Reverse Engineering

Professional tear down, penetration, code and/or data extraction and decryption for reverse engineering of protected and secured targets.

Our reverse engineers are best of breed and world class. To date, we have never failed to penetrate any security defenses encountered, nor failed to achieve exfiltration of any required information from any target system.

We have the proven capabilities and access to the tools required to facilitate information extraction and to assist in the decryption of encrypted content as taken from embedded ROM, flash or eFuse on sub-100Nm dies. We can extract, laser cut and back-grind exposed dies or split MCMs, then re-transplant and re-wirebond those sectioned die slices into new lead-frames for external interrogation. We also have access to exotic wafer level analysis and repair tools such as SEMs and FIBs.

Our engineers also have the capability to analyse and reconstruct logical and operational gate constructs, so as to allow for the reconstruction of operations in HW that allow us to emulate them for further analysis. An example is the additional instructions added to the processor core of a popular SSD chipset, as used to accelerate the ECC, compression and encryption stages of the FTL of their SSDs. We were able to fully reconstruct their FTL operation (encryption engine, ECC, compression and NAND mapping) which allowed us to fully reconstruct the data held on the external flash chips of their supposedly "secure" SSD design.

Soft targets

Examples are mass storage devices, such as ODDs, SSDs and HDDs, commercial and home entertainment products, such as games consoles, network routers, switches and printers. Devices such as DVD/BD and STB multimedia players, mobile music players and phones.

We also have provided services on Engine Control & Management Units as used in general automotive, through to those used in high-end motorsport applications. Further examples are command and control systems for factory automation and industrial control and/or data aquisition, atypically in SCADA implementations.

Hard targets

Examples are secure encryption and security solutions used on restricted devices such as secure communication devices for mass-storage or satellite, radio, telephony and network. These simply pose more of an interesting challenge. Inquire for further details.

We have in-depth experience and have provided services relating to analysis and provenance of ECMs, TSCMs and covert listening, tracking and monitoring/intercept devices. Such items that are directly related to defence, intelligence and/or military related are also able to be handled, but with specific requirements in place. Contact us for specific details.

Weapon:RE also creates its own custom debugging and development systems if manufacturer support is non-existant, is mired in legal complications, or is unwarranted, undesired or simply not possible for other reasons.

Common issues:


If you have a target or a problem that no one else can help you with, then talk to us.