Research & Projects
Security Research & Open Findings
Every product we build is grounded in real security research. Here are the investigations, published papers, and open-source projects driving C1ph3r Fsociety's hardware roadmap.
BLE Attack Surface Analysis on Consumer IoT
Comprehensive cataloguing of BLE vulnerabilities across 20+ consumer IoT devices. Covers MITM, jamming, spoofing, and the Sour Apple vulnerability.
5GHz Deauthentication: Modern Network Weaknesses
Investigating the persistence of deauthentication vulnerabilities in 5GHz Wi-Fi networks, including WPA3 implementations and enterprise configurations.
ISM Band Replay Attacks: 315/433MHz Vulnerabilities
A systematic review of replay attack vulnerabilities in ISM band devices: garage doors, key fobs, wireless sensors, and legacy access control systems.
GhostESP Firmware Extensions for Advanced Recon
Custom extensions to the GhostESP framework adding automated SSID cataloguing, BLE device fingerprinting, and PCAP export for offline analysis.
GPS-Integrated Wardriving with Marauder
Methodology and tooling for GPS-integrated WiFi/BLE wardriving using the Marauder OG platform. Includes PCAP + GPS correlation and WiGLE integration.
Designing Offensive Security Hardware: A Practical Guide
End-to-end walkthrough of designing a security research tool: schematic capture in KiCad, PCB layout, prototype fabrication, firmware, and production.