger,

I can't remember what this was, 20, $30, it wasn't that much. And it happened to be a case where I was dealing with some TI chips and I'm like, ah, just buy the thing, put it in my lab, I have it. Another one which we demoed last year and that was dealing with the XDS 110,

which is another TI debugger. I really didn't want, and I wanted to expose people to the XDS 110 from a debugging standpoint, but I didn't want to buy the full blown one because it's like 110, $120. But it turns out that they made the small development kit type thing for a sensor tag.

And the one you buy for that is basically a stripped down model. There's no case, there's some features turned off, but it works the same way. And this was like $15 versus a hundred and some dollars. And it worked pretty good. And I kind of got this idea because I bought,

I was doing some research on a TI chip set and I, for a vendor. And so I bought the development kit and development kit had an XDS built into the chip on the development kit, which got me interested in doing this. And that's why I kind of shared that stuff last year and let people do the hands-on.

Now I have a number of debuggers around here, but a debugger is what it is, it's a debugger. Typically what I do is when I encounter a chip set, the first thing I do is I go out and go, okay, if I was a developer on this product line for this chip set, how would I do it?

What product would I use? What does the vendor recommend for interacting with their hardware, their chips? And then I go out and check it out. Do they have guidelines for using a Jlink? Then I use a Jlink. Do they have a specialized debugger like PIC processors do, which is basically encircle serial programming?

It's basically SPI. If that's the case, then get those. So I have several of those laying around here. The PIC kits is what they're called. So I try to find out what the developer community uses for a particular product. And if I can afford it and it's inexpensive,

I buy that or I buy the next level alternate to actually use. And that's typically the approach that I use. I found out if I'm trying to deal with the chip set and I'm using somebody else's debugger, it has a tendency to not always do what I expect it to do.

It doesn't always give me the information that I get from the development community on the product or from the vendor on the product. And it adds a level of complication. And I'm able to find way more resources if I use what the development community uses on that product. But the reality, that's not always feasible.

There's been a number of times where I've gone, hey, here's a chip. You go out and you try to find out what the development community is using for and find out it costs $10,000. And you can only buy it from the vendor. In cases like that, then hey, if it's an ARM, use the ARM. If it's something else, go all the way down

and use one of these and then use open OCD if you have to. Whatever it takes. But I tendency have to dive into what the actual person producing uses. I want to move on real quick because we're running a little behind and I want to get this next phase

because I know the, well, matter of fact, nevermind. We can do that. Got any questions? Yep, looks like one question cropped up here. Josh asks, do you happen to have any books, videos or any learning material that you recommend to start learning IOT hacking? Oh gosh, that's kind of a hard one.

I'm not a big book person, to be honest. What I typically do is I'm definitely a Google and YouTube kind of guy. Everything that I've wanted to learn, you know, an example,

I wanted to learn how to re-solder a TSoP 48 pin chip back onto a circuit board. I'm like, damn, this is going to be hard. I can't go solder each pin. So I went on YouTube and looked it up and go, how do I do this? And there's like three or four videos out there. And then I watched those videos and it's the same way. If I want to learn how to use UART,

I go check out some of the videos on finding UART and looking for UART, same way with logic analyzers. And it's typically the approach that I do. And I still do that to this day. Anytime I'm working in engagement or testing a product and I go, how do I interact with this?

I haven't done this before because, you know, even though I've been this in four years, I constantly encounter things that I haven't encountered before. I first, I go out and find out who else has done this. Has it been done before? Has anything similar to it been done before? And that's kind of my approach.

If you're trying to, and I know there's a lot of learning kits out there, but I'd also recommend, oh gosh, where is that? Hold on. I would recommend looking at some inexpensive products just to play around with. And I'm going to throw some pictures up here. And like these, these right here,

VIXME 300 millimeter router type things. Let's pop one of these things out of here. Oh, that's one thing about my lab. It's like a ton of gear. So this one actually uses, it's a little router device. So we have these chips on here. So it has a lot of things you can interact with.

There's ethernet, there's USB, it actually has UART. So UART's actually marked on here. If you look, there's, it says TX and RX. And then I found the ground. This runs OpenWRT. It actually has a flash memory chip right here.

So here's a chance to figure out how to get the memory out of the device. Here's a chance to play with this. In this case here, root doesn't have a password on it. So in that case there, you really, as soon as you get the console, it's going to be root level access, but you can change that and then try to.

Get around it. This device is like 20 bucks. And I would recommend getting something like this and starting out by just going, hey, this is a meta tech chip. What does that mean? Data sheets. This here is a RAM chip. Find the data sheets. This is a flash memory chip.

Find the data sheets. Read those data sheets and kind of learn and play around and experiment. And if you screw it up, throw it in the trash can and go spend another 20 bucks. Hopefully that answered the question.

Okay, here's another one, but I don't think the GL mango is even available anymore, but it's the same product, just relabeled different. Another question cropped up here was, I think it's kind of an extension of that question. Do you have any go-to YouTube channels? Do you follow anyone on social media? Oh gosh.

Yeah, from social media, I'm a Twitter guy. So you can find me on Twitter. My handle's percent, P-E-R-C-E-N-T underscore X. Yeah, please follow me. If you're one that tweets a lot of political stuff, there's nothing wrong with that.

I just not a big fan of that just to be aware of it. I want to see mostly technical stuff. So if you're doing technical stuff out there, that's kind of cool. I'll probably follow you back. But yeah, that's one thing I do. I do not follow any YouTube channels. I'm usually all over the map, whatever I'm working on at that time.

And I need to learn something specific. Then I go out and search. And I never look at one single example. If there's a dozen examples out there, I'll usually look at three or four of them and get three or four different viewpoints on how to approach something or how somebody's done that. And then experiment with my own ways and own methods and try to build from that.

We've also, at Rapid7, I put out a number of blogs. So if you use my name, Darrell Hyland, and search for Rapid7 blogs. I think we put out a whole series last year actually pulling firmware from microcontrollers, like four of them, covering four different type of microcontrollers,

four different software packages, four different debug type devices. So every once in a while, I'll do that type of stuff too. Okay, so I want to move on to odds and ends. This is kind of a big one.

So when you're doing work on devices, it comes down to often needing a lot of strange stuff. Now, the first one is wire. I don't know how good the video is out there, but this is 40 gauge wire. And to be absolutely correct about this, I hate this shit.

But this stuff comes in handy for soldering into microscopic small circuits for tapping into them. So currently I'm working on a project right now where I have to tap into an Intel i3 processor. I'm trying to.

And the only way to do it is the pads are like 0.3 millimeters. So I am actually using this under a microscope and soldering it up. And at the end of this thing here, I'll show you what I attach it to when I'm done, which will be a lifesaver. So that comes in handy. If I'm doing something else that's bigger from a wire standpoint, I use this.

This is wire wrap wire. I don't even a VT corporation. And I found this, it comes in all of these distant strands. This is covered with a really fine plastic coating. That 40 gauge wire earlier was covered with lacquer, a real thin coat of lacquer, keep it from shorting out.

This stuff will melt that's on the outside of this. But when you're looking for like 30 gauge wire, you need to find wire wrap. If you buy standard 30 gauge wire, the actual insulation going around the wire will be thicker than the wire itself and will get in the way when trying to solder to small circuit pads to tap into it.

The other thing is, when you open up a device and you start thinking about headers, you need to attach headers. And this become a nightmare over the years, or at least early on when I first started, because I was seeing all kinds of stuff. So I went out and tried to get samples of both 2.54 millimeter headers.

So this can be plugged into the board and soldered in, and then you just plug into it for the places there are headers. What if there happens to be dual header? So then I bought some dual headers to have those. I have boxes of these things laying around. So on top of that, what happens if it's a surface mount header for 2.5 more millimeter?

So if you look at this, it actually has, see how the bottom is sticking out there? It's actually gull-winged, so there you go. And then we do the same thing for 1.27 millimeters, single, single row, double row.

And these are the most common, and trust me, there's people that produce other headers that you want to kill them when you get them, because these things won't fit in a gull-wing one. So yeah, I went out and kind of purchased all of this stuff. Over time, I didn't do it in one day. It's like, hey, I need headers that are 1.27.

I need gull-wing headers, and then went out and bought them. The other thing that is a lifesaver, and that is glue. Glue comes in really handy, because when you're attaching small wires to a board, and you snag the wire, you pull the wire, you could easily rip the pad clear off the board,

which will happen to you anyways, but this will help prevent it. This glue here works like a champ. So here is, here's some 30 gauge wire that I've attached to this device here. And you can see, hold on a second, I'm looking for a poker here.

So right here, you can see this is glue. So I put a dab of glue in there, and it holds the wires, and it prevents me from tearing the pads out from this circuitry. It works like a champ.

If you need to move the glue, it peels right off. It takes a little force, but it'll peel off clean off the circuit board, and it's actually brilliant for what you need to do. Some of the other things that we're gonna need, you're gonna need a wire. So these are jumper wires. You can get these male to male, female to female, and they just peel off.

So I have bundles of these, and when I'm done using one, I throw it away, because if you keep plugging it in, plugging it in, plugging it in, after, by the end of the day, it'll start weakening to the point where it will give you problems if you keep trying to use it. And there's nothing worse than losing three or four hours trying to figure out why something isn't working and find out your plug is just wore out.

So I usually get bundles of these, and then you'll find them scattered all over the floor, because I just throw them on the floor when I'm done. I'd also recommend a breakout boards, quick breakout boards are for quick for doing various projects and stuff like that. And that's kind of a sweet.

And then let me see, oh gosh, here's some stuff I bought on a project a while back. I ran into a project where I need USBs. So literally went out and bought USB breakouts. So you can buy these little kits for like five, six bucks, okay?

And it gives you the ability to do USB breakouts so that you can solder up connections on these things and be able to tap into various USBs. Kind of the reason why I needed that, it turned out that the device that I pulled apart that was an industrial device and it had as a solid state drive in it,

the solid state drive was an ATA, it was basically USB and it was kind of a weird wire out structure. So from here, I was able to jump it out the way I wanted it to fit the USB properly and was able to use that to tap into the actual device

and effectively be able to read the data off of it pretty effectively. So that worked pretty good. Here's some, these are a little expensive, but they've come in handy a few times. These are micro grabbers and they go, I can use them on a logic analyzer or some other kind of testing equipment. I have a set of these that I've put together.

I think these were like 20 bucks a piece, but they have a 0.5 millimeter pitch. Comes in handy for small stuff. And then the big item, I think this is really critical. This is a test board. I built these and I would recommend building test boards

to meet your particular needs in the projects you're working on. It'll come in, it'll be very vital to actually be able to do it. So if we look at this from this test board, we have two sides of this. So we can take the wire and we can hook into here. These are screw terminals.

So you can screw the wire in here and instantly you have two headers to put a test equipment on. This one over here is similar. This one has jumpers in the middle. This one's isolated with a switch. These are isolated with jumpers. So once you attach the jumpers or throw the switch, you get connections all the way across.

So if it's turned on, then I basically get four headers I can tap into. This also makes it possible and where I've done inner chip communication testing, where I actually come off the circuit board here route through here and then I go back to the circuit board and then I cut the runs on the circuit board, making all the traffic flow through this.

And it gives me the ability to turn on and off the flow on a circuit board for analysis and the ability to hook multiple pieces of test equipment up for analysis. And again, I built these, get these boards. You can see where they're broke right here so that they require a switch or a jumper to do them. And these come in extremely handy.

I've built four or five different ones, but having these screw terminals are a lifesaver for connecting up things. So I'd recommend building some of your own jigs and test equipment. Any questions?

It looks like a high level question kind of cropped up here. This was with regard earlier to when you're speaking towards like the FTDI devices. The question is what software do you use in order to start talking to these devices? And again, this is with regard when you're talking about the Chikra, those types of hardware devices.

Oh, so if you're using the Chikra, if you're using JTAG, then you're obviously gonna use like OpenOCD is probably one of the best ones that you're actually going to use as OpenOCD for it. When it comes to UART, there are so many console programs out there.

It's literally kind of hard to say which one is the best one. I have a tendency to use, gosh, cool term, and I use it on my Mac. If you're on a Linux system, I would just use screen for interacting with a USB,

USB UART connector as an example. For the logic analyzers, the manufacturers produce software called Logic, Sele does, there's the older version and there's a Logic too, which is pretty good.

So for standard UARTs, again, there's tons of programs out there. Find the one that works best for you. Or if you're on a Linux box, just use screen. Screen has ability to interact with TTY USB zero, TTY USB two, one, ever how many UARTs you have connected up

and also set the associated bold rate right within screen. When you get into logic analyzers, like J-Link, J-Link produces its own, not logic analyzer, I'm sorry, debuggers. J-Link produces its own software, same way with CC debug.

Also individual manufacturers of certain chips will produce their own software to interact with their chips over J-Link. Nordic is one of them. Nordic produces a software to connect to their NRF 5152 series chips. It can get it as a command line,

or you can get it with a user interface type thing. And it actually will leverage the J-Link. So a lot of the manufacturers will also produce custom software to interact with their chip using no standard logic analyzer, or debuggers that are available out there.

Any other questions? That is it. All right.