prez SSTIC https://www.sstic.org/2026/presentation/unblob_evolution_dun_outil_dextraction_de_firmwares/

• routeur arrivée fibre Huawei HG8245T
  https://www.manualslib.com/manual/1801352/Huawei-Echolife-Hg8245t.html#manual

• routeur TP-Link WR841NV13
  Bon en fait V11.
  Support https://www.tp-link.com/fr/support/download/tl-wr841n/v11/#Firmware

https://superuser.com/questions/1120909/super-admin-access-to-huawei-hg8245
Have you tried logging in as user telecomadmin and pass admintelecom? It's a default hardcoded user // pass for Huawei HG8245/HG8245T
(mais config remplacée à l'install par l'opérateur)

Extraction du firmware, analyse statique et dynamique (émulation) et reporting des vulnérabilités

EMBArk: l'environnement de scan https://github.com/e-m-b-a/embark

Via Blutetouff https://twitter.com/bluetouff/status/1645365068639399937

reverse https://media.blackhat.com/us-13/US-13-Zaddach-Workshop-on-Embedded-Devices-Security-and-Firmware-Reverse-Engineering-WP.pdf
https://wikileaks.org/ciav7p1/cms/page_16384164.html

A Story About TP-link Device Debug Protocol (TDDP) Research

via Sean: The following link is quite relevant to us: http://www.s3.eurecom.fr/docs/usenixsec14_costin.pdf It's about automated scans of embedded firmware images and is quite recent.
http://www.eurecom.fr/en/publication/4323/detail/a-large-scale-analysis-of-the-security-of-embedded-firmwares

a large catalog of interesting publications: http://www.s3.eurecom.fr/publications.html

Une backdoor dans un routeur Netis/Netcore
http://www.nearsecurity.net/love-china-netisbackdoor-exploitation/