V33RU/IoTSecurity101
From IoT Pentesting to IoT Security
| repo name | V33RU/IoTSecurity101 |
| repo link | https://github.com/V33RU/IoTSecurity101 |
| homepage | |
| language | |
| size (curr.) | 202 kB |
| stars (curr.) | 879 |
| created | 2018-05-18 |
| license | |
IoT Pentesting 101 && IoT Security 101 
Approach Methodology
- Network
- Web (Front & Backend and Web services)
- Mobile App(Android & iOS)
- Wireless Connectivity
- Firmware Pentesting(Hardware or IoT device OS)
- Hardware Level Approach
To seen Hacked devices
- https://blog.exploitee.rs/2018/10/
- https://www.exploitee.rs/
- https://forum.exploitee.rs/
- Your Lenovo Watch X Is Watching You & Sharing What It Learns
- Your Smart Scale is Leaking More than Your Weight: Privacy Issues in IoT
- Smart Bulb Offers Light, Color, Music, and… Data Exfiltration?
- Besder-IPCamera analysis
- Smart Lock
- Subaru Head Unit Jailbreak
- Jeep Hack
Contents
Telegram groups for IoT Security
- https://t.me/iotsecurity1011
- https://t.me/hardwareHackingBrasil
- https://t.me/joinchat/JAMxOg5YzdkGjcF3HmNgQw
Discord Group for IoT Security and CTF
Books
- Android Hacker’s Handbook
- Hacking the Xbox
- Car hacker’s handbook
- IoT Penetration Testing Cookbook
- Abusing the Internet of Things
- Hardware Hacking: Have Fun while Voiding your Warranty
- Linksys WRT54G Ultimate Hacking
- Linux Binary Analysis
- Firmware
- Hardware Hacking Handbook
- inside radio attack and defense
Blogs for iotpentest
- https://payatu.com/blog/
- http://jcjc-dev.com/
- https://w00tsec.blogspot.in/
- http://www.devttys0.com/
- https://www.rtl-sdr.com/
- https://keenlab.tencent.com/en/
- https://courk.cc/
- https://iotsecuritywiki.com/
- https://cybergibbons.com/
- http://firmware.re/
- https://iotmyway.wordpress.com/
- http://blog.k3170makan.com/
- https://blog.tclaverie.eu/
- http://blog.besimaltinok.com/category/iot-pentest/
- https://ctrlu.net/
- http://iotpentest.com/
- https://blog.attify.com
- https://duo.com/decipher/
- http://www.sp3ctr3.me
- http://blog.0x42424242.in/
- https://dantheiotman.com/
- https://blog.danman.eu/
- https://quentinkaiser.be/
- https://blog.quarkslab.com
- https://blog.ice9.us/
- https://labs.f-secure.com/
- https://mg.lol/blog/
Awesome CheatSheets
Search Engines for IoT Devices
CTF For IoT’s And Embeddded
- https://github.com/hackgnar/ble_ctf
- https://www.microcorruption.com/
- https://github.com/Riscure/Rhme-2016
- https://github.com/Riscure/Rhme-2017
- https://blog.exploitlab.net/2018/01/dvar-damn-vulnerable-arm-router.html
- https://github.com/scriptingxss/IoTGoat
YouTube Channels for IoT Pentesting
- Liveoverflow
- Binary Adventure
- EEVBlog
- JackkTutorials
- Craig Smith
- iotpentest [Mr-IoT]
- Besim ALTINOK - IoT - Hardware - Wireless
- Ghidra Ninja
Vehicle Security Resources
IoT security vulnerabilites checking guides
IoT Gateway Software
Labs for Practice
IoT Pentesting OSes
- Sigint OS- LTE IMSI Catcher
- Instatn-gnuradio OS - For Radio Signals Testing
- AttifyOS - IoT Pentest OS - by Aditya Gupta
- Ubutnu Best Host Linux for IoT’s - Use LTS
- Internet of Things - Penetration Testing OS
Exploitation Tools
- Expliot - IoT Exploitation framework - by Aseemjakhar
- A Small, Scalable Open Source RTOS for IoT Embedded Devices
- Skywave Linux- Software Defined Radio for Global Online Listening
- Routersploit (Exploitation Framework for Embedded Devices)
- IoTSecFuzz (comprehensive testing for IoT device)
Reverse Engineering Tools
Introduction
MQTT
- Introduction
- Hacking the IoT with MQTT
- thoughts about using IoT MQTT for V2V and Connected Car from CES 2014
- Nmap
- The Seven Best MQTT Client Tools
- A Guide to MQTT by Hacking a Doorbell to send Push Notifications
- Are smart homes vulnerable to hacking
Softwares
CoAP
Automobile
CanBus
- Introduction and protocol Overview
- PENTESTING VEHICLES WITH CANTOOLZ
- Building a Car Hacking Development Workbench: Part1
- CANToolz - Black-box CAN network analysis framework
- PLAYING WITH CAN BUS
Radio IoT Protocols Overview
- Understanding Radio
- Signal Processing
- Software Defined Radio
- Gnuradio
- Creating a flow graph
- Analysing radio signals
- Recording specific radio signal
- Replay Attacks
Base transceiver station (BTS)
GSM & SS7 Pentesting
- Introduction to GSM Security
- GSM Security 2
- vulnerabilities in GSM security with USRP B200
- Security Testing 4G (LTE) Networks
- Case Study of SS7/SIGTRAN Assessment
- Telecom Signaling Exploitation Framework - SS7, GTP, Diameter & SIP
- ss7MAPer – A SS7 pen testing toolkit
- Introduction to SIGTRAN and SIGTRAN Licensing
- SS7 Network Architecture
- Introduction to SS7 Signaling
- Breaking LTE on Layer Two
Zigbee & Zwave
- Introduction and protocol Overview
- Hacking Zigbee Devices with Attify Zigbee Framework
- Hands-on with RZUSBstick
- ZigBee & Z-Wave Security Brief
BLE Intro and SW & HW Tools
- Step By Step guide to BLE Understanding and Exploiting
- Traffic Engineering in a Bluetooth Piconet
- BLE Characteristics
Reconnaissance (Active and Passive) with HCI Tools
- btproxy
- hcitool & bluez
- Testing With GATT Tool
- Cracking encryption
- bettercap
- BtleJuice Bluetooth Smart Man-in-the-Middle framework
- gattacker
- BTLEjack Bluetooth Low Energy Swiss army knife
Hardware
BLE Pentesting Tutorials
- Bluetooth vs BLE Basics
- Intel Edison as Bluetooth LE — Exploit box
- How I Reverse Engineered and Exploited a Smart Massager
- My journey towards Reverse Engineering a Smart Band — Bluetooth-LE RE
- Bluetooth Smartlocks
- I hacked MiBand 3
- GATTacking Bluetooth Smart Devices
Mobile security (Android & iOS)
ARM
- Azeria Labs
- ARM EXPLOITATION FOR IoT
- Static Binary analysis ARMV7
- Damn Vulnerable ARM Router (DVAR)
- EXPLOIT.EDUCATION
Firmware Pentest
- Firmware analysis and reversing
- Firmware emulation with QEMU
- Dumping Firmware using Buspirate
- Reversing ESP8266 Firmware
Firmware to pentest
IoT hardware Overview
Hardware Gadgets to pentest
- Bus Pirate
- EEPROM reader/SOIC Cable
- Jtagulator/Jtagenum
- Logic Analyzer
- The Shikra
- FaceDancer21 (USB Emulator/USB Fuzzer)
- RfCat
- Hak5Gear- Hak5FieldKits
- Ultra-Mini Bluetooth CSR 4.0 USB Dongle Adapter
- Attify Badge - UART, JTAG, SPI, I2C (w/ headers)
Attacking Hardware Interfaces
- Serial Terminal Basics
- Reverse Engineering Serial Ports
- REVERSE ENGINEERING ARCHITECTURE AND PINOUT OF CUSTOM ASICS
UART
- Identifying UART interface
- onewire-over-uart
- Accessing sensor via UART
- Using UART to connect to a chinese IP cam
- A journey into IoT – Hardware hacking: UART
