Donjon CTF 2021: Capture the Fortress!
Our annual CTF starts on November 30 2021. Register now and try to break our challenges!
On the security of Booba's music video and NFTs
How we accessed the exclusive music video without any NFTs.
Remote laser faults injection during pandemic
How we improved our laser test bench to work remotely during the pandemic
On the security model of software wallets
How software wallets protect your assets? What is their security model? Do they resist to malware or targeted attacks?
Kaspersky Password Manager: All your passwords ...
Password generated by Kaspersky Password Manager were predictable (CVE-2020-27020).
Discovering SMPC through CTF Challenges
Ledger Donjon CTF 2020 - Creating challenges from vulnerabilities in SMPC implementation
Exploiting Smart Contracts in CTF Challenges
Ledger Donjon CTF 2020 - Creating smart contract challenges
KeepKey Hardware Wallet Under The Scope
A side-channel attack on the PIN verification of the KeepKey hardware wallet allows to retrieve the PIN of the device...
Lit by Laser: PIN Code Recovery on Coldcard Mk2...
How the Donjon performed a PIN code recovery on a Coldcard Mk2 wallet.
OLED screen (minor) vulnerability
Details on the side-channel vulnerability reported by Christian Reitter
Funds are SSSAFU - Stealing the funds of all HT...
How a bad implementation of Shamir Secret Sharing allows to steal all the cryptocurrencies stored on a HTC EXODUS 1...
Unfixable Seed Extraction on Trezor - A practic...
An attacker with a stolen device can extract the seed from the device. It takes less than 5 minutes and...
Extracting seed from Ellipal wallet
Ellipal is a hardware wallet based on air-gapped Android device, Our study showed that communication interfaces could be re-enabled
Breaking Trezor One with Side Channel Attacks
A Side Channel Attack on PIN verification allows an attacker with a stolen Trezor One to retrieve the correct value...