Giters

JosiahOne / IoTSecurity101

From IoT Pentesting to IoT Security

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

IoT Pentesting 101 && IoT Security 101 Awesome

Approach Methodology

  1. Network
  2. Web (Front & Backend and Web services)
  3. Mobile App(Android & iOS)
  4. Wireless Connectivity
  5. Firmware Pentesting(Hardware or IoT device OS)
  6. Hardware Level Approach
  7. Storage Areas

To seen Hacked devices

  1. https://blog.exploitee.rs/2018/10/
  2. https://www.exploitee.rs/
  3. https://forum.exploitee.rs/
  4. Your Lenovo Watch X Is Watching You & Sharing What It Learns
  5. Your Smart Scale is Leaking More than Your Weight: Privacy Issues in IoT
  6. Smart Bulb Offers Light, Color, Music, and… Data Exfiltration?
  7. Besder-IPCamera analysis
  8. Smart Lock
  9. Subaru Head Unit Jailbreak
  10. Jeep Hack

Contents

Telegram group for IoT Security

Discord Group for IoT Security and CTF

Books

Blogs for iotpentest

  1. http://iotpentest.com/
  2. https://blog.attify.com
  3. https://payatu.com/blog/
  4. http://jcjc-dev.com/
  5. https://w00tsec.blogspot.in/
  6. http://www.devttys0.com/
  7. https://www.rtl-sdr.com/
  8. https://keenlab.tencent.com/en/
  9. https://courk.cc/
  10. https://iotsecuritywiki.com/
  11. https://cybergibbons.com/
  12. http://firmware.re/
  13. https://iotmyway.wordpress.com/
  14. http://blog.k3170makan.com/
  15. https://blog.tclaverie.eu/
  16. http://blog.besimaltinok.com/category/iot-pentest/
  17. https://ctrlu.net/
  18. https://duo.com/decipher/
  19. http://www.sp3ctr3.me
  20. http://blog.0x42424242.in/
  21. https://dantheiotman.com/
  22. https://blog.danman.eu/
  23. https://quentinkaiser.be/
  24. https://blog.quarkslab.com
  25. https://blog.ice9.us/

Awesome Nmap CheatSheet

Search Engines for IoT Devices

  1. Shodan
  2. FOFA
  3. Censys
  4. Zoomeye
  5. ONYPHE

CTF For IoT's And Embeddded

  1. https://github.com/hackgnar/ble_ctf
  2. https://www.microcorruption.com/
  3. https://github.com/Riscure/Rhme-2016
  4. https://github.com/Riscure/Rhme-2017
  5. https://blog.exploitlab.net/2018/01/dvar-damn-vulnerable-arm-router.html
  6. https://github.com/scriptingxss/IoTGoat

YouTube Channels for IoT Pentesting

  1. Liveoverflow
  2. Binary Adventure
  3. EEVBlog
  4. JackkTutorials
  5. Craig Smith
  6. iotpentest [Mr-IoT]
  7. Besim ALTINOK - IoT - Hardware - Wireless
  8. Ghidra Ninja

IoT security vulnerabilites checking guides

Labs for Practice

Exploitation Tools & OS

Reverse Enginnering Tools

Introduction

IoT Protocols Pentesting

MQTT

CoAP

Automobile

CanBus

Radio IoT Protocols Overview

Base transceiver station (BTS)

GSM & SS7 Pentesting

Zigbee & Zwave

BLE Intro and Tools

BLE Pentesting Tutorials

Mobile security (Android & iOS)

ARM

Firmware Pentest

Firmware to pentest

IoT hardware Overview

Hardware Gadgets to pentest

Attacking Hardware Interfaces

UART

JTAG

SideChannel Attacks

Vulnerable IoT and Hardware Applications

About

From IoT Pentesting to IoT Security