awesome-connected-things-sec
A Curated list of Security Resources for all connected things
https://github.com/V33RU/awesome-connected-things-sec
Last synced: 4 days ago
JSON representation
-
🗂️ Resource Index
-
Fuzzing Things
- Snipuzz : Black-box Fuzzing of IoT Firmware via Message Snippet Inference
- Fuzzowski - the Network Protocol Fuzzer that we will want to use
- OWASP Fuzzing Info
- Fuzzing_ICS_protocols
- Fuzz Testing of Application Reliability
- FIRM-AFL : High-Throughput Greybox Fuzzing of IoT Firmware via Augmented Process Emulation
- fuzzing-iot-binaries - iot-binaries-with-afl-part-ii/)
- Modern Vulnerability Research Techniques on Embedded Systems
- FuzzingPaper
- Exercises to learn how to fuzz with American Fuzzy Lop
- Broadcom and Cypress firmware emulation for fuzzing and further full-stack debugging
- Bluetooth experimentation framework for Broadcom and Cypress chips.
- Fuzzing Forum
-
Villages
-
Books for IoT Penetration Testing
- PatrIoT: Practical and Agile Threat Research for IoT by Emre Süren
- Hardware Security Training, Hands-on!
- Security Issues in Mobile NFC Devices (Michael Roland)
- Hardware Hacking: Have Fun while Voiding your Warranty by Joe Grand
- Hacking the Xbox: An Introduction to Reverse Engineering by Andrew "bunnie" Huang
- Applied Cyber Security and the Smart Grid by Eric D. Knapp & Raj Samani
- Practical Binary Analysis
- Practical Hardware Pentesting by Jean-Georges Valle
- Black Hat Python, 2nd Edition
- PatrIoT: Practical and Agile Threat Research for IoT by Emre Süren
- Practical Hardware Pentesting – Second Edition
- Fuzzing Against the Machine: Automate vulnerability research with emulated IoT devices on QEMU
- Hardware Security Training, Hands-on!
- The Firmware Handbook (Embedded Technology) by Jack Ganssle
- Linksys WRT54G Ultimate Hacking by Paul Asadoorian
- Near Field Communication (NFC): From Theory to Practice
- Android Hacker's Handbook by Joshua J. Drake
- The Art of PCB Reverse Engineering by Keng Tiong
- Abusing the Internet of Things by Nitesh Dhanjani
- Learning Linux Binary Analysis by Ryan "elfmaster" O'Neill
- Inside Radio: An Attack and Defense Guide by Qing Yang, Lin Huang
- Pentest Hardware (online handbook, GitHub)
- Gray Hat Hacking: The Ethical Hacker's Handbook, 5th Edition
- Intro to Bluetooth Low Energy (Afaneh, PDF)
- Bluetooth® LE Security Study Guide
- The Hardware Hacking Handbook by Jasper van Woudenberg & Colin O'Flynn
- Practical IoT Hacking: The Definitive Guide
- Manual PCB-RE: The Essentials by Keng Tiong
- PatrIoT: Practical and Agile Threat Research for IoT by Emre Süren
- Hardware Security Training, Hands-on!
- Embedded Systems Security and TrustZone
- Practical Binary Analysis by Dennis Andriesse
- Hack the Airwaves: Advanced BLE Exploitation Techniques
- Microcontroller Exploits
- The Ultimate Hardware Hacking Gear Guide (GitHub)
- Security Issues in Mobile NFC Devices (Michael Roland)
- Mastering Hardware Hacking: Breaking and Securing Embedded Systems
- Practical Hardware Pentesting (2nd Edition) – Amazon.in
- Hardware Security: Challenges and Solutions
- The Definitive Handbook on Reverse Engineering Tools
- Ghidra Software Reverse-Engineering for Beginners (2nd Edition)
- IOActive E-Book: The State of Silicon Chip Hacking in 2025
- PatrIoT: Practical and Agile Threat Research for IoT by Emre Süren
- Hardware Security Training, Hands-on!
- Security Issues in Mobile NFC Devices (Michael Roland)
- PatrIoT: Practical and Agile Threat Research for IoT by Emre Süren
- Hardware Security Training, Hands-on!
- PatrIoT: Practical and Agile Threat Research for IoT by Emre Süren
- Hardware Security Training, Hands-on!
- Security Issues in Mobile NFC Devices (Michael Roland)
-
IoT Web and Message Services
- IoT Security: RCE in MQTT Protocol
- Radware – CoAP Protocol Overview
- Introduction to MQTT
- The Seven Best MQTT Client Tools
- A Guide to MQTT by Hacking a Doorbell to Send Push Notifications (Video)
- Authenticating & Authorizing Devices Using MQTT with Auth0
- WailingCrab Malware Evolves Using MQTT for Stealthier C2 Communication
- MQTT on Snapcraft
- Raspberry Pi / Arduino + 6LoWPAN
- Radware – CoAP Protocol Overview
- Webasha – IoT Pentest Lab Setup Guide (2025)
- MQTT Broker Security - 101
- Hacking the IoT with MQTT
- Are Smart Homes Vulnerable to Hacking?
- Servisnet Tessa - MQTT Credentials Dump (Unauthenticated) (Metasploit)
- Eclipse Mosquitto MQTT broker 2.0.9 - 'mosquitto' Unquoted Service Path
- IoT Security: RCE in MQTT Protocol
- Penetration testing of Sesame Smart door lock
- CVE-2020-13849
- CVE-2023-3028
- CVE-2021-0229
- CVE-2019-5432
- Using IoT MQTT for V2V and Connected Car
- MQTT with Hardware Development Information
- IoT Live Demo: 100,000 Connected Cars with Kubernetes, Kafka, MQTT, TensorFlow
- Nmap MQTT Library
- A Guide to MQTT by Hacking a Doorbell to Send Push Notifications (Video)
- Understanding the MQTT Protocol Packet Structure
- Deep Learning UDF for MQTT IoT Sensor Data Anomaly Detection
- IoXY - MQTT Intercepting Proxy
- Mosquitto - An Open Source MQTT Broker
- HiveMQ
- MQTT Explorer
- Welcome to MQTT-PWN!
- Alert: New WailingCrab Malware Loader
- Read the Draft
- Read the Blog
- CoAP NSE (Nmap)
- Copper (Firefox plugin)
- libcoap (CLI Tools) - based CoAP library with CLI
- Scapy CoAP Plugin
- Peach Fuzzer (Commercial)
- Zolertia
- RTL-SDR - Fi Sniffers](https://www.wireshark.org/) – For CoAP/UDP traffic analysis
- SpectralOps – Top Protocol Security Issues
- Radware – CoAP Protocol Overview
- Recorded Future – CoAP Exposure Study (2024)
- RFC 8613 – OSCORE
- RFC 8323 – CoAP over TCP
- RFC 8824 – SCHC Header Compression
- Radware – CoAP Protocol Overview
- Radware – CoAP Protocol Overview
- Radware – CoAP Protocol Overview
-
RADIO HACKER QUICK START GUIDE
- Introduction to Software Defined Radio
- Complete course in Software Defined Radio (SDR) by Michael Ossmann
- SDR Notes - Radio IoT Protocols Overview
- Understanding Radio
- Introduction Gnuradio companion
- Creating a flow graph in gunradiocompanion
- Analysing radio signals 433Mhz
- Recording specific radio signal
- Replay Attacks with raspberrypi -rpitx
-
🛡️ General Information & Community
-
Technical Research and Hacking
- Printer Hacking Live Sessions - Gamozo Labs
- LED Light Hacking
- Your Lenovo Watch X Is Watching You & Sharing What It Learns
- Your Smart Scale is Leaking More than Your Weight: Privacy Issues in IoT
- Subaru Head Unit Jailbreak
- Jeep Hack
- Dropcam Hacking
- LED Light Hacking
- PS4 Jailbreak – the current status
- Besder 6024PB-XMA501 IP camera security analysis
- Smart Lock Vulnerabilities
-
Community and Discussion Platforms
-
Search Engines for Internet-Connected Devices
-
YouTube Channels for IoT Pentesting
-
IoT Vulnerabilites Checking Guides
-
IoT Gateway Software
-
Introduction
-
Cellular Hacking GSM BTS
- SS7 Network Architecture
- Breaking LTE on Layer Two
- Fake BTS Detector (SCL-8521)
- Awesome-Cellular-Hacking
- what is base tranceiver station
- How to Build Your Own Rogue GSM BTS
- 5Ghoul - 5G NR Attacks & 5G OTA Fuzzing
- Introduction to GSM Security
- GSM Security 2
- vulnerabilities in GSM security with USRP B200
- Security Testing 4G (LTE) Networks
- Case Study of SS7/SIGTRAN Assessment
- Telecom Signaling Exploitation Framework - SS7, GTP, Diameter & SIP
- ss7MAPer – A SS7 pen testing toolkit
- Introduction to SIGTRAN and SIGTRAN Licensing
- SS7 Network Architecture
- Introduction to SS7 Signaling
- LTE Sniffer
-
Zigbee ALL Stuff
- Introduction and protocol Overview
- ZigBee & Z-Wave Security Brief
- APIMOTE IEEE 802.15.4/ZIGBEE SNIFFING HARDWARE
- RaspBee-The Raspberry Pi Zigbee gateway
- ATUSB IEEE 802.15.4 USB Adapter
- Hacking Zigbee Devices with Attify Zigbee Framework
- Hands-on with RZUSBstick
- Hacking ZigBee Networks
- Zigator: Analyzing the Security of Zigbee-Enabled Smart Homes
- Security Analysis of Zigbee Networks with Zigator and GNU Radio
- Low-Cost ZigBee Selective Jamming
- zigbear
- ZigDiggity
- Zigator
- Z3sec
- USRP SDR 2
- nRF52840-Dongle
-
BLE Intro and SW-HW Tools to pentest
- hcitool & bluez
- Testing With GATT Tool
- Ubertooth
- awesome-bluetooth-security
- BLE-NullBlr: Step By Step guide to BLE Understanding and Exploiting
- Traffic Engineering in a Bluetooth Piconet (PDF)
- BLE Characteristics: A Beginner's Tutorial
- Bluing - An intelligence gathering tool for hacking Bluetooth
- BlueToolkit is an extensible Bluetooth Classic vulnerability testing framework
- btproxy
- crackle - Cracking encryption
- bettercap
- BtleJuice Bluetooth Smart Man-in-the-Middle framework
- gattacker
- BTLEjack Bluetooth Low Energy Swiss army knife
- DEDSEC-Bluetooth-exploit
- BrakTooth Proof of Concept-Blutooth Classic Attacks
- sweyntooth_bluetooth_low_energy_attacks Public
- esp32_bluetooth_classic_sniffer Public
- ESP32 - Development and learning Bluetooth
- ESP-WROVER-KIT-VB
- Blue2thprinting: Answering the Question of 'WTF am I even looking at?!'
- Open Wounds: The Last 5 Years Have Left Bluetooth to Bleed
- It Was Harder to Sniff Bluetooth Through My Mask During the Pandemic...
- Examining the August Smart Lock
- Finding Bugs in Bluetooth
- Intel Edison as Bluetooth LE — Exploit Box
- How I Reverse Engineered and Exploited a Smart Massager
- My Journey Towards Reverse Engineering a Smart Band — Bluetooth-LE RE
- Bluetooth Smartlocks
- I Hacked MiBand 3
- GATTacking Bluetooth Smart Devices
- Bluetooth Beacon Vulnerability
- Sweyntooth Vulnerabilities
- AIRDROP_LEAK - Sniffs BLE Traffic and Displays Status Messages from Apple Devices
- BRAKTOOTH: Causing Havoc on Bluetooth Link Manager
- Practical Introduction to BLE GATT Reverse Engineering: Hacking the Domyos EL500
- MojoBox - Yet Another Not So Smartlock
- Bluetooth-Hacking
- Bluetooth Forward and Future Secrecy Attacks and Defenses (BLUFFS) [CVE 2023-24023
- CSR 4.0
-
DECT (Digital Enhanced Cordless Telecommunications)
-
Mobile security (Android & iOS)
- Android Application Pentesting Book - A detailed book on penetration testing techniques for Android devices.
- Android Pentest Video Course - TutorialsPoint - A series of video tutorials on Android penetration testing.
- iOS Pentesting - A guide to penetration testing in iOS environments.
- Android Tamer - A Virtual/Live Platform for Android Security professionals, offering tools and environment for Android security.
- OWASP Mobile Security Testing Guide - The Open Web Application Security Project's guide for mobile security testing, applicable to iOS.
-
Pentesting Firmwares and emulating and analyzing
- **Binwalk v3** – Extraction and static filesystem analysis for firmware images
- **QueryX** – Static taint-tracking and binary analysis for firmware
- **FirmGraph** – Builds control/call graphs from firmware binary code
- **fchk** – Security checks for firmware images
- **Bochs** – IA-32 (x86) PC emulator
- **SymQEMU** – Symbolic execution for Linux binaries
- **HALucinator** – HAL reconstruction for emulated firmware
- **FirmAE** – Automated emulation/analysis of firmware
- Firmware analysis and reversing
- OWASP Firmware Security Testing Methodology
- Reverse engineering with #Ghidra: Breaking an embedded firmware encryption scheme
- Simulating and hunting firmware vulnerabilities with Qiling
- Using Symbolic Execution to Detect UEFI Firmware Vulnerabilities
- Firmware emulation with QEMU
- Reversing ESP8266 Firmware
- Emulating ARM Router Firmware
- Reversing Firmware With Radare
- Samsung Firmware Magic - Unpacking and Decrypting
- Qiling & Binary Emulation for automatic unpacking
- Emulating and Exploiting UEFI Firmware
- IoT binary analysis & emulation part -1
- ross debugging for ARM / MIPS ELF with QEMU/toolchain
- Qemu + buildroot 101
- Emulating IoT Firmware Made Easy: Start Hacking Without the Physical Device
- Adaptive Emulation Framework for Multi-Architecture IoT Firmware Testing
- Automatic Firmware Emulation through Invalidity-guided Knowledge Inference
- Debugging D-Link: Emulating firmware and hacking hardware
- **EMBA** – Analyzer for embedded Linux firmware (static scanning, reporting)
- **FACT** – Firmware Analysis and Comparison Tool
- **Firmwalker** – Greps for credentials/secrets in extracted firmware
- **fwhunt-scan** – Analyze UEFI firmware, check modules with FwHunt rules
- **ByteSweep** – Modern, multi-arch firmware vulnerability scanner
- **BINSEC** – Symbolic/taint-based static analysis of binaries
- **Ghidra** – Advanced static disassembly and decompilation
- **Radare2** – Static/dynamic reverse engineering, disassembly
- **Cutter** – GUI for Radare2 with static/dynamic features
- **RetDec** – Machine-code decompiler
- **Diaphora** – Binary diffing for firmware/patch analysis
- **unblob** – Extraction framework for embedded filesystems/blobs
- **Checksec.sh** – Checks binary hardening (for firmware ELF files)
- **Firmadyne** – Automated Linux firmware emulation and analysis
- **QEMU** – System emulator for firmware images
- **PANDA** – Platform for architecture-neutral dynamic analysis (record/replay, taint, fuzz)
- **Avatar2** – Dynamic firmware analysis/instrumentation
- **Renode** – Emulates embedded systems, SoCs, peripherals
- **Unicorn Engine** – Multi-architecture CPU emulator
- **Boofuzz** – Network/protocol fuzzing for firmware targets
- **Syzkaller** – Kernel fuzzer for Linux/firmware
- **Dr. Memory** – Dynamic memory analysis (adaptable for firmware)
- **S2E** – Selective symbolic execution for binary software
- **FirmWire** – Baseband firmware emulation (cellular/IoT)
- **Firmware Analysis Toolkit (FAT)** – Hybrid static/dynamic workflow for firmware
- **Angr** – Symbolic execution and hybrid static/dynamic binary analysis
- **Frida** – Dynamic instrumentation toolkit
- **Qiling** – Emulator supporting static/dynamic analysis of binaries/firmware
- **Ret-sync** – Sync reverse engineering across Ghidra/IDA/R2
- Reversing 101
- IoT Security Verification Standard (ISVS)
-
Binary Analysis
-
Secureboot
- Eclypsium Discovers Multiple Vulnerabilities Affecting 129 Dell Models Via Dell Remote OS Recovery And Firmware Update Capabilities
- Writing a Bootloader
- Pwn the ESP32 Secure Boot
- Pwn the ESP32 Forever: Flash Encryption and Sec. Boot Keys Extraction
- Amlogic S905 SoC: bypassing the (not so) Secure Boot to dump the BootROM - software.com/2016/10/06/hacking-arm-trustzone-secure-boot-on-amlogic-s905-soc/)
- Defeating Secure Boot with Symlink Attacks
- PS4 Aux Hax 5 & PSVR Secure Boot Hacking with Keys by Fail0verflow!
- Technical Advisory – U-Boot – Unchecked Download Size and Direction in USB DFU (CVE-2022-2347)
- Breaking Secure Boot on the Silicon Labs Gecko platform
-
Storage Medium
-
IoT hardware Overview and Hacking
- Bus Pirate
- EEPROM reader/SOIC Cable
- Hak5Gear- Hak5FieldKits
- Ultra-Mini Bluetooth CSR 4.0 USB Dongle Adapter
- Attify Badge - UART, JTAG, SPI, I2C (w/ headers)
- REVERSE ENGINEERING ARCHITECTURE AND PINOUT OF CUSTOM ASICS
- How to Flash Chip of a Router With a Programmer
- Extracting Flash Memory over SPI
- Extracting Firmware from Embedded Devices (SPI NOR Flash)
- SPI-Blogs
- UART Connections and Dynamic analysis on Linksys e1000
- How To Find The JTAG Interface - Hardware Hacking Tutorial
- Buspirate JTAG Connections - Openocd
- Extracting Firmware from External Memory via JTAG
- Breaking AES with ChipWhisperer - Piece of scake (Side Channel Analysis 100)
- NAND Glitching Attack - Gaining root access to a Wink Hub through NAND glitching.
- IoT Hardware Guide
- Intro To Hardware Hacking - Dumping Your First Firmware
- Jtagulator/Jtagenum
- Logic Analyzer
- The Shikra
- FaceDancer21 (USB Emulator/USB Fuzzer)
- RfCat
- An Introduction to Hardware Hacking
- Serial Terminal Basics
- Reverse Engineering Serial Ports
- REVERSE ENGINEERING ARCHITECTURE AND PINOUT OF CUSTOM ASICS
- ChipWhisperer - Hardware attacks
- Hardware hacking tutorial: Dumping and reversing firmware
- Dumping the firmware From Router using BUSPIRATE - SPI Dump
- TPM 2.0: Extracting Bitlocker keys through SPI
- SPI-Blogs
- Reading FlashROMS - Youtube
- Intro to Embedded RE: UART Discovery and Firmware Extraction via UBoot
- Router Analysis Part 1: UART Discovery and SPI Flash Extraction
- Identifying UART interface
- onewire-over-uart
- Accessing sensor via UART
- Using UART to connect to a chinese IP cam
- A journey into IoT – Hardware hacking: UART
- UARTBruteForcer
- Accessing and Dumping Firmware Through UART
- UART Exploiter
- Analyzing JTAG
- The hitchhacker’s guide to iPhone Lightning & JTAG hacking
- Debugging 8-bit AVR® microcontrollers trhough JTAG and AVR-gdb
- Introduction to TPM (Trusted Platform Module)
- Trusted platform module security defeated in 30 minutes, no soldering required
- Side channel attacks
- Attacks on Implementations of Secure Systems
- fuzzing, binary analysis, IoT security, and general exploitation
- Espressif ESP32: Bypassing Encrypted Secure Boot(CVE-2020-13629)
- Researchers use Rowhammer bit flips to steal 2048-bit crypto key
- Tutorial CW305-4 Voltage Glitching with Crowbars - Detailed tutorial on voltage glitching using crowbars.
- Voltage Glitching Attack using SySS iCEstick Glitcher - A demonstration of a voltage glitching attack by SySS PentestTV.
- Samy Kamkar - FPGA Glitching & Side Channel Attacks - Insights on FPGA glitching and side channel attacks from Samy Kamkar.
- Hardware Power Glitch Attack - rhme2 Fiesta (FI 100) - A hardware power glitch attack demonstration by LiveOverflow.
- Keys in flash - Glitching AES keys from an Arduino / ATmega - Extracting AES keys from an Arduino using glitching.
- Implementing Practical Electrical Glitching Attacks - A guide on implementing electrical glitching attacks, presented at Black Hat Europe 2015.
- How To Voltage Fault Injection - A comprehensive guide on voltage fault injection techniques.
-
Vulnerable IoT and Hardware Applications
- IoT-vulhub - `Collection of Dockerized vulnerable IoT applications for learning about IoT security.`
- Damn Vulnerable Chemical Process - `A presentation on a vulnerable SCADA system for learning purposes.`
- Hacklab VulnVoIP - `A vulnerable VoIP application for learning and training.`
- DVID - `Deliberately vulnerable IoT device firmware for training and educational purposes.`
- Damn Vulnerable Safe - `A physical safe designed to be vulnerable, intended for security training.`
- Sticky Fingers DV-Pi - `A vulnerable Raspberry Pi project for educational use.`
- Damn Vulnerable SS7 Network - `Demonstrates vulnerabilities in SS7 networks.`
- Hardware Hacking 101 - `A repository for learning the basics of hardware hacking.`
- RHme-2015 - `Archive of the RHme-2015 hardware hacking competition.`
- Rhme-2016 - `Archive of the RHme-2016 hardware hacking competition.`
- Rhme-2017 - `Archive of the RHme-2017 hardware hacking competition.`
-
CTF For IoT And Embeddded
- Emulate to Exploitate
- Firmware Security Training & CTF - Firmware analysis tools and challenges by Router Analysis Toolkit.
- BLE CTF - A framework focused on Bluetooth Low Energy security.
- IoTGoat - Deliberately insecure firmware based on OpenWrt for IoT security training.
- IoT Village CTF - A Capture The Flag event specifically focused on IoT security.
- IoTSec CTF - Offers IoT related challenges for continuous learning.
- ARM-X CTF - A set of challenges focused on ARM exploitation.
- Azeria Labs ARM Challenges - Offers ARM assembly challenges and tutorials.
- Microcorruption - Embedded security CTF focusing on lock systems.
- Pwnable.kr - Offers various reverse engineering challenges.
- Root Me - Platform with various types of challenges including hardware and reverse engineering.
- CTFtime - Lists various CTFs, including those in hardware, IoT, and firmware.
-
follow the people
-
Blogs for IoT Pentest
- **W00tsec Blog**
- **IoT Pentest Blog**
- **Duo Decipher Blog**
- **0x42424242.in Blog**
- **Quarkslab Blog**
- **F-Secure Labs Blog**
- **MG.lol Blog**
- **Bunnie's Blog**
- **Attify Blog**
- Team82 Research
- wrongbaud
- Firmware Analysis
- **voidstarsec**
- **Exploitee.rs Website**
- **Jilles.com**
- **Syss Tech Blog**
- **Payatu Blog**
- **Raelize Blog**
- **JCJC Dev Blog**
- **Devttys0 Blog**
- **Embedded Bits Blog**
- **Keenlab Blog**
- **Courk.cc**
- **IoT Security Wiki**
- **Cybergibbons Blog**
- **Firmware.RE**
- **K3170makan Blog**
- **Tclaverie Blog**
- **Besimaltinok Blog**
- **Ctrlu Blog**
- **Sp3ctr3 Blog**
- **0x42424242.in Blog**
- **Dantheiotman Blog**
- **Danman Blog**
- **Quentinkaiser Blog**
- **Ice9 Blog**
- **CJHackerz Blog**
- **Synacktiv Publications**
- **Cr4.sh Blog**
- **Ktln2 Blog**
- **Naehrdine Blog**
- **Limited Results Blog**
- **Fail0verflow Blog**
- **Exploit Security Blog**
-
Firmware samples to pentest
-
Symlinks Attacks
-
Payment Device Security
-
Awesome IoT Pentesting Guides
-
Proof of Concepts known Device Vulnerabilities
-
IoT and Hardware Security Trainings
-
Awesome CheatSheets
-
IoT Pentesting OSes
- Sigint OS- LTE IMSI Catcher
- Instatn-gnuradio OS - For Radio Signals Testing
- Ubutnu Best Host Linux for IoT's - Use LTS
- Internet of Things - Penetration Testing OS v1
- Dragon OS - DEBIAN LINUX WITH PREINSTALLED OPEN SOURCE SDR SOFTWARE
- EmbedOS - Embedded security testing virtual machine
- Skywave Linux- Software Defined Radio for Global Online Listening
- A Small, Scalable Open Source RTOS for IoT Embedded Devices
- ICS - Controlthings.io
- AttifyOS - IoT Pentest OS - by Aditya Gupta
-
Exploitation Tools
- Expliot - IoT Exploitation framework - by Aseemjakhar
- Routersploit (Exploitation Framework for Embedded Devices)
- IoTSecFuzz (comprehensive testing for IoT device)
- killerbee - Zigbee exploitation
- PRET - Printer Exploitation Toolkit
- HAL – The Hardware Analyzer
- FwAnalyzer (Firmware Analyzer)
- ISF(Industrial Security Exploitation Framework
- PENIOT: Penetration Testing Tool for IoT
- MQTT-PWN
-
Reverse Engineering Tools
- GDB
- Radare2 - source framework for reverse engineering and analyzing binaries; includes a disassembler for multiple architectures.
- Cutter - friendly interface as well as additional features.
- Ghidra
- Binary Ninja
- OllyDbg
- x64dbg - source x64/x32 debugger for windows with a focus on plugin support and scriptability.
- Hopper
- Immunity Debugger
- PEiD
-
NFC-RFID
-
Online Assemblers
-
ARM
-
Programming Languages
Categories
Sub Categories
IoT hardware Overview and Hacking
60
Pentesting Firmwares and emulating and analyzing
58
IoT Web and Message Services
53
Books for IoT Penetration Testing
50
Blogs for IoT Pentest
44
BLE Intro and SW-HW Tools to pentest
41
Cellular Hacking GSM BTS
18
Zigbee ALL Stuff
17
follow the people
15
Fuzzing Things
13
CTF For IoT And Embeddded
12
Vulnerable IoT and Hardware Applications
11
Technical Research and Hacking
11
Reverse Engineering Tools
10
Search Engines for Internet-Connected Devices
10
IoT Pentesting OSes
10
Exploitation Tools
10
Secureboot
9
RADIO HACKER QUICK START GUIDE
9
YouTube Channels for IoT Pentesting
7
Community and Discussion Platforms
6
Storage Medium
6
Villages
5
Mobile security (Android & iOS)
5
Introduction
4
ARM
4
IoT Vulnerabilites Checking Guides
3
Payment Device Security
3
DECT (Digital Enhanced Cordless Telecommunications)
3
Binary Analysis
3
Online Assemblers
3
Awesome IoT Pentesting Guides
3
Awesome CheatSheets
2
Symlinks Attacks
1
Firmware samples to pentest
1
Proof of Concepts known Device Vulnerabilities
1
NFC-RFID
1
IoT Gateway Software
1
🛡️ General Information & Community
1
IoT and Hardware Security Trainings
1
Keywords
security
18
reverse-engineering
12
iot
9
python
8
fuzzing
6
ble
5
linux
5
hacking
5
embedded
4
qemu
4
bluetooth
4
mqtt
3
testing
3
firmware-analysis
3
firmware-tools
3
android
3
firmware
3
x86
3
arm
3
security-tools
3
exploitation
3
binary-analysis
3
disassembler
3
analysis
3
debugger
2
hardware
2
software-analysis
2
filesystem
2
radare2
2
awesome
2
penetration-testing
2
fuzz-testing
2
uefi
2
embedded-systems
2
kernel
2
samsung
2
scanner
2
sdr
2
reconnaissance
2
spoofing
2
security-automation
2
cypress
2
broadcom
2
emulator
2
binary
2
framework
2
scapy
1
pcap
1
unicorn-engine
1
packet-sniffer
1