V33RU / IoTSecurity101

A Curated list of IoT Security Resources

Home Page:https://v33ru.github.io/IoTSecurity101/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Awesome

A Collection for IoT Security Resources

Other Interesting Areas:


πŸ› οΈ Approach Methodology

  • 🌐 1. Network
  • 🌐 2. Web (Front & Backend and Web services)
  • πŸ“± 3. Mobile App (Android & iOS)
  • πŸ“‘ 4. Wireless Connectivity (Zigbee, WiFi, Bluetooth, etc)
  • πŸ’½ 5. Firmware Pentesting (Static and Dynamic analysis, OS of IoT Devices)
  • πŸ› οΈ 6. Hardware Hacking & Fault Injections & SCA Attacks
  • πŸ’Ύ 7. Storage Medium
  • πŸ”Œ 8. I/O Ports

πŸ“‘ Contents Overview

πŸ›‘οΈ IoT Security Information

πŸ›‘οΈ General Information and Resources in IoT Security

Specific Topics in IoT Security

🌐 Network

🌐 Web IoT Message Protocols

πŸ“± Mobile App

πŸ“‘ Wireless Protocols

πŸ’½ Firmware

πŸ› οΈ Hardware

πŸ’Ύ Storage Medium

πŸ’³ Payment Security


Technical Research and Hacking


Proof of Concepts known Device Vulnerabilities


Community and Discussion Platforms


IoT and Hardware Security Trainings


Books for IoT Penetration Testing

2004

2007

2013

2014

2015

2016

2017

2018

2021

2022

2023


Awesome CheatSheets


Search Engines for Internet-Connected Devices


YouTube Channels for IoT Pentesting


Vehicle Security Resources


IoT Vulnerabilites Checking Guides


IoT Gateway Software


IoT Pentesting OSes


Exploitation Tools


Reverse Engineering Tools

  • IDA Pro: An interactive disassembler that provides extensive information about binary code and is widely used for static analysis.
  • GDB: The GNU Project Debugger allows you to see what is going on 'inside' another program while it executes or what another program was doing at the moment it crashed.
  • Radare2: An open-source framework for reverse engineering and analyzing binaries; includes a disassembler for multiple architectures.
  • Cutter: A Qt and C++ GUI for Radare2, aiming to provide a more user-friendly interface as well as additional features.
  • Ghidra: A software reverse engineering suite of tools developed by NSA that includes a decompiler, assembler, disassembler, and other tools to analyze binaries.
  • Binary Ninja: A reverse engineering platform that is an alternative to IDA Pro, with a focus on binary analysis for security research and reverse engineering.
  • OllyDbg: An x86 debugger that emphasizes binary code analysis, which is useful for reverse engineering and finding security vulnerabilities.
  • x64dbg: An open-source x64/x32 debugger for windows with a focus on plugin support and scriptability.
  • Hopper: A reverse engineering tool for macOS and Linux that lets you disassemble, decompile and debug your applications.
  • Immunity Debugger: A powerful debugger for analyzing malware and reverse engineering with an integrated Python scripting interface for automation.
  • PEiD: A tool that detects most common packers, cryptors, and compilers for PE files and is useful for reverse engineering of malware.

Introduction


IoT Web and Message Services

IoT Web and Message Services

MQTT

Introduction to MQTT
Security and Hacking with MQTT
Known Vulnerabilities and CVE IDs of MQTT Protocol
  • CVE-2020-13849: A vulnerability in MQTT protocol 3.1.1, allowing remote attackers to cause a denial of service. CVSS score: 7.5 (High).
  • CVE-2023-3028: Involves insufficient authentication in MQTT backend, leading to potential data access and manipulation. CVSS score: 9.8 (Critical).
  • CVE-2021-0229: Pertains to uncontrolled resource consumption in Juniper Networks Junos OS MQTT server. CVSS score: 5.3 (Medium).
  • CVE-2019-5432: A malformed MQTT Subscribe packet can crash MQTT Brokers. CVSS score: 7.5 (High).
IoT and MQTT
Tools and Client Information
Tutorials and Guides
Advanced Topics and Applications
MQTT Softwares
Additional Resources

CoAP


RADIO HACKER QUICK START GUIDE

Cellular Hacking GSM BTS

BTS

GSM SS7 Pentesting

Hardware Tools


NFC-RFID


Zigbee ALL Stuff

SW Tools

Hardware Tools for Zigbee


BLE Intro and SW-HW Tools to pentest

StepByStepGuideToBLEUnderstandingAndExploiting
TrafficEngineeringInABluetoothPiconet
BLECharacteristics
Bluetooth And BLE PentestTools
HardwareForBluetoothHacking
Bluetooth Hacks

DECT (Digital Enhanced Cordless Telecommunications)

Software Tools && Hardware Tools

Software
Hardware

Mobile security (Android & iOS)

Android

iOS


Villages


Online Assemblers


ARM


Pentesting Firmwares and emulating and analyzing

Firmware Analysis Tools

Resources

Firmware Dev && Firmware Emulation


Firmware samples to pentest


Binary Analysis


Symlinks Attacks


Secureboot

Dev

Hacking


Storage Medium

EMMC Protocol and Techniques

Explore the world of EMMC hacking with these curated resources. Whether you're new to hardware hacking or an experienced practitioner, these links provide valuable insights into EMMC protocol, data recovery, and practical hacking techniques.


Payment Device Security

ATM Hacking


IoT hardware Overview and Hacking

Hardware Gadgets to pentest

Attacking Hardware Interfaces

SPI

UART

JTAG

TPM

SideChannel Attacks

Glitching and Fault Injection Resources

Tutorials and Case Studies

Awesome IoT Pentesting Guides


Fuzzing Things


FlipperZero

Custom Firmwares for Flipper Zero

Interesting Research on Flipper Zero

Flipper Zero 101: Guides and Resources

Cool Hacks with Flipper Zero


ICS


Automotive


Vulnerable IoT and Hardware Applications

  • IoT: DVID - Deliberately vulnerable IoT device firmware for training and educational purposes.
  • Safe: Damn Vulnerable Safe - A physical safe designed to be vulnerable, intended for security training.
  • IoT-vulhub: IoT-vulhub - Collection of Dockerized vulnerable IoT applications for learning about IoT security.
  • Router: DVRF - Damn Vulnerable Router Firmware project for understanding router vulnerabilities.
  • SCADA: Damn Vulnerable Chemical Process - A presentation on a vulnerable SCADA system for learning purposes.
  • PI: Sticky Fingers DV-Pi - A vulnerable Raspberry Pi project for educational use.
  • SS7 Network: Damn Vulnerable SS7 Network - Demonstrates vulnerabilities in SS7 networks.
  • VoIP: Hacklab VulnVoIP - A vulnerable VoIP application for learning and training.
  • Hardware Hacking 101: Hardware Hacking 101 - A repository for learning the basics of hardware hacking.
  • RHME-2015: RHme-2015 - Archive of the RHme-2015 hardware hacking competition.
  • RHME-2016: Rhme-2016 - Archive of the RHme-2016 hardware hacking competition.
  • RHME-2017: Rhme-2017 - Archive of the RHme-2017 hardware hacking competition.

CTF For IoT And Embeddded

Awesome Hardware, IoT, Firmware, ARM, and Reverse Engineering CTFs and Platforms

Hardware CTFs

  • BLE CTF - A framework focused on Bluetooth Low Energy security.
  • Rhme-2016 - Riscure's hardware security competition for 2016.
  • Rhme-2017 - Riscure's hardware security competition for 2017.

IoT CTFs

  • IoTGoat - Deliberately insecure firmware based on OpenWrt for IoT security training.
  • IoT Village CTF - A Capture The Flag event specifically focused on IoT security.
  • IoTSec CTF - Offers IoT related challenges for continuous learning.

Firmware CTFs

ARM CTFs

Reverse Engineering CTFs

  • Microcorruption - Embedded security CTF focusing on lock systems.
  • Pwnable.kr - Offers various reverse engineering challenges.

Platforms for Continuous Learning

  • Hack The Box - Platform offering a range of challenges, including hardware and reverse engineering.
  • Root Me - Platform with various types of challenges including hardware and reverse engineering.
  • CTFtime - Lists various CTFs, including those in hardware, IoT, and firmware.

follow the people


Blogs for IoT Pentest

🌐 IoT Security Blogs