Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
awesome-iot-security-resource
awesome iot exploit resource
https://github.com/f1tao/awesome-iot-security-resource
Last synced: 4 days ago
JSON representation
-
Vulnerability Writeup
-
XiaoMI
- Hack Routers, Get Toys: Exploiting the Mi Router 3
- Hack Routers, Get Toys: Exploiting the Mi Router 3
- Hack Routers, Get Toys: Exploiting the Mi Router 3
- Hack Routers, Get Toys: Exploiting the Mi Router 3
- Hack Routers, Get Toys: Exploiting the Mi Router 3
- Hack Routers, Get Toys: Exploiting the Mi Router 3
- Show Mi The Vulns: Exploiting Command Injection in Mi Router 3
- 实战逻辑漏洞:三个漏洞搞定一台路由器
- 【长亭HITCON演讲视频】如何从零开始攻破一台明星IoT设备
- Exploit (Almost) All Xiaomi Routers Using Logical Bugs
- 小米R3A和R4系列路由器远程命令执行漏洞(CVE-2019-18370,CVE-2019-18371)
- 关于我们在强网杯上小米路由器非预期解这件小事
- 强网杯 2021 线下 RW Mi Router
- Xiaomi AI Speaker Authenticated RCE I: Firmware Analysis
- Xiaomi AI Speaker Authenticated RCE II: How Does MICO OTA Update Work?
- Xiaomi AI Speaker Authenticated RCE III: CVE-2020-14096
- DEFCON 26-Having fun with IoT: Reverse Engineering and Hacking of Xiaomi IoT Devices
- I hacked MiBand 3, and here is how I did it. Part I
- I hacked MiBand 3, and here is how I did it Part II — Reverse Engineering to upload Firmware and Resources Over the Air
- Hack Routers, Get Toys: Exploiting the Mi Router 3
- Show Mi The Vulns: Exploiting Command Injection in Mi Router 3
- Xiaomi Wi-Fi Repeater Analysis — IoT Exploitation/Research
- Custom Firmware for the Xiaomi AX3600 Wireless Router
- 物联网设备消息总线机制的使用及安全问题
- Rooting Xiaomi WiFi Routers
- IoT Reverse Engineering
- Show Mi The Vulns: Exploiting Command Injection in Mi Router 3
- Hack Routers, Get Toys: Exploiting the Mi Router 3
-
Car
-
TP-LINK
- Remote code execution as root from the local network on TP-Link SR20 routers
- Remote code execution as root from the local network on TP-Link SR20 routers
- TP-Link AC1750 (Pwn2Own 2019)
- EXPLOITING THE TP-LINK ARCHER A7 AT PWN2OWN TOKYO
- PWN2OWN TOKYO 2020: DEFEATING THE TP-LINK AC1750
- Exploiting n-day in Home Security Camera
- TP-Link IP43AN
-
Netgear
- Puckungfu: A NETGEAR WAN Command Injection
- CVE-2021-33514:Netgear 多款交换机命令注入漏洞
- Draconian Fear vulnerability (some NETGEAR smart switches)
- COOL VULNS DON'T LIVE LONG - NETGEAR AND PWN2OWN
- PwnAgent: A One-Click WAN-side RCE in Netgear RAX Routers with CVE-2023-24749
- Feral Terror vulnerability (some NETGEAR smart switches UPDATED 3
- Seventh Inferno vulnerability (some NETGEAR smart switches)
- Puckungfu: A NETGEAR WAN Command Injection
- nday exploit: netgear orbi unauthenticated command injection (cve-2020-27861)
- NETGEAR NIGHTHAWK R7000P UPNPD BUFFER OVERFLOW REMOTE CODE EXECUTION VULNERABILITY
- Reverse Engineering a Netgear Nday
- NETGEAR NIGHTHAWK R7000P AWS_JSON UNAUTHENTICATED DOUBLE STACK OVERFLOW VULNERABILITY
- Our Pwn2Own journey against time and randomness (part 1)
- Our Pwn2Own journey against time and randomness (part 2)
- Pwn2Own Toronto 22: Exploit Netgear Nighthawk RAX30 Routers
- NetGear 夜鹰 RAX40V2 设备与固件分析
-
BootLoader
-
Cisco
- Cisco IOS XE CVE-2023-20198 and CVE-2023-20273: WebUI Internals, Patch Diffs, and Theory Crafting
- Cisco IOS XE CVE-2023-20198: Deep Dive and POC
- Exploiting CVE-2019-1663
- Breaking Cisco RV110W, RV130, RV130W, and RV215W. Again.
- Ghetto Patch Diffing a Cisco RV110W Firmware Update
- Patch Diffing a Cisco RV110W Firmware Update (Part II)
- Cisco RV340 SSL VPN Unauthenticated Remote Code Execution as root
- Cisco IOS XE CVE-2023-20198 and CVE-2023-20273: WebUI Internals, Patch Diffs, and Theory Crafting
- Analysis of Unauthenticated Command Execution Vulnerability in Cisco IOS XE System WebUI
- Cisco RV130 – It’s 2019, but yet: strcpy
-
Printer
- Analyzing a PJL directory traversal vulnerability – exploiting the Lexmark MC3224i printer (part 2)
- Pwn2Own 2021 Canon ImageCLASS MF644Cdw writeup
- A Sheep in Wolf’s Clothing – Finding RCE in HP’s Printer Fleet
- FAXPLOIT: SENDING FAX BACK TO THE DARK AGES
- Your printer is not your printer ! - Hacking Printers at Pwn2Own Part I
- Your printer is not your printer ! - Hacking Printers at Pwn2Own Part II
- TREASURE CHEST PARTY QUEST: FROM DOOM TO EXPLOIT
- 【hitcon2022】Your printer is not your printer ! - Hacking Printers at Pwn2Own
- Analyzing a PJL directory traversal vulnerability – exploiting the Lexmark MC3224i printer (part 2)
- DryOS PIXMA Printer Shell
-
Smart Speaker
-
MQTT Protocol
-
Citrix
-
F5 BIG-IP
-
Fortigate
- Attacking SSL VPN - Part 2: Breaking the Fortigate SSL VPN
- Producing a POC for CVE-2022-42475 (Fortinet RCE)
- CVE-2022-42475
- Xortigate, or CVE-2023-27997 - The Rumoured RCE That Was
- XORtigate: Pre-authentication Remote Code Execution on Fortigate VPN (CVE-2023-27997)
- HEXACON2023 - XORtigate: zero-effort, zero-expense, 0-day on Fortinet SSL VPN by Charles Fol
- CVE-2023-27997-FortiGate-SSLVPN-HeapOverflow
- Building an Exploit for FortiGate Vulnerability CVE-2023-27997
- Two Bytes is Plenty: FortiGate RCE with CVE-2024-21762
-
Juniper
-
Pulse Secure
-
Palo Alto
-
SonicWall
-
VxWroks
-
MikroTik
-
ASUS
-
Other
-
Zyxel
-
TOTOLINK
-
Tenda
-
GL.iNET
-
Vigor
-
D-Link
- THE ANATOMY OF A BUG DOOR: DISSECTING TWO D-LINK ROUTER AUTHENTICATION BYPASSES
- Debugging D-Link: Emulating firmware and hacking hardware
- D-Link DIR-816 A2路由器安全研究分享
- Reverse Engineering a D-Link Backdoor
- D-Link DAP-X1860: Remote Command Injection
- SSD ADVISORY – D-LINK DIR-X4860 SECURITY VULNERABILITIES
-
NAS
-
Camera
- HiSilicon DVR hack
- Hacking the Furbo Dog Camera: Part I
- Hacking the Furbo Dog Camera: Part II
- Hacking a Tapo TC60 Camera
- Black Hat 2013 - Exploiting Network Surveillance Cameras Like a Hollywood Hacker
- Exploiting: Buffer overflow in Xiongmai DVRs
- Hacking the Furbo Dog Camera: Part III Fun with Firmware
-
ConnectedIO
-
-
Firmware
-
Firmware Analysis
-
Firmware Extraction
- Bypassing software update package encryption – extracting the Lexmark MC3224i printer firmware (part 1)
- Dumping Flash Content
- 智能设备漏洞挖掘之固件提取
- MindShare: Dealing With Encrypted Router Firmware
- Zyxel firmware extraction and password analysis
- Reverse Engineering Yaesu FT-70D Firmware Encryption
- Intro to Embedded RE: UART Discovery and Firmware Extraction via UBoot
- Breaking Fortinet Firmware Encryption
- Bypassing software update package encryption – extracting the Lexmark MC3224i printer firmware (part 1)
-
Firmware Emulation
-
-
Tool
-
Firmware Emulation
-
Firmware Extraction
-
Firmware Analysis
-
Debug Tool
-
Other
-
-
Exploitation Method
-
Heap Spray
-
Uninitialized Pointer Vulnerability
-
BSS Overflow
-
Heap Overflow
-
-
Blog
-
Hardware Crack
-
Heap Overflow
- Methods for Extracting Firmware from OT Devices for Vulnerability Research
- Hacking Some More Secure USB Flash Drives (Part I)
- Hardware Hacking to Bypass BIOS Passwords
- Exception(al) Failure - Breaking the STM32F1 Read-Out Protection
- Pwn the ESP32 crypto-core
- Extract Firmware from OT Devices for Vulnerability Research
- Hacking Some More Secure USB Flash Drives (Part II)
-
Fault Injection
-
-
Specification
-
Firmware Extraction
-
-
Fundamental
Categories
Sub Categories
XiaoMI
28
Netgear
16
Firmware Extraction
15
Other
14
Printer
10
Cisco
10
Fortigate
9
Car
8
Heap Overflow
8
Firmware Analysis
8
Camera
7
TP-LINK
7
D-Link
6
BootLoader
5
Vigor
5
Fault Injection
4
Tenda
4
F5 BIG-IP
3
Citrix
3
TOTOLINK
3
MQTT Protocol
3
NAS
3
Zyxel
3
SonicWall
3
Smart Speaker
2
Heap Spray
2
Debug Tool
2
Juniper
2
Firmware Emulation
2
BSS Overflow
1
Palo Alto
1
VxWroks
1
Uninitialized Pointer Vulnerability
1
Pulse Secure
1
GL.iNET
1
MikroTik
1
ASUS
1
ConnectedIO
1
Keywords
reverse-engineering
4
firmware-tools
3
firmware-analysis
3
security
2
linux
2
firmware
2
penetration-testing
1
iot
1
infosec
1
hacking
1
embedded-systems
1
embedded-linux
1
binary-analysis
1
artificial-intelligence
1
unpacker
1
repacking
1
ctf
1
python
1
filesystem
1
extraction
1
compression
1
archive
1
zipcrypto
1
zipcracker
1
zip
1
plaintext-attack
1
pkzip
1
password
1
multithread
1
cracking
1
crack
1
ciphertext
1
attack
1
gef
1
gdbserver
1
gdb
1
exploit
1
debug
1
vulnerability-scanners
1
vulnerability-scanner
1
static-analyzer
1
shell
1
security-tools
1
pentesting
1