00000000 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00 |.ELF............|
00000010 03 00 3e 00 01 00 00 00 60 17 03 00 00 00 00 00 |..>.....`.......|
00000020 40 00 00 00 00 00 00 00 b0 c8 13 00 00 00 00 00 |@...............|
00000030 00 00 00 00 40 00 38 00 0e 00 40 00 1d 00 1c 00 |....@.8...@.....|
00000040 06 00 00 00 04 00 00 00 40 00 00 00 00 00 00 00 |........@.......|
00000050 40 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 |@.......@.......|
00000060 10 03 00 00 00 00 00 00 10 03 00 00 00 00 00 00 |................|
00000070 08 00 00 00 00 00 00 00 03 00 00 00 04 00 00 00 |................|
00000080 94 03 00 00 00 00 00 00 94 03 00 00 00 00 00 00 |................|
00000090 94 03 00 00 00 00 00 00 1c 00 00 00 00 00 00 00 |................|
000000a0 1c 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 |................|
000000b0 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 |................|
000000c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000000d0 70 ef 02 00 00 00 00 00 70 ef 02 00 00 00 00 00 |p.......p.......|
000000e0 00 10 00 00 00 00 00 00 01 00 00 00 05 00 00 00 |................|
000000f0 00 f0 02 00 00 00 00 00 00 f0 02 00 00 00 00 00 |................|
00000100 00 f0 02 00 00 00 00 00 61 8f 0c 00 00 00 00 00 |........a.......|
00000110 61 8f 0c 00 00 00 00 00 00 10 00 00 00 00 00 00 |a...............|
00000120 01 00 00 00 04 00 00 00 00 80 0f 00 00 00 00 00 |................|
00000130 00 80 0f 00 00 00 00 00 00 80 0f 00 00 00 00 00 |................|
00000140 6c 7f 03 00 00 00 00 00 6c 7f 03 00 00 00 00 00 |l.......l.......|
00000150 00 10 00 00 00 00 00 00 01 00 00 00 06 00 00 00 |................|
00000160 50 0a 13 00 00 00 00 00 50 0a 13 00 00 00 00 00 |P.......P.......|
00000170 50 0a 13 00 00 00 00 00 14 bd 00 00 00 00 00 00 |P...............|
00000180 70 6d 01 00 00 00 00 00 00 10 00 00 00 00 00 00 |pm..............|
00000190 02 00 00 00 06 00 00 00 c8 35 13 00 00 00 00 00 |.........5......|
000001a0 c8 35 13 00 00 00 00 00 c8 35 13 00 00 00 00 00 |.5.......5......|
000001b0 00 02 00 00 00 00 00 00 00 02 00 00 00 00 00 00 |................|
000001c0 08 00 00 00 00 00 00 00 04 00 00 00 04 00 00 00 |................|
000001d0 50 03 00 00 00 00 00 00 50 03 00 00 00 00 00 00 |P.......P.......|
000001e0 50 03 00 00 00 00 00 00 20 00 00 00 00 00 00 00 |P....... .......|
000001f0 20 00 00 00 00 00 00 00 08 00 00 00 00 00 00 00 | ...............|
00000200 04 00 00 00 04 00 00 00 70 03 00 00 00 00 00 00 |........p.......|
00000210 70 03 00 00 00 00 00 00 70 03 00 00 00 00 00 00 |p.......p.......|
00000220 24 00 00 00 00 00 00 00 24 00 00 00 00 00 00 00 |$.......$.......|
00000230 04 00 00 00 00 00 00 00 04 00 00 00 04 00 00 00 |................|
00000240 4c ff 12 00 00 00 00 00 4c ff 12 00 00 00 00 00 |L.......L.......|
00000250 4c ff 12 00 00 00 00 00 20 00 00 00 00 00 00 00 |L....... .......|
00000260 20 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 | ...............|
00000270 53 e5 74 64 04 00 00 00 50 03 00 00 00 00 00 00 |S.td....P.......|
00000280 50 03 00 00 00 00 00 00 50 03 00 00 00 00 00 00 |P.......P.......|
00000290 20 00 00 00 00 00 00 00 20 00 00 00 00 00 00 00 | ....... .......|
000002a0 08 00 00 00 00 00 00 00 50 e5 74 64 04 00 00 00 |........P.td....|
000002b0 30 1f 11 00 00 00 00 00 30 1f 11 00 00 00 00 00 |0.......0.......|
000002c0 30 1f 11 00 00 00 00 00 0c 47 00 00 00 00 00 00 |0........G......|
000002d0 0c 47 00 00 00 00 00 00 04 00 00 00 00 00 00 00 |.G..............|
000002e0 51 e5 74 64 06 00 00 00 00 00 00 00 00 00 00 00 |Q.td............|
000002f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00000310 10 00 00 00 00 00 00 00 52 e5 74 64 04 00 00 00 |........R.td....|
00000320 50 0a 13 00 00 00 00 00 50 0a 13 00 00 00 00 00 |P.......P.......|
00000330 50 0a 13 00 00 00 00 00 b0 35 00 00 00 00 00 00 |P........5......|
00000340 b0 35 00 00 00 00 00 00 01 00 00 00 00 00 00 00 |.5..............|
00000350 04 00 00 00 10 00 00 00 05 00 00 00 47 4e 55 00 |............GNU.|
00000360 02 80 00 c0 04 00 00 00 01 00 00 00 00 00 00 00 |................|
00000370 04 00 00 00 14 00 00 00 03 00 00 00 47 4e 55 00 |............GNU.|
00000380 8b 36 2a cb 36 d9 f6 e7 10 3e f8 43 3c 21 41 26 |.6*.6....>.C<!A&|
00000390 59 08 ac 8f 2f 6c 69 62 36 34 2f 6c 64 2d 6c 69 |Y.../lib64/ld-li|
000003a0 6e 75 78 2d 78 38 36 2d 36 34 2e 73 6f 2e 32 00 |nux-x86-64.so.2.|
000003b0 05 08 00 00 e3 00 00 00 00 01 00 00 0e 00 00 00 |................|
000003c0 09 30 34 06 0c 00 00 00 04 23 21 4a 05 05 00 04 |.04......#!J....|
000003d0 7a 64 12 86 94 41 50 0f e1 00 44 44 00 42 20 12 |zd...AP...DD.B .|
000003e0 00 84 03 80 10 44 80 01 00 09 01 80 80 00 40 f0 |.....D........@.|
000003f0 02 15 00 41 03 12 4a 8c 81 21 10 49 68 04 c4 4d |...A..J..!.Ih..M|
$ ./nullptrsec --help
We'll hack you, so others can't.
nullptr security is a specialist offensive-security firm.
We take on the esoteric devices and hard problems most teams won't touch, we
build the tooling to do it, and we deliver results.
// what we do
A small cadre of engineers for problems that don't fit a checklist.
We sell depth: hardware and software expertise applied where the stakes are high,
the systems are unusual, and off-the-shelf scanners and pentesters can't cut it.
01
Offensive tooling
We design and build custom offensive-security and pentesting tooling - for our own engagements and for
clients who need capability that isn't ready-made.
02
Deep security assessments
White-box and source-driven assessments of real systems: firmware, embedded, protocols, and source in
C/C++, C#, Java, Python, Fortran, and more. We read the code and the silicon.
03
Hard, esoteric targets
IoT and connected devices, ICS/SCADA, secure-compute and enterprise hardware. The targets where generic
methodology stops and engineering begins.
// why it matters
The cost of finding out the hard way.
6B+
malware attacks recorded in 2024
$10M+
potential cost of a single breach
1
overlooked device is all it takes
The devices that are hardest to test are usually the ones an attacker wants most.
That's exactly where we work.
// engagements
How we help.
Every engagement is scoped to a real decision you're trying to make. Ship,
acquire, recover, build, and more. You get findings that are prioritized by impact to take immediate
action, plus the context to fix the root cause, not just the symptom.
We sell actionable items that result in your security, not just a checkmark for you compliance.
Discuss a scope
-
Pre-launch validation
Find the weaknesses in a product before your customers (and adversaries) do.
-
M&A security assessment
Understand what you're actually acquiring before the security debt becomes yours.
-
Post-breach review
Determine what happened, close the path that was used, and harden against the next one.
-
Custom engagements
Bespoke offensive work and tooling for problems that don't fit any of the above.
// capabilities
Where we go deep.
Our engineers work across the full stack of your product: from the board, to the
firmware, to the application logic. Some of the surfaces we routinely cover:
Hardware & firmware
- Embedded / RTOS
- Firmware reverse engineering
- Secure boot & TEE
- Hardware fault injection
- JTAG / SWD / UART
- Side-channel analysis
Software & source
- White-box code review
- C / C++ memory safety
- C# · Java · Python
- Exploit development
- Fuzzing harnesses
- Cryptographic review
Systems & protocols
- IoT / connected devices
- ICS / SCADA
- Secure compute
- Wireless & RF
- Custom & undocumented protocols
- Network / application
Sectors we serve
- Financial services
- Healthcare
- Government
- Software vendors
- Secure compute