Hey there, my name is Claudiu, I'm a software engineer and security researcher. For the past decade and a half, I've worked with many different programming languages, at various fast-paced startups, now I work in computer security. You can find me on GitHub and Twitter, and if you'd like to send me an email don't hesitate to do so: claudiu - aet - ursache.io.

Blogposts

  • Baby's First Steps in Android App Reverse Engineering May 23, 2023
  • How to change your boot splash logo using an SPI programmer, UEFITool and flashrom Apr 25, 2023
  • Tale of an old write-up: hardcoded credentials to remote firmware update in consumer-grade router Apr 15, 2023
  • UEFI Hello World with qemu and EDK2 Apr 2, 2023
  • How to sign a kernel module for Secure Boot on Debian in 2023 Mar 26, 2023
  • Talks

    SummerCon 2023, New York

    I gave a talk about the code analysis platform Joern and two bugs I found in Android apps of fairly prominent publications.


    video: https://www.youtube.com/watch?v=lIgCAjcrpGc&t=2903s
    slides: code property graphs & joern - simple, precise static code analysis

    No Hat 2021, Bergamo, Italy

    Fabian Yamaguchi and I talked about how we found a bunch of 0-days in consumer-grade routers and gave an update on our automatic binary code analysis research.


    video: https://www.youtube.com/watch?v=hfxCDx9BTLo
    slides: Ghidra2CPG: From Graph Queries to Vulnerabilities in Binary Code