Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
IoTSecurity101
A Curated list of IoT Security Resources
https://github.com/V33RU/IoTSecurity101
Last synced: 3 days ago
JSON representation
-
**Specific Topics in IoT Security**
-
Books for IoT Penetration Testing
- Applied Cyber Security and the Smart Grid: Implementing Security Controls into the Modern Power Infrastructure by Eric D. Knapp , Raj Samani
- PatrIoT: practical and agile threat research for IoT by Emre Süren
- Hardware Security Training, Hands-on!
- PatrIoT: practical and agile threat research for IoT by Emre Süren
- Hardware Security Training, Hands-on!
- PatrIoT: practical and agile threat research for IoT by Emre Süren
- Hardware Security Training, Hands-on!
- PatrIoT: practical and agile threat research for IoT by Emre Süren
- Hardware Security Training, Hands-on!
- Practical IoT Hacking-The Definitive Guide to Attacking the Internet of Things by Fotios Chantzis, Ioannis Stais, Paulino Calderon, Evangelos Deirmentzoglou, Beau Woods
- The Firmware Handbook (Embedded Technology) 1st Edition by Jack Ganssle
- Manual PCB-RE: The Essentials
- Hardware Hacking: Have Fun while Voiding your Warranty 1st Edition
- Linksys WRT54G Ultimate Hacking 1st Edition by Paul Asadoorian
- Applied Cyber Security and the Smart Grid: Implementing Security Controls into the Modern Power Infrastructure by Eric D. Knapp , Raj Samani
- Android Hacker's Handbook by Joshua J. Drake
- The Art of Pcb Reverse Engineering: Unravelling the Beauty of the Original Design
- Abusing the Internet of Things: Blackouts, Freakouts, and Stakeouts 1st Edition, by Nitesh Dhanjani
- Learning Linux Binary Analysis By Ryan "elfmaster" O'Neill
- Car hacker's handbook by Craig Smith
- IoT Penetration Testing Cookbook By Aaron Guzman , Aditya Gupta
- Inside Radio: An Attack and Defense Guide by Authors: Yang, Qing, Huang, Lin
- Gray Hat Hacking: The Ethical Hacker's Handbook, Fifth Edition 5th Edition by Daniel Regalado , Shon Harris , Allen Harper , Chris Eagle , Jonathan Ness , Branko Spasojevic , Ryan Linn , Stephen Sims
- Practical Hardware Pentesting
- The Hardware Hacking Handbook: Breaking Embedded Security with Hardware Attacks Front Cover Jasper van Woudenberg, Colin O'Flynn
- PatrIoT: practical and agile threat research for IoT by Emre Süren
- Practical Hardware Pentesting - Second Edition
- Blue Fox: Arm Assembly Internals & Reverse Engineering
- Fuzzing Against the Machine: Automate vulnerability research with emulated IoT devices on QEMU
- Hardware Security Training, Hands-on!
- Automotive Cybersecurity Engineering Handbook: The automotive engineer's roadmap to cyber-resilient vehicles Series
- Embedded Systems Security and TrustZone
- Microcontroller Exploits
- Metasploit, 2nd Edition
- Engineering Secure Devices
- PatrIoT: practical and agile threat research for IoT by Emre Süren
- Practical Hardware Pentesting - Second Edition
- Hardware Security Training, Hands-on!
- Learning Linux Binary Analysis By Ryan "elfmaster" O'Neill
- PatrIoT: practical and agile threat research for IoT by Emre Süren
- Hardware Security Training, Hands-on!
- PatrIoT: practical and agile threat research for IoT by Emre Süren
- Hardware Security Training, Hands-on!
-
IoT Web and Message Services
- IoT Security: RCE in MQTT Protocol
- IoT Security: RCE in MQTT Protocol
- IoT Security: RCE in MQTT Protocol
- IoT Security: RCE in MQTT Protocol
- Introduction to MQTT
- MQTT Broker Security - 101
- Hacking the IoT with MQTT
- Are Smart Homes Vulnerable to Hacking?
- Servisnet Tessa - MQTT Credentials Dump (Unauthenticated) (Metasploit)
- Eclipse Mosquitto MQTT broker 2.0.9 - 'mosquitto' Unquoted Service Path
- IoT Security: RCE in MQTT Protocol
- Penetration testing of Sesame Smart door lock
- CVE-2020-13849
- CVE-2023-3028
- CVE-2021-0229
- CVE-2019-5432
- Using IoT MQTT for V2V and Connected Car
- MQTT with Hardware Development Information
- IoT Live Demo: 100,000 Connected Cars with Kubernetes, Kafka, MQTT, TensorFlow
- Nmap MQTT Library
- The Seven Best MQTT Client Tools
- A Guide to MQTT by Hacking a Doorbell to Send Push Notifications (Video)
- Understanding the MQTT Protocol Packet Structure
- Authenticating & Authorizing Devices Using MQTT with Auth0
- IoXY - MQTT Intercepting Proxy
- Mosquitto - An Open Source MQTT Broker
- HiveMQ
- MQTT Explorer
- Welcome to MQTT-PWN!
- WailingCrab Malware Evolves Using MQTT for Stealthier C2 Communication
- Alert: New WailingCrab Malware Loader
- MQTT on Snapcraft
- Introduction
- CoAP client Tools
- CoAP Pentest Tools
- Nmap - NSE for coap
- IoT Security: RCE in MQTT Protocol
- IoT Security: RCE in MQTT Protocol
- Authenticating & Authorizing Devices Using MQTT with Auth0
- IoT Security: RCE in MQTT Protocol
-
Blogs for IoT Pentest
- **Devttys0 Blog**
- **Wrongbaud Blog**
- Firmware Analysis
- **voidstarsec**
- **Exploitee.rs Website**
- **Jilles.com**
- **Syss Tech Blog**
- **Payatu Blog**
- **Raelize Blog**
- **JCJC Dev Blog**
- **Devttys0 Blog**
- **Embedded Bits Blog**
- **RTL-SDR Blog**
- **Keenlab Blog**
- **Courk.cc**
- **IoT Security Wiki**
- **Cybergibbons Blog**
- **Firmware.RE**
- **K3170makan Blog**
- **Tclaverie Blog**
- **Besimaltinok Blog**
- **Ctrlu Blog**
- **Duo Decipher Blog**
- **Sp3ctr3 Blog**
- **0x42424242.in Blog**
- **Dantheiotman Blog**
- **Danman Blog**
- **Quentinkaiser Blog**
- **Ice9 Blog**
- **MG.lol Blog**
- **CJHackerz Blog**
- **Bunnie's Blog**
- **Synacktiv Publications**
- **Cr4.sh Blog**
- **Ktln2 Blog**
- **Naehrdine Blog**
- **Limited Results Blog**
- **Fail0verflow Blog**
- **Exploit Security Blog**
-
Technical Research and Hacking
- Subaru Head Unit Jailbreak
- Dropcam Hacking
- Printer Hacking Live Sessions - Gamozo Labs
- LED Light Hacking
- PS4 Jailbreak – the current status
- Your Lenovo Watch X Is Watching You & Sharing What It Learns
- Your Smart Scale is Leaking More than Your Weight: Privacy Issues in IoT
- Smart Lock Vulnerabilities
-
Community and Discussion Platforms
-
IoT and Hardware Security Trainings
-
Search Engines for Internet-Connected Devices
-
YouTube Channels for IoT Pentesting
-
IoT Vulnerabilites Checking Guides
-
IoT Gateway Software
-
IoT Pentesting OSes
-
Reverse Engineering Tools
- IDA Pro
- GDB
- Radare2 - source framework for reverse engineering and analyzing binaries; includes a disassembler for multiple architectures.
- Cutter - friendly interface as well as additional features.
- Ghidra
- Binary Ninja
- OllyDbg
- x64dbg - source x64/x32 debugger for windows with a focus on plugin support and scriptability.
- Hopper
- Immunity Debugger
- PEiD
-
Introduction
-
RADIO HACKER QUICK START GUIDE
- Complete course in Software Defined Radio (SDR) by Michael Ossmann
- Understanding Radio
- Introduction to Software Defined Radio
- Introduction Gnuradio companion
- Creating a flow graph in gunradiocompanion
- Analysing radio signals 433Mhz
- Recording specific radio signal
- Replay Attacks with raspberrypi -rpitx
-
Cellular Hacking GSM BTS
- Awesome-Cellular-Hacking
- what is base tranceiver station
- How to Build Your Own Rogue GSM BTS
- Introduction to GSM Security
- GSM Security 2
- vulnerabilities in GSM security with USRP B200
- Security Testing 4G (LTE) Networks
- Case Study of SS7/SIGTRAN Assessment
- Introduction to SIGTRAN and SIGTRAN Licensing
- SS7 Network Architecture
- Introduction to SS7 Signaling
- Breaking LTE on Layer Two
- Fake BTS Detector (SCL-8521)
-
Zigbee ALL Stuff
- Introduction and protocol Overview
- Hacking Zigbee Devices with Attify Zigbee Framework
- Hands-on with RZUSBstick
- ZigBee & Z-Wave Security Brief
- Hacking ZigBee Networks
- Zigator: Analyzing the Security of Zigbee-Enabled Smart Homes
- Security Analysis of Zigbee Networks with Zigator and GNU Radio
- Low-Cost ZigBee Selective Jamming
- APIMOTE IEEE 802.15.4/ZIGBEE SNIFFING HARDWARE
- RaspBee-The Raspberry Pi Zigbee gateway
- USRP SDR 2
- ATUSB IEEE 802.15.4 USB Adapter
- Hands-on with RZUSBstick
-
BLE Intro and SW-HW Tools to pentest
- Traffic Engineering in a Bluetooth Piconet (PDF)
- Examining the August Smart Lock
- Finding Bugs in Bluetooth
- BLE Characteristics: A Beginner's Tutorial
- hcitool & bluez
- Testing With GATT Tool
- EDIMAX
- CSR 4.0
- Sena 100
- ESP-WROVER-KIT-VB
- Blue2thprinting: Answering the Question of 'WTF am I even looking at?!'
- Open Wounds: The Last 5 Years Have Left Bluetooth to Bleed
- It Was Harder to Sniff Bluetooth Through My Mask During the Pandemic...
- Intel Edison as Bluetooth LE — Exploit Box
- How I Reverse Engineered and Exploited a Smart Massager
- My Journey Towards Reverse Engineering a Smart Band — Bluetooth-LE RE
- Bluetooth Smartlocks
- I Hacked MiBand 3
- GATTacking Bluetooth Smart Devices
- Bluetooth Beacon Vulnerability
- Sweyntooth Vulnerabilities
- BRAKTOOTH: Causing Havoc on Bluetooth Link Manager
- Practical Introduction to BLE GATT Reverse Engineering: Hacking the Domyos EL500
- MojoBox - Yet Another Not So Smartlock
- CSR 4.0
-
DECT (Digital Enhanced Cordless Telecommunications)
-
Mobile security (Android & iOS)
- Android Application Pentesting Book - A detailed book on penetration testing techniques for Android devices.
- Android Pentest Video Course - TutorialsPoint - A series of video tutorials on Android penetration testing.
- Android Tamer - A Virtual/Live Platform for Android Security professionals, offering tools and environment for Android security.
- OWASP Mobile Security Testing Guide - The Open Web Application Security Project's guide for mobile security testing, applicable to iOS.
- iOS Pentesting - A guide to penetration testing in iOS environments.
-
Villages
-
Online Assemblers
-
ARM
-
CTF For IoT And Embeddded
- Damn Vulnerable ARM Router - A deliberately vulnerable ARM router for exploitation practice.
- Emulate to Exploitate
- IoT Village CTF - A Capture The Flag event specifically focused on IoT security.
- IoTSec CTF - Offers IoT related challenges for continuous learning.
- Firmware Security Training & CTF - Firmware analysis tools and challenges by Router Analysis Toolkit.
- Azeria Labs ARM Challenges - Offers ARM assembly challenges and tutorials.
- Microcorruption - Embedded security CTF focusing on lock systems.
- Pwnable.kr - Offers various reverse engineering challenges.
- Root Me - Platform with various types of challenges including hardware and reverse engineering.
- CTFtime - Lists various CTFs, including those in hardware, IoT, and firmware.
-
Pentesting Firmwares and emulating and analyzing
- EMBA-An analyzer for embedded Linux firmware
- QEMU
- OWASP Firmware Security Testing Methodology
- Firmware emulation with QEMU
- Reversing ESP8266 Firmware
- Emulating ARM Router Firmware
- Reversing Firmware With Radare
- Qiling & Binary Emulation for automatic unpacking
- Reverse engineering with #Ghidra: Breaking an embedded firmware encryption scheme
- Simulating and hunting firmware vulnerabilities with Qiling
- Using Symbolic Execution to Detect UEFI Firmware Vulnerabilities
- Binarly Finds Six High Severity Firmware Vulnerabilities in HP Enterprise Devices
- Emulating and Exploiting UEFI Firmware
- IoT binary analysis & emulation part -1
- ross debugging for ARM / MIPS ELF with QEMU/toolchain
- Qemu + buildroot 101
- Emulating IoT Firmware Made Easy: Start Hacking Without the Physical Device
- Adaptive Emulation Framework for Multi-Architecture IoT Firmware Testing
- Automatic Firmware Emulation through Invalidity-guided Knowledge Inference
- Debugging D-Link: Emulating firmware and hacking hardware
-
Firmware samples to pentest
-
Binary Analysis
-
Symlinks Attacks
-
Secureboot
- Writing a Bootloader
- Pwn the ESP32 Secure Boot
- Pwn the ESP32 Forever: Flash Encryption and Sec. Boot Keys Extraction
- Amlogic S905 SoC: bypassing the (not so) Secure Boot to dump the BootROM - software.com/2016/10/06/hacking-arm-trustzone-secure-boot-on-amlogic-s905-soc/)
- Defeating Secure Boot with Symlink Attacks
- PS4 Aux Hax 5 & PSVR Secure Boot Hacking with Keys by Fail0verflow!
- Eclypsium Discovers Multiple Vulnerabilities Affecting 129 Dell Models Via Dell Remote OS Recovery And Firmware Update Capabilities
- Technical Advisory – U-Boot – Unchecked Download Size and Direction in USB DFU (CVE-2022-2347)
- Breaking Secure Boot on the Silicon Labs Gecko platform
-
Storage Medium
-
Payment Device Security
-
IoT hardware Overview and Hacking
- IoT Hardware Guide
- Intro To Hardware Hacking - Dumping Your First Firmware
- Bus Pirate
- EEPROM reader/SOIC Cable
- Jtagulator/Jtagenum
- Logic Analyzer
- The Shikra
- FaceDancer21 (USB Emulator/USB Fuzzer)
- RfCat
- Ultra-Mini Bluetooth CSR 4.0 USB Dongle Adapter
- Attify Badge - UART, JTAG, SPI, I2C (w/ headers)
- An Introduction to Hardware Hacking
- Serial Terminal Basics
- Reverse Engineering Serial Ports
- REVERSE ENGINEERING ARCHITECTURE AND PINOUT OF CUSTOM ASICS
- ChipWhisperer - Hardware attacks
- Hardware hacking tutorial: Dumping and reversing firmware
- Dumping the firmware From Router using BUSPIRATE - SPI Dump
- TPM 2.0: Extracting Bitlocker keys through SPI
- How to Flash Chip of a Router With a Programmer
- Extracting Flash Memory over SPI
- Extracting Firmware from Embedded Devices (SPI NOR Flash)
- SPI-Blogs
- Reading FlashROMS - Youtube
- Intro to Embedded RE: UART Discovery and Firmware Extraction via UBoot
- Router Analysis Part 1: UART Discovery and SPI Flash Extraction
- Identifying UART interface
- Accessing sensor via UART
- Using UART to connect to a chinese IP cam
- A journey into IoT – Hardware hacking: UART
- UART Connections and Dynamic analysis on Linksys e1000
- Accessing and Dumping Firmware Through UART
- How To Find The JTAG Interface - Hardware Hacking Tutorial
- Buspirate JTAG Connections - Openocd
- Extracting Firmware from External Memory via JTAG
- Analyzing JTAG
- The hitchhacker’s guide to iPhone Lightning & JTAG hacking
- Debugging 8-bit AVR® microcontrollers trhough JTAG and AVR-gdb
- Introduction to TPM (Trusted Platform Module)
- Trusted platform module security defeated in 30 minutes, no soldering required
- Side channel attacks
- Espressif ESP32: Bypassing Encrypted Secure Boot(CVE-2020-13629)
- Breaking AES with ChipWhisperer - Piece of scake (Side Channel Analysis 100)
- Researchers use Rowhammer bit flips to steal 2048-bit crypto key
- NAND Glitching Attack - Gaining root access to a Wink Hub through NAND glitching.
- Tutorial CW305-4 Voltage Glitching with Crowbars - Detailed tutorial on voltage glitching using crowbars.
- Voltage Glitching Attack using SySS iCEstick Glitcher - A demonstration of a voltage glitching attack by SySS PentestTV.
- Samy Kamkar - FPGA Glitching & Side Channel Attacks - Insights on FPGA glitching and side channel attacks from Samy Kamkar.
- Hardware Power Glitch Attack - rhme2 Fiesta (FI 100) - A hardware power glitch attack demonstration by LiveOverflow.
- Keys in flash - Glitching AES keys from an Arduino / ATmega - Extracting AES keys from an Arduino using glitching.
- Implementing Practical Electrical Glitching Attacks - A guide on implementing electrical glitching attacks, presented at Black Hat Europe 2015.
- How To Voltage Fault Injection - A comprehensive guide on voltage fault injection techniques.
-
Awesome IoT Pentesting Guides
-
Fuzzing Things
- OWASP Fuzzing Info
- Fuzzing_ICS_protocols
- Fuzzowski - the Network Protocol Fuzzer that we will want to use
- Fuzz Testing of Application Reliability
- FIRM-AFL : High-Throughput Greybox Fuzzing of IoT Firmware via Augmented Process Emulation
- Snipuzz : Black-box Fuzzing of IoT Firmware via Message Snippet Inference
- fuzzing-iot-binaries - iot-binaries-with-afl-part-ii/)
- Modern Vulnerability Research Techniques on Embedded Systems
- FuzzingPaper
-
FlipperZero
-
Vulnerable IoT and Hardware Applications
- Damn Vulnerable Safe - `A physical safe designed to be vulnerable, intended for security training.`
- IoT-vulhub - `Collection of Dockerized vulnerable IoT applications for learning about IoT security.`
- Damn Vulnerable Chemical Process - `A presentation on a vulnerable SCADA system for learning purposes.`
- Sticky Fingers DV-Pi - `A vulnerable Raspberry Pi project for educational use.`
- Damn Vulnerable SS7 Network - `Demonstrates vulnerabilities in SS7 networks.`
- Hacklab VulnVoIP - `A vulnerable VoIP application for learning and training.`
-
follow the people
-
-
📑 Contents Overview
-
🛡️ IoT Security Information
-
Programming Languages
Sub Categories
IoT hardware Overview and Hacking
52
Books for IoT Penetration Testing
43
IoT Web and Message Services
40
Blogs for IoT Pentest
39
BLE Intro and SW-HW Tools to pentest
25
Pentesting Firmwares and emulating and analyzing
20
follow the people
15
Zigbee ALL Stuff
13
Cellular Hacking GSM BTS
13
Reverse Engineering Tools
11
CTF For IoT And Embeddded
10
Secureboot
9
Search Engines for Internet-Connected Devices
9
Fuzzing Things
9
RADIO HACKER QUICK START GUIDE
8
Technical Research and Hacking
8
YouTube Channels for IoT Pentesting
7
Community and Discussion Platforms
6
IoT Pentesting OSes
6
Storage Medium
6
Vulnerable IoT and Hardware Applications
6
Mobile security (Android & iOS)
5
Villages
5
Introduction
4
Payment Device Security
3
Binary Analysis
3
ARM
3
FlipperZero
3
Online Assemblers
3
DECT (Digital Enhanced Cordless Telecommunications)
3
IoT Vulnerabilites Checking Guides
3
Awesome IoT Pentesting Guides
2
Symlinks Attacks
1
Firmware samples to pentest
1
🛡️ IoT Security Information
1
IoT and Hardware Security Trainings
1
IoT Gateway Software
1