Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/zseha/awesome-medsec
A curated list of awesome projects, libraries, and tools for MedSec.
https://github.com/zseha/awesome-medsec
List: awesome-medsec
Last synced: about 1 month ago
JSON representation
A curated list of awesome projects, libraries, and tools for MedSec.
- Host: GitHub
- URL: https://github.com/zseha/awesome-medsec
- Owner: zseha
- Created: 2018-08-25T11:19:53.000Z (about 6 years ago)
- Default Branch: master
- Last Pushed: 2019-03-22T08:09:52.000Z (over 5 years ago)
- Last Synced: 2024-05-20T12:05:08.723Z (4 months ago)
- Homepage:
- Size: 24.4 KB
- Stars: 17
- Watchers: 4
- Forks: 5
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- ultimate-awesome - awesome-medsec - A curated list of awesome projects, libraries, and tools for MedSec. (Other Lists / PowerShell Lists)
README
# Awesome MedSec [](https://github.com/sindresorhus/awesome)
A curated list of awesome projects, libraries, and tools for MedSec.
## What is MedSec?
## Table of Contents
- [Libraries](#libraries)
- [Talks](#talks)
- [Papers](#papers)
- [Tools](#tools)
## Libraries
* [HAPI](https://github.com/hapifhir/hapi-hl7v2) - HAPI (Java)
* [nHAPI](https://github.com/duaneedwards/nHapi) - nHAPI (C#)
* [python-hl7](https://github.com/johnpaulett/python-hl7) - (Py)
* [HL7-fuse](https://github.com/dib0/HL7Fuse) - HL7Fuse (C#)
* [Evil-DICOM](https://github.com/rexcardan/Evil-DICOM) - HL7Fuse (C#)
* [LDDI](https://github.com/universAAL/lddi) - Local Device Discovery and Integration (LDDI)
## Talks
* [The Scientific Method in Security Research](https://www.youtube.com/watch?v=UkA9JOUcFi4) - Jay Radcliffe - The Scientific Method in Security Research
* [Breaking the Human SCADA](https://www.youtube.com/watch?v=avf5XF8yS60) - Hacking Medical Devices for Fun and Insulin: Breaking the Human SCADA System
* [Defending Medical Device](https://www.youtube.com/watch?v=RsUJ7qETssU) - Fact and Fiction: Defending Medical Device
* [Medical Device Ethics](https://www.youtube.com/watch?v=g3lvY5an4-E) - Stanislav Naydin, Vlad Gostomelsky - Medical Device Ethics
* [Standardizing Deployment Of Medical Devices](https://www.youtube.com/watch?v=ODiZc04CzgE) - Christopher Frenz - Standardizing Deployment Of Medical Devices
* [Tales of A Healthcare Hacker](https://www.youtube.com/watch?v=ij7uuY-3eXk) - Kevin Sacco - Tales of A Healthcare Hacker
* [Implantable Medical Devices](https://www.youtube.com/watch?v=shTj9WVhVyU) - Kevin Fu - Implantable Medical Devices
* [Medical Device Cyber Security](https://www.youtube.com/watch?v=QKgdvmomopw) - Medical Device Cyber Security: The First 164 Years - Kevin Fu
* [Medical device security](https://www.youtube.com/watch?v=FmFLAlZO6ig) - Medical Device Security
* [Protecting Medical Devices from Cyberharm](https://www.youtube.com/watch?v=EyqwUFJKZo0) - Protecting Medical Devices from Cyberharm | Stephanie Domas
* [Hacking Medical Devices And Healthcare Infrastructure](https://www.youtube.com/watch?v=3S6RQo-OQ24) - Hacking Medical Devices And Healthcare Infrastructure - Anirudh Duggal
* [Anatomy of a Medical Device](https://www.youtube.com/watch?v=FnvcocyI4pI) - Anatomy of a Medical Device Hack Doctors vs Hackers in a Clinical Simulation Cage Match Joshua
* [Hacking Medical Devices](https://www.youtube.com/watch?v=KIU2mNpXsPg) - Hacking Medical Devices - Florian Grunow
* [Medical Security Nightmares](https://www.youtube.com/watch?v=0F_eScTUris) - Florian Grunow: Medical Security Nightmares (GERMAN)
* [HIPPA and hacking medical devices](https://www.youtube.com/watch?v=_aqOOPUwJhE) - Privacy HIPAA and Hacking Medical Devices
* [Healthcare security challenges](https://www.youtube.com/watch?v=yjZ-KiZlk7Q) - Digital Disease: How Healthcare Cybersecurity Challenges
* [Pwnage and Honeypots](https://www.youtube.com/watch?v=ZusL2BY6_XU) - Scott Erven and Mark Collao -Medical Devices: Pwnage and Honeypots
* [Hospitals And Infosec](https://www.youtube.com/watch?v=5QDdXPWZS1c) - Hospitals And Infosec by Jelena Milosevic
* [State of Medical Device Cyber Safety](https://www.youtube.com/watch?v=SLMafs9FMvE) - State of Medical Device Cyber Safety Beau Woods Scott Erven (IATC)
* [Medical Device Threat Modeling](https://www.youtube.com/watch?v=_5uVtINSr_w) - Medical Device Threat Modeling with Templates Valery Berestetsky and Jonathan Schaaf
* [Abusing IoT Medical Devices](https://www.youtube.com/watch?v=w7kI4M9Ym2Q) - Abusing IoT Medical Devices For Your Precious Health Records Saurabh Harit Nick Delewski
* [Digital Disease](https://www.youtube.com/watch?v=yjZ-KiZlk7Q) - Digital Disease: How Healthcare Cybersecurity Challenges... Christian Dameff
* [Medical Device Security](https://www.youtube.com/watch?v=0r6SodNXGJM) - Medical Device Security - Please (don't) be patient! Julian Suleder
## Papers
* [Introduction to HL7 Standards](http://www.hl7.org/implement/standards/index.cfm?ref=nav) - Introduction to HL7 Standards
* [Multiple presentations and documents](https://www.infosec-health.ch/downloads.html) - As there are multiple interesting presentations only a link to list is posted(GERMAN)
* [Medical Device Deployment Standard](https://www.owasp.org/index.php/OWASP_Secure_Medical_Device_Deployment_Standard) - OWASP Secure Medical Device Deployment Standard
* [ISO13485](https://www.iso.org/standard/59752.html) - Standard for developing software used in medical devices
* [QM System for medical devices](https://www.tuv-sud.co.uk/uk-en/industry/healthcare-medical-devices/quality-management-amp-quality-control/iso-13485-quality-management-system-for-medical-devices) - ISO 13485 Quality Management System for Medical Devices
* [Hippocratic Oath for Connected Medical Devices](https://www.iamthecavalry.org/wp-content/uploads/2016/01/I-Am-The-Cavalry-Hippocratic-Oath-for-Connected-Medical-Devices.pdf) - I Am The Cavalry - Hippocratic Oath for Connected Medical Devices
* [Five Star Automotive Cyber Safety](https://www.iamthecavalry.org/wp-content/uploads/2014/08/Five-Star-Automotive-Cyber-Safety-February-2015.pdf) - Five Star automotive cyber safety framework is also applicable to medical devices
* [An Architecture for Analysis](https://www.cs.ucsb.edu/~jmcmahan/research/top_picks_18.pdf) - paper describes how to do proper embedded device security with example of pacemaker
* [Breaking the Human SCADA System](https://media.blackhat.com/bh-us-11/Radcliffe/BH_US_11_Radcliffe_Hacking_Medical_Devices_WP.pdf) - Hacking Medical Devices for Fun and Insulin: Breaking the Human SCADA System
* [MEDJACK](https://securityledger.com/wp-content/uploads/2015/06/AOA_MEDJACK_LAYOUT_6-0_6-3-2015-1.pdf) - ANATOMY OF AN ATTACK MEDJACK
* [Software Radio Attacks and Zero-Power Defenses](https://www.secure-medicine.org/hubfs/public/publications/icd-study.pdf) - Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses
* [On the in/security of the Latest Generation Implantable Cardiac Defibrillators]( https://www.esat.kuleuven.be/cosic/publications/article-2678.pdf) - On the (in)security of the Latest Generation Implantable Cardiac Defibrillators and How to Secure Them
* [Analysis of FDA Postmarket Surveillance](https://journals.plos.org/plosone/article/file?id=10.1371/journal.pone.0040200&type=printable) - Security and Privacy Qualities of Medical Devices: An Analysis of FDA Postmarket Surveillance
* [Security Evaluation of the ICD](https://drive.google.com/file/d/0B_GspGER4QQTYkJfaVlBeGVCSW8/view) - Security Evaluation of the Implantable Cardiac Device Ecosystem Architecture and Implementation Interdependencies
* [Medical-Grade Data Exchange](https://www.pchalliance.org/sites/pchalliance/files/Fundamentals_Medical-Grade_Data_Exchange_Sep2018.pdf) - Fundamentals of Medical-Grade Data Exchange
* [HDP implementation guidance](https://www.bluetooth.org/docman/handlers/downloaddoc.ashx?doc_id=225927) - HDP implementation guidance whitepaper
## Articles
* [Vulnerabilities in Animas OneTouch](https://blog.rapid7.com/2016/10/04/r7-2016-07-multiple-vulnerabilities-in-animas-onetouch-ping-insulin-pump/) - R7-2016-07: Multiple Vulnerabilities in Animas OneTouch Ping Insulin Pump
* [Natus Neuroworks Vulnerabilities](https://blog.talosintelligence.com/2018/04/vulnerability-spotlight-natus.html?m=1) - Vulnerability Spotlight: Natus NeuroWorks Multiple Vulnerabilities
* [Pacemaker patients at risk of death by hacking](https://www.tirosec.com/pacemaker-patients-at-risk-of-death-by-hacking/) - Pacemaker patients at risk of death by hacking
* [750k Medtronic defibrillators vulnerable](http://www.startribune.com/750-000-medtronic-defibrillators-vulnerable-to-hacking/507470932/) - 750,000 Medtronic defibrillators vulnerable to hacking
## Videos
* [HL7 Courses](https://www.youtube.com/watch?v=ZAgdYR1rmEQ&list=PLNH9Hx9ks4CediBpp9Yr9N8icTfCr0TUN) - Youtube list that contains HL7 videos explaining HL7 v2 protocol
* [HL7 Message flow](https://www.youtube.com/watch?v=-suRA7cJ9fI) - HL7 Message Flow
* [Live hack](https://www.youtube.com/watch?v=2svPAJViJ1o) - Live Hacking Infosec Health
## Tools
* [7Edit](http://www.7edit.com/home/index.php) - 7edit - NOT FREE
* [NextGen](https://www.nextgen.com/products-and-services/integration-engine) - NextGen(Previously mirth) Connect
* [HL7-Snoop](https://github.com/dgrinberg/HL7-Snoop) - 'HL7 Snoop' is a Windows GUI that uses NHapi to parse a HL7 file and then display it in a tree structure.
* [Farser](https://hl7.cc/) - online HL7 Parser/Viewer
* [OpenMRS](https://openmrs.org/) - Open source medical record system
* [OpenEMR](https://www.open-emr.org/) - Open source electronic health records and medical practice management solution.
* [GnuMED](http://wiki.gnumed.de/bin/view/Gnumed) - electronic medical record client
* [Bahmni](https://www.bahmni.org) - Open source hospital system
## Contributors