Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/exploitprotocol/IoT-Security-Wiki

Last synced: 3 months ago
JSON representation

Host: GitHub
URL: https://github.com/exploitprotocol/IoT-Security-Wiki
Owner: exploitprotocol
Created: 2016-03-03T13:42:09.000Z (over 8 years ago)
Default Branch: master
Last Pushed: 2016-03-24T10:28:15.000Z (over 8 years ago)
Last Synced: 2024-05-02T18:56:28.462Z (6 months ago)
Size: 619 KB
Stars: 22
Watchers: 4
Forks: 11
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

awesome-hacking-lists - exploitprotocol/IoT-Security-Wiki - (Others)

README

### Welcome to IoT Security Wiki Website.

So this website is an intiative to help developers and security researchers to get all security resource related to IoT Security. Although listing out all resources related to IoT is very difficult, but i have tried my best to list out Major technical material available.

As IoT is broadly based on four components: Embedded Systems, Cloud, Network, Mobile. We will have resource related to first three in this wiki and for Mobile we already have [MobileSecurityWiki](https://mobilesecuritywiki.com) which is also my project.

If you find anything missing or have some resource to add, please add through [contribute](#contribute) section.

Follow IoT Security Wiki on [Twitter](https://twitter.com/IoTSecurityWiki) to get latest updates about IoT Security

Thanks!

##Presentations

| Presentation | Conference | Year | Author | Link |
|------------------------------------------------------------------------------------------|----------------|------|-----------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| A Surface Area Approach to Pen-testing the IoT | Defcon 23 | 2015 | Daniel Miessler | [Video](https://www.youtube.com/watch?v=RhxHHD790nw) [Slide](https://www.iotvillage.org/slides_DC23/IoT-Attack-Surfaces-DEFCON-2015-2.pdf) |
| The Hand that Rocks the Cradle: Hacking IoT Baby Monitors | Defcon23 | 2015 | Mark Stanislav | [Video](https://www.youtube.com/watch?v=2QU6OVkMg68) |
| Security of Wireless Home Automation Systems - A World Beside TCP/IP | Defon23 | 2015 | Tobias Zillner & Sebastian Strobl | [Slide](https://www.iotvillage.org/slides_DC23/IOT-village-v2.pdf) |
| Securing the IoT World | Defcon 23 | 2015 | Aaron Guzman | [Video](https://www.youtube.com/watch?v=VOvzsnIQPyA) [Slide](https://docs.google.com/presentation/d/1FfXGtqgPFXxA3zoqi8UAfnAsdlFbK0zDOhwp7MbJYko/mobilepresent?pli=1&slide=id.g63c7381c1_1_18) |
| Yes, You Can Walk on Water: Application & Product Security on a Startup Budget | Defcon23 | 2015 | Brian Knopf | [Video](https://www.youtube.com/watch?v=aTirAI-B-dI) |
| Cameras, Thermostats, and Home Automation Controllers - Hacking 14 IoT Devices | Defcon23 | 2015 | Wesley Wineberg | [Video](https://www.youtube.com/watch?v=majPZcqlVjI) [Slide](https://www.iotvillage.org/slides_DC23/IoT11-slides.pdf) |
| Smart Hone Invasion | Defcon23 | 2015 | Craig Young | [Video](https://www.youtube.com/watch?v=VWEhaZdUVW8) Slide[](https://www.iotvillage.org/slides_DC23/CRAIG_YOUNG-IoT_Village-Smart_Home_Invasion.pdf) |
| Practical IoT Exploitation Workshop (MIPS/ARM) | Defcon23 | 2015 | Lyon Yang | [Video]() [Slide](https://www.iotvillage.org/slides_DC23/DEFCON23_IoTVillage_Hackshop_v12.pptx) |
| Advanced SOHO Router Exploitation | HITBGSEC | 2015 | Lyon Yang | [Video](https://www.youtube.com/watch?v=B_OYnpAVpd8) [Slide](http://www.slideshare.net/lyonyang3/advanced-soho-router-exploitation-xcon) |
| Pwning IoT with Hardware Attacks | Defcon23 | 2015 | Chase Schultz | [Slide](http://www.slideshare.net/ChaseSchultz/pwning-iot-via-hardware-attacks-chase-schultz-iot-village-defcon-23) |
| SWEET SECURITY - Creating a Defensive Raspberry Pi | Defcon23 | 2015 | Travis Smith | [Slide](https://www.iotvillage.org/slides_DC23/Sweet%20Security.pptx) |
| Securing the Internet of Things: Mapping Attack Surface Areas Using the OWASP IoT Top 10 | RSA Conference | 2015 | Daniel Miessler | [Link](https://www.owasp.org/images/5/51/RSAC2015-OWASP-IoT-Miessler.pdf) |
| IoT Security | BSides | 2015 | Justin C. Klein Keane | [Video](https://www.youtube.com/watch?v=s5AOkqyCvHg) |
| Securing the Internet of Things | IoT Conference | 2015 | Paul Fremantle | [Video](https://www.youtube.com/watch?v=iEu1LFhnPWQ) |
| The Internet of Fails - Where IoT Has Gone Wrong | Defcon22 | 2014 | Mark Stanislav & Zach Lanier | [Video](https://www.youtube.com/watch?v=WHdU4LutBGU) |
## WhitePapers
* [What the Internet of Things(IoT) needs to become a reality](http://www.mouser.fr/pdfdocs/INTOTHNGSWP.PDF)
* [Security of Things: An Implementers’ Guide to Cyber-Security for Internet of Things Devices and Beyond](https://www.nccgroup.trust/globalassets/our-research/uk/whitepapers/2014-04-09_-_security_of_things_-_an_implementers_guide_to_cyber_security_for_internet_of_things_devices_and_beyond-2.pdf)
* [Use case possibilities with Bluetooth low energy in IoT applications](http://www.spezial.de/sites/default/files/bluetoothlowenergy-iot-applications_whitepaper_ubx-14054580.pdf)

##Research Studies

| Title | Organization | Year | Link |
|-------------------------------------------------|-----------------|------|-------------------------------------------------------------------------------------------------------------------|
| The Internet of Things: Security Research Study | Veracode | 2015 | [Link](https://www.veracode.com/sites/default/files/Resources/Whitepapers/internet-of-things-whitepaper.pdf) |
| Internet of Things Research Study | Hewlett Packard | 2015 | [Link](http://www8.hp.com/h20195/V2/GetPDF.aspx/4AA5-4759ENW.pdf) |
| Insecurity in Internet Of Things | Symantec | 2015 | [Link](https://www.symantec.com/content/en/us/enterprise/iot/b-insecurity-in-the-internet-of-things_21349619.pdf) |
| Securing the "Internet of Things" Survey | SANS | 2014 | [Link](http://cybersec.orglearn.com/wp-content/uploads/2014/02/SecuringtheInternetofThingsSurvey.pdf)

##Research Papers

| Title | Year | Link |
|-----------------------------------------------------------------------------------------------------------|------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Enhance Embedded System Security With Rust | 2016 | [Link](http://www.getreu.net/public/downloads/doc/Enhance%20Embedded%20System%20Security%20With%20Rust/Enhance%20Embedded%20System%20Security%20With%20Rust--Example%20of%20Heartbleed.pdf) |
| Requirement of Security for IoT Application based on Gateway System | 2015 | [Link](http://www.sersc.org/journals/IJSIA/vol9_no10_2015/18.pdf) |
| Threats Analysis, Requirements and Considerationsfor Secure Internet of Things | 2015 | [Link](www.sersc.org/journals/IJSH/vol9_no12_2015/20.pdf) |
| Hybrid Lightweight and Robust Encryption Design for Security in IoT | 2015 | [Link](http://www.sersc.org/journals/IJSIA/vol9_no12_2015/10.pdf) |
| A Study on IP Exposure Notification System for IoT Devices Using IP Search Engine Shodan | 2015 | [Link](http://www.sersc.org/journals/IJMUE/vol10_no12_2015/7.pdf) |
| Security Framework and Jamming Detection for Internet of Things | 2015 | [Link](http://vbn.aau.dk/files/208811916/Thesis_SECURITY_FRAMEWORK_AND_JAMMING_DETECTION_FOR_INTERNET_OF_THINGS.pdf) |
| Personal Information Security and the IoT: The Changing Landscape of Data privacy | 2015 | [Link](http://www.bapress.ca/ccc/ccc2015_4/201511_2_15112162.pdf) |
| Design of the Secure Compiler for the IoT Services | 2015 | [Link](http://onlinepresent.org/proceedings/vol110_2015/14.pdf) |
| On the design of lightweight link-layersecurity mechanisms in IoT systems | 2015 | [Link](https://pdfs.semanticscholar.org/c937/29a471915721f3e85b6dc16adf6ac77cc34f.pdf) |
| A Digital Door Lock System for the Internet of Things with Improved Security and Usability | 2015 | [Link](http://onlinepresent.org/proceedings/vol109_2015/8.pdf) |
| Security Threats on National Defense ICT based on IoT | 2015 | [Link](http://modul.mercubuana.ac.id/files/openjournal/JournalOfArt/text/16_77.pdf) |
| On the Security and Privacy of Internet of Things Architectures and Systems | 2015 | [Link](https://www.informatik.tu-darmstadt.de/fileadmin/user_upload/Group_TK/filesDownload/Published_Papers/SIoTpaper.pdf) |
| Cyber Security for Intelligent World with Internet of Things and Machine to Machine Communication | 2015 | [Link](http://riverpublishers.com/journal/journal_articles/RP_Journal_2245-1439_412.pdf) |
| Study on the Vulnerability Level of Physical Security AndApplication of the IP-Based Devices | 2015 | [Link](http://www.sersc.org/journals/IJSH/vol9_no10_2015/7.pdf) |
| ENERGY AWARE SECURITY ALGORITHM DECISION METHOD FOR INTERNET OF THINGS USING SSL/TLS FOR WIRELESS NETWORK | 2015 | [Link](http://granthaalayah.com/Articles/Vol3Iss12/01_IJRG15_C12_72.pdf) |
| A Lightweight RFID Security Protocol Based on Elliptic Curve Cryptography | 2015 | [Link](http://ijns.jalaxy.com.tw/contents/ijns-v18-n2/ijns-2016-v18-n2-p354-361.pdf) |
| DTLS-HIMMO: Efficiently Securing a Post-Quantum World with a Fully-Collusion Resistant KPS | 2015 | [Link](http://csrc.nist.gov/groups/ST/post-quantum-2015/papers/session7-garciamorchon-paper.pdf) |
| Study on a Secure Wireless Data Communication in Internet of Things Applications | 2015 | [Link](http://paper.ijcsns.org/07_book/201502/20150204.pdf) |
| IoT: The Internet of Threats and Static Program Analysis Defense | 2015 | [Link](https://ssrg.nicta.com.au/publications/nictaabstracts/8517.pdf) |
| Event driven adaptive security in internet of things | 2014 | [Link](https://www.researchgate.net/profile/Waqas_Aman/publication/265786485_Event_Driven_Adaptive_Security_in_Internet_of_things/links/54f6ca370cf2ca5efeff3f45.pdf) |
| Internet of Things: Architectural framework for eHealth security | 2014 | [Link](http://riverpublishers.com/journal/journal_articles/RP_Journal_2245-800X_133.pdf) |
| Privacy and Security Issues for Healthcare System with Embedded RFID System on Internet of Things | 2014 | [Link](onlinepresent.org/proceedings/vol72_2014/27.pdf) |
| An Approach for Cyber SecurityExperimentation Supporting Sensei/IoT forSmart Grid | 2014 | [Link](www.ibs.ro/~bela/Papers/isdfs2014.pdf) |
| Toward an Inverse-free Lightweight Encryption Scheme for IoT | 2014 | [Link](http://caislab.kaist.ac.kr/publication/paper_files/2014/FINAL_0089_HJ.pdf) |
| Broadcast Based Registration Technique for Heterogeneous Nodes in the IoT | 2014 | [Link](https://www.researchgate.net/profile/Qazi_Ashraf/publication/270106094_Broadcast_Based_Registration_Technique_for_Heterogeneous_Nodes_in_the_IoT/links/54a0c3510cf257a636021b11.pdf) |
| An Evaluation Scenario for Adaptive Security in eHealth | 2014 | [Link](https://www.researchgate.net/profile/Stefan_Poslad/publication/261989906_2014_PESARO-30_60033/links/00b49536202809c046000000.pdf) |
| Security requirements of IoT-based smart buildings using RESTful Web Services | 2014 | [Link](http://www1.fh-dortmund.de/de/fb/3/institutionen/ikt/pub/103020100000386719.media/386720/paper_Kando-conference-.pdf) |
| A survey on providing security to the wireless sensor networks integrated with IOT | 2014 | [Link](https://www.erpublication.org/admin/vol_issue1/upload%20Image/IJETR023021.pdf) |
| IOT Secure Transmission Based on Integration of IBE and PKI/CA | 2013 | [Link](http://www.sersc.org/journals/IJCA/vol6_no2/23.pdf) |
| An Empirical Research on InfoSec RiskManagement in IoT-based eHealth | 2013 | [Link](https://www.researchgate.net/profile/Waqas_Aman/publication/265786582_An_Empirical_Research_on_InfoSec_Risk_Management_in_IoT-based_eHealth/links/54f6c9cb0cf21d8b8a5d90bf.pdf) |
| Security and privacy challenge in data aggregation for the iot in smart cities | 2013 | [Link](https://www.researchgate.net/profile/Patrick_Guillemin/publication/260712666_Internet_of_Things_Strategic_Research_and_Innovation_Agenda/links/00b49537c99302c081000000.pdf#page=240) |
| Designing a secure service manager for internet of things | 2013 | [Link](http://onlinepresent.org/proceedings/vol43_2013/35.pdf) |
| Identity Authentication and Capability Based Access Control (IACAC) for the Internetof Things | 2013 | [Link](http://vbn.aau.dk/ws/files/74574200/PNM_IACAC_River.pdf) |
| Security Architecture of the Internet of Things Oriented to PerceptualLayer | 2013 | [Link](http://ij3c.ncuteecs.org/volume/paperfile/2-2/IJ3C_5.pdf) |
| Towards a Light Weight Internet of ThingsPlatform Architecture | 2013 | [Link](http://riverpublishers.com/journal/journal_articles/RP_Journal_2245-800X_128.pdf) |
| A bi-direction authentication protocol for RFID based on the variable update in IOT | 2013 | [Link](http://onlinepresent.org/proceedings/vol17_2013/6.pdf) |
| Novel Threshold Cryptography-based Group Authentication (TCGA)Scheme for the Internet of Things (IoT) | 2013 | [Link](http://vbn.aau.dk/ws/files/107848036/D_TCGA_IEEE_ANTS_2013_PNM.pdf) |
| A Survey on Security Issues of M2M Communications in Cyber-Physical Systems. | 2012 | [Link](https://www.researchgate.net/profile/Dong_Chen27/publication/263285993_A_Survey_on_Security_Issues_of_M2M_Communications_in_Cyber-Physical_Systems/links/55cd810d08ae1141f6b9f0b9.pdf) |
| Making Devices Trustworthy: Security and Trust Feedbackin the Internet of Things | 2012 | [Link](http://www.medien.ifi.lmu.de/iwssi2012/papers/iwssi-spmu2012-hochleitner.pdf) |
| A bi-directional security authentication architecture for the internet of vehicles | 2012 | [Link](http://amis.naturalspublishing.com/files/published/mh28xl118t4u15.pdf) |
| Security for Practical CoAP Applications:Issues and Solution Approaches | 2011 | [Link](https://www.researchgate.net/profile/Michael_Kirsche/publication/265973615_Security_for_Practical_CoAP_Applications_Issues_and_Solution_Approaches/links/5583f51c08ae4738295c2028.pdf) |
| A Security Protocol Adaptation Layer for theIP-based Internet of Things | 2011 | [Link](https://www.iab.org/wp-content/IAB-uploads/2011/03/Hummen.pdf) |
| Security in the Internet of Things | 2011 | [Link](http://www.mhutter.org/papers/Gudymenko2011SecurityInThe.pdf) |
| Assessing the Security of Internet ConnectedCritical Infrastructures | 2010 | [Link](https://www.researchgate.net/profile/Neeraj_Suri/publication/267942349_Assessing_the_Security_of_Internet_Connected_Critical_Infrastructures_(The_CoMiFin_Project_Approach)/links/54bcd6600cf29e0cb04c388a.pdf) |

##OWASP Resources

* [Top IoT Vulnerabilities](https://www.owasp.org/index.php/Top_IoT_Vulnerabilities)
* [IoT Testing Guides](https://www.owasp.org/index.php/IoT_Testing_Guides)
* [Manufacturer IoT Security Guidance](https://www.owasp.org/index.php/IoT_Security_Guidance#Manufacturer_IoT_Security_Guidance)
* [Developer IoT Security Guidance](https://www.owasp.org/index.php/IoT_Security_Guidance#Developer_IoT_Security_Guidance)
* [Consumer IoT Security Guidance](https://www.owasp.org/index.php/IoT_Security_Guidance#Consumer_IoT_Security_Guidance)
* [Priciples of IoT Security](https://www.owasp.org/index.php/Principles_of_IoT_Security)
* [IoT Framework Assessment](https://www.owasp.org/index.php/IoT_Framework_Assessment)

##Case Studies

* [HACKING IoT: A Case Study on Baby Monitor Exposures and Vulnerabilities](https://www.rapid7.com/docs/Hacking-IoT-A-Case-Study-on-Baby-Monitor-Exposures-and-Vulnerabilities.pdf)
* [Your Fridge is Full of SPAM: Proof of An IoT-driven Attack](https://www.proofpoint.com/us/threat-insight/post/Your-Fridge-is-Full-of-SPAM)
* [Refrigerator Vulnerabilities - Samsung Security Hack ](https://www.pentestpartners.com/blog/hacking-defcon-23s-iot-village-samsung-fridge/)

##Articles

* [Vulnerable Embedded Web Interfaces Plague IoT Devices: Study](http://www.securityweek.com/vulnerable-embedded-web-interfaces-plague-iot-devices-study)
* [A Hacker's-Eye View of the Internet of Things](https://recode.net/2015/04/07/a-hackers-eye-view-of-the-internet-of-things/)
* [Hackers Remotely Kill a Jeep on the Highway—With Me in It](http://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/)
* [How hackers attacked Ukraine's power grid: Implications for Industrial IoT security](http://www.zdnet.com/article/how-hackers-attacked-ukraines-power-grid-implications-for-industrial-iot-security/)

##Firmware Analysis

* [Binwalk](https://github.com/devttys0/binwalk) - Binwalk is a fast, easy to use tool for analyzing, reverse engineering, and extracting firmware images.
* [Reversing Firmware Part 1](http://resources.infosecinstitute.com/reversing-firmware-part-1/)
* [Embedded Devices Security and Firmware Reverse Engineering](https://media.blackhat.com/us-13/US-13-Zaddach-Workshop-on-Embedded-Devices-Security-and-Firmware-Reverse-Engineering-WP.pdf)

## IoT Development Tools

* [Arduino](https://www.arduino.cc/) - Arduino is an open-source electronics platform based on easy-to-use hardware and software. It's intended for anyone making interactive projects.
* [Eclipse IoT Project](http://iot.eclipse.org/) - IoT needs open source to be successful. Eclipse IoT simplifies IoT development.
* [Kinoma](https://origin-www.marvell.com/kinoma/) - Kinoma’s platform is optimized for connected, high-performance consumer electronics and Internet of Things (IoT) products. Build rich consumer experiences that orchestrate connected devices, their companion apps, and cloud services.
* [M2M Labs MainSpring](http://www.m2mlabs.com/framework) - M2MLabs Mainspring is an open source application framework for building machine to machine (M2M) applications such as remote monitoring, fleet management or smart grid.
* [Node-RED](http://nodered.org/) - Node-RED is a tool for wiring together hardware devices, APIs and online services in new and interesting ways.
* [Particle](https://www.particle.io) - Particle is a prototype-to-production platform for developing an Internet of Things product.
* [PlatformIO](http://platformio.org/#!/) - PlatformIO IDE is the missing integrated development environment which provides comprehensive facilities for IoT development:
* [ThingBox](http://thethingbox.io/#idea) - The ThingBox is a set of software already installed and configured.
The ThingBox allows anyone to graphically create new unlimited applications interacting with connected objects from a simple web-browser.

##IoT Hardware Platforms

* [Arduino](https://arduino.cc) - Arduino is an open-source electronics platform based on easy-to-use hardware and software. It's intended for anyone making interactive projects.
* Arduino Nano]
* Arduno Pro Mini
* Arduino Uno
* Arduino Yún
* [Arietta G25](http://www.acmesystems.it/arietta) - Arietta G25 - Low cost Linux embedded module
* [BeagleBoard](http://beagleboard.org/) - Get your hands in technology's guts and control your development destiny with these credit-card sized, low-power, open-hardware computers. Experiment with Linux, Android and Ubuntu and jump-start development in five minutes with the included USB cable.
* [Flutter](http://flutterwireless.com/) - Flutter is a programmable processor core for electronics projects, designed for hobbysits, students, and engineers. Flutter features a fast ARM processor, powerful long-range wireless communication, built-in battery charging, and an onboard security chip, making Flutter an ideal choice for robotics, wireless sensor networks, consumer electronics, and educational platforms.
* [Imuduino](http://femto.io/products/imuduino) - The smallest Arduino Leonardo compatible clone, feature packed with USB keyboard/mouse emulation, on-board Bluetooth LE, real-time orientation and motion sensing IMU, and 10V max voltage regulator. Works with Android and iOS devices
* [Intel Edison](https://www-ssl.intel.com/content/www/us/en/do-it-yourself/support/maker/edison/edison-documents-and-guides.html) - The Intel Edison is a tiny computer offered by Intel as a development system for wearable devices and Internet Of Things.
* [Intel Galileo](http://www.intel.in/content/www/in/en/embedded/products/galileo/galileo-overview.html) - The Intel® Galileo Gen 2 development board is a microcontroller board based on the Intel® Quark™ SoC X1000 application processor, a 32-bit Intel® Pentium® brand system on a chip (SoC). It is the first board based on Intel® architecture designed to be hardware and software pin-compatible with shields designed for the Arduino Uno R3.
* [LightBlue Bean](https://punchthrough.com/bean) - With Bean, you can program wirelessly from any of your devices. No more unscrewing screws and ungluing glue.
* [MicroDuino](https://www.microduino.cc) - Microduino presents the world’s smallest series of Arduino-compatible smart modules that are small, flexible, stackable and powerful, and can be used to create a limitless amount of DIY projects.

##Home Automation Software
* [Eclipse SmartHome](https://eclipse.org/smarthome/) - The framework is designed to run on embedded devices, such as a Raspberry Pi, a BeagleBone Black or an Intel Edison. It requires a Java 7 compliant JVM and an OSGi (4.2+) framework, such as Eclipse Equinox.
* [Home Gateway Initiative](http://www.homegatewayinitiative.org/) - The HGI Open Platform 2.0 suite captures home gateway software modularity requirements and provides remote test tools that form a cornerstone of many of the operators’ and vendors’ home gateway strategy.
* [Ninja Blocks](https://ninjablocks.com/) - Ninja Sphere is both a hardware and software platform designed to seamlessly bridge your smart devices together. By connecting to products from various brands, your home can start using them in new and exciting ways.
* [openHAB](http://www.openhab.org/) - a vendor and technology agnostic open source automation software for your home. Build your smart home in no time!
* [PrivateEyePi](http://projects.privateeyepi.com/) - This is a Raspberry Pi projects website aimed at the Raspberry Pi enthusiast wanting to build home security/automation systems and at the same time learn programming and electronics.
* [RaZberry](http://razberry.z-wave.me/) - The Razberry platform adds all the components needed to turn a Raspberry PI board into a fully operational and inexpensive Z-Wave gateway.

##Middleware
* [IoTSyS](https://code.google.com/archive/p/iotsys/) - IoTSyS is an integration middleware for the Internet of Things. It provides a communication stack for embedded devices based on IPv6, Web services and oBIX to provide interoperable interfaces for smart objects. Using 6LoWPAN for constrained wireless networks and the Constrained Application Protocol together with Efficient XML Interchange an efficient stack is provided allowing using interoperable Web technologies in the field of sensor and actuator networks and systems while remaining nearly as efficient regarding transmission message sizes as existing automation systems.
* [Kaa](http://www.kaaproject.org/) - Kaa IoT Platform — 100% open-source Internet of Things middleware platform for everyone.
* [OpenIoT](https://github.com/OpenIotOrg/openiot) - The OpenIoT middleware infrastructure will support flexible configuration and deployment of algorithms for collection, and filtering information streams stemming from the internet-connected objects, while at the same time generating and processing important business/applications events.
* [OpenRemote](http://www.openremote.org/display/HOME/OpenRemote) - OpenRemote is software integration platform for residential and commercial building automation. OpenRemote platform is automation protocol agnostic, operates on off-the-shelf hardware and is freely available under an Open Source license. OpenRemote's architecture enables fully autonomous and user-independent intelligent buildings. End-user control interfaces are available for iOS and Android devices, and for devices with modern web browsers. User interface design, installation management and configuration can be handled remotely with OpenRemote cloud-based design tools.

##Operating Systems
* [AllJoyn](https://allseenalliance.org/opportunities/developers) - The AllJoyn framework defines a common way for devices and apps to communicate with one another regardless of brands, categories, transports, and OSes. Developers write applications that discover nearby devices, and communicate with each other directly and through the cloud, unleashing new possibilities in the Internet of Things.
* [Brillo](https://developers.google.com/brillo/?hl=en) - Brillo brings the simplicity and speed of software development to hardware for IoT with an embedded OS, core services, developer kit, and developer console.
* [Contiki](http://www.contiki-os.org/) - Contiki is an open source operating system for the Internet of Things. Contiki connects tiny low-cost, low-power microcontrollers to the Internet.
* [JaneOS](http://janeos.io) - JanOS is an operating system designed to run on the chipset of mobile phones. It runs without a screen, and allows you to access all phone functionality, from calling to the camera, through JavaScript APIs.
* [OpenWSN](https://openwsn.atlassian.net/wiki/) - The Internet of Things enables great applications, such as energy-aware homes or real-time asset tracking. With these networks gaining maturity, standardization bodies have started to work on standardizing how these networks of tiny devices communicate.
* [Rasbian](https://www.raspbian.org/) - Raspbian is a free operating system based on Debian optimized for the Raspberry Pi hardware. An operating system is the set of basic programs and utilities that make your Raspberry Pi run. However, Raspbian provides more than a pure OS: it comes with over 35,000 packages, pre-compiled software bundled in a nice format for easy installation on your Raspberry Pi.
* [RIOT](http://www.riot-os.org/#home) - The friendly Operating System for the Internet of Things. Make your applications ready for the smaller things in the Internet with common system support.
* 6LoWPAN, IPv6, RPL, and UDP
* CoAP and CBOR
* Static and dynamic memory allocation
* High resolution and long-term timers
* Tools and utilities (System shell, SHA-256, Bloom filters, ...)
* [TinyOS](https://www.tinyos.net/) - TinyOS is an open source, BSD-licensed operating system designed for low-power wireless devices, such as those used in sensor networks, ubiquitous computing, personal area networks, smart buildings, and smart meters.
* [Windows 10 IoT Core OS](https://dev.windows.com/en-us/iot) - Discover the features and functionality that Windows 10 IoT Core provides. It’s ease of Windows combined with the power of IoT.
* [Zephyr](https://www.zephyrproject.org/) - Zephyr Project is a small, scalable real-time operating system for use on resource-constrained systems supporting multiple architectures. Developers are able to tailor their optimal solution. As a true open source project, the community can evolve the Zephyr Project to support new hardware, developer tools, sensor and device drivers. Advancements in security, device management capabilities, connectivity stacks and file systems can be easily implemented.

##IoT App Development Protocols

* [Advanced Message Queuing Protocol]()
* [OASIS Message Queuing Telemetry Transport]()
* [Very Simple Control Protocol]()
* [Constrained Application Protocol]()
* [Extensible Messaging and Presence Protocol]()

#Contribute

It is awesome to see that you want to contribute in this wiki, which would directly help the community. Please follow one of the ways from below to include tool/resource in this wiki-

* Tweet the resource to [@IoTSecurityWiki](https://twitter.com/IoTSecurityWiki) or [@exploitprotocol](https://twitter.com/exploitprotocol)
* Send an email to [[email protected]](mailto:[email protected])

Please let me know if you have any suggestions.

Below is the list of the awesome folks who contributed to this wiki-