logo

Since the inception of the eCos RTOS in 1998, almost no dedicated research into its inner workings from an offensive security perspective got published. The only notable exception being the Cable Haunt research by Lyrebird which started to cover binary exploitation, but only scratched the surface. From cable modems to ICS components, millions of devices are currently running on eCos, but it seems that no one ever looked into them.

ecos.wtf aims at documenting everything related to eCos platform security research in a single place. At the moment the focus is mainly on Broadcom based eCos platform, but we will most likely cover eCos in Industrial Control Systems at some point in the future.

On this blog, we’ll demonstrate how to pull firmwares, analyze them, write exploits, and gain long-term persistence on devices. By doing so, we hope to provide the required methodology, tools, and techniques to security professionals who wants to get involved in the wonderful world of eCos security.


Your company rely on systems running on eCos and you would like to audit them ? Konkrete Security can take care of it.


If you think something is missing, noticed we forgot to credit you for prior work, or simply want to submit content for the blog, send me an email at quentin@ecos.wtf.