Research

Existing tooling, source code, vulnerability reports, logs, and overall research products I found online. Definitely not exhaustive.

"Tor825, High Heaton Library, Newcastle upon Tyne" by Newcastle Libraries is marked under CC0 1.0. To view the terms, visit https://creativecommons.org/licenses/cc0/1.0/

You think it’s missing something ? Drop me an email and I’ll do my best to update it.

Books

Tools

Source Code

Vulnerability Reports

The infamous cable haunt:

Pre-shared key derivation from known data is always a bad idea:

People (re)-discovering overflows in eCos based cable modems. Crash dumps but no exploit.

Although not really about eCos environment itself, this talk is an interesting introduction to how DOCSIS is actually deployed by ISPs:

People dumping info online

Some interesting logs dumped by people in online forums or personal blogs. You can find more by Googling for “eCos BFC”.

Hacking Groups

eCos running on ICS devices