
Security Fundamentals
Turtles, Clams, and Cyber Threat Actors: Shell Usage
The Socket Threat Research Team uncovers how threat actors weaponize shell techniques across npm, PyPI, and Go ecosystems to maintain persistence and exfiltrate data.
This package contains security tools for creating keys, creating certificates, signing user applications, and provisioning Cypress/Infineon MCUs.
Target/Kit | Silicon ID, Silicon Rev., Family ID | Secure FlashBoot Version | CyBootloader Version |
512K | |||
cyb06xx5 cy8cproto‑064b0s3 | 0xE70D, 0x12, 0x105 | 4.0.2.1842 | 2.0.1.6441 |
2M | |||
cyb06xxa cy8ckit‑064b0s2‑4343w | 0xE470, 0x12, 0x102 | 4.0.3.2319 | 2.0.2.8102 |
cys06xxa cy8ckit‑064s0s2‑4343w | 0xE4A0, 0x12, 0x02 | 4.0.3.2319 | 2.0.2.8102 |
1M | |||
cyb06xx7 cy8cproto‑064s1‑sb cy8cproto‑064b0s1‑ble cy8cproto‑064b0s1‑ssa | 0xE262, 0x24, 0x100 0xE261, 0x24, 0x100 | 4.0.2.1842 | 2.0.0.4041 |
Target/Kit | Silicon ID, Silicon Rev., Family ID | ROM Boot Version | RAM Applications Version |
cyw20829 | 0xEB43, 0x21, 0x110 | 1.2.0.8334 | 1.2.0.3073 |
cyw89829 | 0xEB47, 0x21, 0x110 | 1.2.0.8334 | 1.2.0.3073 |
The installation of ModusToolbox™ Software 3.1 includes the correct version of Python and CySecureTools 5.0.0. The latest version of CySecureTools is 6.0.0. To update the package from the ModusToolbox™ shell (for Windows users):
$ pip install --upgrade --force-reinstall edgeprotecttools
Install Python 3.12 on your computer. You can download it from https://www.python.org/downloads/.
Set up the appropriate environment variable(s) for your operating system.
If Python 2.7 is also installed, make sure that Python312 and Python312\Scripts have higher priority in the PATH than CPython27.
Most distributions of Linux should already have python2 and python3 installed. To verify that python by default points to python3 run:
$ python --version
If python3 is not set as default, run the following commands. The number at the end of each command denotes a priority:
$ update-alternatives --install /usr/bin/python python /usr/bin/python2.7 1
$ update-alternatives --install /usr/bin/python python /usr/bin/python3.12 2
By default, python
points to /usr/bin/python
, which is python2. To make python
and pip
resolve to
python3 versions, execute the following from command line:
$ echo 'alias python=python3' >> ~/.bash_profile
$ echo 'alias pip=pip3' >> ~/.bash_profile
$ source ~/.bash_profile
$ python --version
Python 3.12.3
$ pip --version
pip 24.0 from
/Library/Frameworks/Python.framework/Versions/3.12/lib/python3.12/site-packages/pip (python 3.12)
Note: If you use a shell other than bash, update its profile file accordingly. For example ~/.zshrc
if you use zsh instead of ~/.bash_profile
.
Make sure that you have the latest version of pip installed, use the following command.
$ python -m pip install --upgrade pip
Run the following command in your terminal window.
$ python -m pip install cysecuretools
To update the already installed package:
$ pip install --upgrade --force-reinstall cysecuretools
Note 1: During installation, you may see errors saying that cysecuretools requires package version X, but you have package version Y which is incompatible. In most cases, these can be safely ignored.
Note 2: You can use the following command to show the path to the installed package
python -m pip show cysecuretools
.
Use device-list
command for output of the supported devices list.
$ cysecuretools device-list
See README_PSOC64.md
Every time the tool is invoked, a new log file is created in the logs directory of the project. By default, the console output has INFO logging severity. The log file has the DEBUG logging severity.
...
ERROR : SFB status: CY_FB_INVALID_IMG_JWT_SIGNATURE: Invalid image certificate signature. Check the log for details
Workaround:
boot_upgrade/firmware
.boot_auth
and bootloader_keys
as follows:"boot_auth": [
3
],
"bootloader_keys": [
{
"kid": 3,
"key": "../keys/cy_pub_key.json"
}
]
...
distutils.errors.DistutilsError: Setup script exited with error: SandboxViolation:
mkdir('/private/var/root/Library/Caches/com.apple.python/private/tmp/easy_install-y8c1npmz', 511) {}
The package setup script has attempted to modify files on your system
that are not within the EasyInstall build area, and has been aborted.
This package cannot be safely installed by EasyInstall, and may not
support alternate installation locations even if you run its setup
script by hand. Please inform the package's author and the EasyInstall
maintainers to find out if a fix or workaround is available.
Solution: Upgrade the pip
package running the following command from the terminal: python3 -m pip install --upgrade pip
.
The software is provided under the Apache-2.0 license. Contributions to this project are accepted under the same license. This project contains code from other projects. The original license text is included in those source files.
All notable changes to this project will be documented in this file.
encrypt
command for pure data encryption without signingbin-dump
command to create binary file from hex stringsign-image
command with options --nonce
and --nonce-output
used for encryptioncyw20829
is used for the latest silicon revision. For the previous silicon revision (A0) add --rev option in the command line (-t cyw20829 --rev a0
)FAQs
Python tools for provisioning Cypress/Infineon MCUs
We found that cysecuretools demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security Fundamentals
The Socket Threat Research Team uncovers how threat actors weaponize shell techniques across npm, PyPI, and Go ecosystems to maintain persistence and exfiltrate data.
Security News
At VulnCon 2025, NIST scrapped its NVD consortium plans, admitted it can't keep up with CVEs, and outlined automation efforts amid a mounting backlog.
Product
We redesigned our GitHub PR comments to deliver clear, actionable security insights without adding noise to your workflow.