How to hack to an embedded device? On-chip debug (OCD) interfaces can provide chip-level control of a target device and are a primary vector used by engineers, researchers, and hackers to extract program code or data, modify memory contents, or affect device operation on-the-fly. Depending on the complexity of the target device, manually locating available OCD connections can be a difficult and time consuming task.
Hackaday posting DEF CON: Tamper Evidence, Contests, and Embedded Talks pointed to an interesting looking hardware JTAGulator.
JTAGulator is an open source hardware tool that assists in identifying OCD connections from test points, vias, or component pads on a target device. It gives 24 I/O channels (adjustable from 1.2V to 3.3V levels) with input protection circuitry. Supported target interfaces are JTAG/IEEE 1149.1 and UART/asynchronous serial. The device connects to host computer through USB.
I have not tested this device, but this looks interesting.