| contribute | 2,726 | about 1 month ago | You are welcome to fork and |
| ICS-Security | 2,726 | about 1 month ago | |
| Automotive-Security | 2,726 | about 1 month ago | |
๐ ๏ธ Approach Methodology / ๐ Contents Overview / ๐ก๏ธ IoT Security Information |
| ๐ข IoT Lab Setup Guide for Corporate/Individual | | | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / Technical Research and Hacking |
| Subaru Head Unit Jailbreak | 554 | about 4 years ago | |
| Jeep Hack | | | |
| Dropcam Hacking | | | |
| Printer Hacking Live Sessions - Gamozo Labs | | | |
| LED Light Hacking | | | |
| PS4 Jailbreak โ the current status | | | |
| Your Lenovo Watch X Is Watching You & Sharing What It Learns | | | |
| Your Smart Scale is Leaking More than Your Weight: Privacy Issues in IoT | | | |
| Besder 6024PB-XMA501 IP camera security analysis | 21 | about 2 years ago | |
| Smart Lock Vulnerabilities | | | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / Proof of Concepts known Device Vulnerabilities |
| IoT-Vuln-with CVE and PoC of tenda and dlink | 21 | 7 months ago | |
| |
| IoTSecurity101 Telegram | | | |
| IoTSecurity101 Reddit | | | |
| IoTSecurity101 Discord | | | |
| Hardware Hacking Telegram | | | |
| RFID Discord Group | | | |
| ICS Discord Group | | | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / IoT and Hardware Security Trainings |
| opensecuritytraining 2 | | | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / Books for IoT Penetration Testing |
| The Firmware Handbook (Embedded Technology) 1st Edition by Jack Ganssle | | | |
| Hardware Hacking: Have Fun while Voiding your Warranty 1st Edition | | | |
| Linksys WRT54G Ultimate Hacking 1st Edition by Paul Asadoorian | | | |
| Hacking the Xbox - An Introduction to Reverse Engineering HACKING THE XBOX by Andrew โbunnieโ Huang | | | |
| Applied Cyber Security and the Smart Grid: Implementing Security Controls into the Modern Power Infrastructure by Eric D. Knapp , Raj Samani | | | |
| Android Hacker's Handbook by Joshua J. Drake | | | |
| The Art of Pcb Reverse Engineering: Unravelling the Beauty of the Original Design | | | |
| Abusing the Internet of Things: Blackouts, Freakouts, and Stakeouts 1st Edition, by Nitesh Dhanjani | | | |
| Learning Linux Binary Analysis By Ryan "elfmaster" O'Neill | | | |
| Car hacker's handbook by Craig Smith | | | |
| IoT Penetration Testing Cookbook By Aaron Guzman , Aditya Gupta | | | |
| Inside Radio: An Attack and Defense Guide by Authors: Yang, Qing, Huang, Lin | | | |
| Pentest Hardware | 492 | over 5 years ago | |
| Gray Hat Hacking: The Ethical Hacker's Handbook, Fifth Edition 5th Edition by Daniel Regalado , Shon Harris , Allen Harper , Chris Eagle , Jonathan Ness , Branko Spasojevic , Ryan Linn , Stephen Sims | | | |
| Practical Hardware Pentesting | | | |
| The Hardware Hacking Handbook: Breaking Embedded Security with Hardware Attacks Front Cover Jasper van Woudenberg, Colin O'Flynn | | | |
| Practical IoT Hacking-The Definitive Guide to Attacking the Internet of Things by Fotios Chantzis, Ioannis Stais, Paulino Calderon, Evangelos Deirmentzoglou, Beau Woods | | | |
| Manual PCB-RE: The Essentials | | | |
| PatrIoT: practical and agile threat research for IoT by Emre Sรผren | | | |
| Practical Hardware Pentesting - Second Edition | | | |
| Blue Fox: Arm Assembly Internals & Reverse Engineering | | | |
| Fuzzing Against the Machine: Automate vulnerability research with emulated IoT devices on QEMU | | | |
| Hardware Security Training, Hands-on! | | | |
| Automotive Cybersecurity Engineering Handbook: The automotive engineer's roadmap to cyber-resilient vehicles Series | | | |
| Embedded Systems Security and TrustZone | | | |
| Microcontroller Exploits | | | |
| Metasploit, 2nd Edition | | | |
| Engineering Secure Devices | | | |
| The Ultimate Hardware Hacking Gear Guide | 181 | 4 months ago | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / Awesome CheatSheets |
| Hardware Hacking cheat sheet | 147 | 9 months ago | |
| Nmap | 108 | 4 months ago | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / Search Engines for Internet-Connected Devices |
| Shodan | | | |
| Censys | | | |
| ZoomEye | | | |
| BinaryEdge | | | |
| Thingful | | | |
| Wigle | | | |
| Hunter.io | | | |
| BuiltWith | | | |
| NetDB | | | |
| Recon-ng | 4,082 | 21 days ago | |
| PublicWWW | | | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / YouTube Channels for IoT Pentesting |
| Joe Grand | | | |
| Liveoverflow | | | |
| Binary Adventure | | | |
| EEVBlog | | | |
| Craig Smith | | | |
| iotsecurity101 | | | |
| Besim ALTINOK - IoT - Hardware - Wireless | | | |
| Ghidra Ninja | | | |
| Cyber Gibbons | | | |
| Scanline | | | |
| Aaron Christophel | | | |
| Valerio Di Giampietro | | | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / Vehicle Security Resources |
| https://github.com/jaredthecoder/awesome-vehicle-security | 3,173 | 3 months ago | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / IoT Vulnerabilites Checking Guides |
| Reflecting upon OWASP TOP-10 IoT Vulnerabilities | | | |
| OWASP IoT Top 10 2018 Mapping Project | | | |
| Hardware toolkits for IoT security analysis | | | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / IoT Gateway Software |
| Webthings by Mozilla - RaspberryPi | | | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / IoT Pentesting OSes |
| Sigint OS- LTE IMSI Catcher | | | |
| Instatn-gnuradio OS - For Radio Signals Testing | 161 | 6 months ago | |
| Ubutnu Best Host Linux for IoT's - Use LTS | | | |
| Internet of Things - Penetration Testing OS v1 | | | |
| Dragon OS - DEBIAN LINUX WITH PREINSTALLED OPEN SOURCE SDR SOFTWARE | | | |
| EmbedOS - Embedded security testing virtual machine | 152 | about 4 years ago | |
| Skywave Linux- Software Defined Radio for Global Online Listening | | | |
| A Small, Scalable Open Source RTOS for IoT Embedded Devices | | | |
| ICS - Controlthings.io | | | |
| AttifyOS - IoT Pentest OS - by Aditya Gupta | 953 | about 3 years ago | |
| |
| Expliot - IoT Exploitation framework - by Aseemjakhar | | | |
| Routersploit (Exploitation Framework for Embedded Devices) | 12,208 | 29 days ago | |
| IoTSecFuzz (comprehensive testing for IoT device) | | | |
| HomePwn - Swiss Army Knife for Pentesting of IoT Devices | 878 | almost 2 years ago | |
| killerbee - Zigbee exploitation | 764 | about 1 year ago | |
| PRET - Printer Exploitation Toolkit | 3,935 | 4 months ago | |
| HAL โ The Hardware Analyzer | 626 | 11 days ago | |
| FwAnalyzer (Firmware Analyzer) | 492 | about 1 year ago | |
| ISF(Industrial Security Exploitation Framework | 247 | about 4 years ago | |
| PENIOT: Penetration Testing Tool for IoT | 209 | over 2 years ago | |
| MQTT-PWN | 367 | 4 months ago | |
| |
| IDA Pro | | | : An interactive disassembler that provides extensive information about binary code and is widely used for static analysis |
| GDB | | | : The GNU Project Debugger allows you to see what is going on 'inside' another program while it executes or what another program was doing at the moment it crashed |
| Radare2 | | | : An open-source framework for reverse engineering and analyzing binaries; includes a disassembler for multiple architectures |
| Cutter | | | : A Qt and C++ GUI for Radare2, aiming to provide a more user-friendly interface as well as additional features |
| Ghidra | | | : A software reverse engineering suite of tools developed by NSA that includes a decompiler, assembler, disassembler, and other tools to analyze binaries |
| Binary Ninja | | | : A reverse engineering platform that is an alternative to IDA Pro, with a focus on binary analysis for security research and reverse engineering |
| OllyDbg | | | : An x86 debugger that emphasizes binary code analysis, which is useful for reverse engineering and finding security vulnerabilities |
| x64dbg | | | : An open-source x64/x32 debugger for windows with a focus on plugin support and scriptability |
| Hopper | | | : A reverse engineering tool for macOS and Linux that lets you disassemble, decompile and debug your applications |
| Immunity Debugger | | | : A powerful debugger for analyzing malware and reverse engineering with an integrated Python scripting interface for automation |
| PEiD | | | : A tool that detects most common packers, cryptors, and compilers for PE files and is useful for reverse engineering of malware |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / Introduction |
| Introduction to IoT | | | |
| IoT Architecture | | | |
| IoT attack surface | | | |
| IoT Protocols Overview | | | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / IoT Web and Message Services |
| Introduction to MQTT | | | |
| MQTT Broker Security - 101 | | | |
| Hacking the IoT with MQTT | | | |
| Are Smart Homes Vulnerable to Hacking? | | | |
| Servisnet Tessa - MQTT Credentials Dump (Unauthenticated) (Metasploit) | | | |
| Eclipse Mosquitto MQTT broker 2.0.9 - 'mosquitto' Unquoted Service Path | | | |
| IoT Security: RCE in MQTT Protocol | | | |
| Penetration testing of Sesame Smart door lock | | | |
| CVE-2020-13849 | | | : A vulnerability in MQTT protocol 3.1.1, allowing remote attackers to cause a denial of service. CVSS score: 7.5 (High) |
| CVE-2023-3028 | | | : Involves insufficient authentication in MQTT backend, leading to potential data access and manipulation. CVSS score: 9.8 (Critical) |
| CVE-2021-0229 | | | : Pertains to uncontrolled resource consumption in Juniper Networks Junos OS MQTT server. CVSS score: 5.3 (Medium) |
| CVE-2019-5432 | | | : A malformed MQTT Subscribe packet can crash MQTT Brokers. CVSS score: 7.5 (High) |
| Using IoT MQTT for V2V and Connected Car | | | |
| MQTT with Hardware Development Information | | | |
| IoT Live Demo: 100,000 Connected Cars with Kubernetes, Kafka, MQTT, TensorFlow | | | |
| Nmap MQTT Library | | | |
| The Seven Best MQTT Client Tools | | | |
| A Guide to MQTT by Hacking a Doorbell to Send Push Notifications (Video) | | | |
| Understanding the MQTT Protocol Packet Structure | | | |
| Authenticating & Authorizing Devices Using MQTT with Auth0 | | | |
| Deep Learning UDF for MQTT IoT Sensor Data Anomaly Detection | 289 | 11 months ago | |
| IoXY - MQTT Intercepting Proxy | | | |
| Mosquitto - An Open Source MQTT Broker | | | |
| HiveMQ | | | |
| MQTT Explorer | | | |
| Welcome to MQTT-PWN! | | | |
| WailingCrab Malware Evolves Using MQTT for Stealthier C2 Communication | | | |
| Alert: New WailingCrab Malware Loader | | | |
| MQTT on Snapcraft | | | |
| Introduction | | | |
| CoAP client Tools | | | |
| CoAP Pentest Tools | | | |
| Nmap - NSE for coap | | | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / RADIO HACKER QUICK START GUIDE |
| Complete course in Software Defined Radio (SDR) by Michael Ossmann | | | |
| SDR Notes - Radio IoT Protocols Overview | 158 | 11 months ago | |
| Understanding Radio | | | |
| Introduction to Software Defined Radio | | | |
| Introduction Gnuradio companion | | | |
| Creating a flow graph in gunradiocompanion | | | |
| Analysing radio signals 433Mhz | | | |
| Recording specific radio signal | | | |
| Replay Attacks with raspberrypi -rpitx | | | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / Cellular Hacking GSM BTS |
| Awesome-Cellular-Hacking | 2,905 | 14 days ago | |
| what is base tranceiver station | | | |
| How to Build Your Own Rogue GSM BTS | | | |
| 5Ghoul - 5G NR Attacks & 5G OTA Fuzzing | 513 | 22 days ago | |
| Introduction to GSM Security | | | |
| GSM Security 2 | | | |
| vulnerabilities in GSM security with USRP B200 | | | |
| Security Testing 4G (LTE) Networks | | | |
| Case Study of SS7/SIGTRAN Assessment | | | |
| Telecom Signaling Exploitation Framework - SS7, GTP, Diameter & SIP | 89 | almost 5 years ago | |
| ss7MAPer โ A SS7 pen testing toolkit | | | |
| Introduction to SIGTRAN and SIGTRAN Licensing | | | |
| SS7 Network Architecture | | | |
| Introduction to SS7 Signaling | | | |
| Breaking LTE on Layer Two | | | |
| LTE Sniffer | 1,792 | 30 days ago | |
| Fake BTS Detector (SCL-8521) | | | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / NFC-RFID |
| List of RFID/NFC Security & Privacy talks | 135 | about 1 month ago | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / Zigbee ALL Stuff |
| Introduction and protocol Overview | | | |
| Hacking Zigbee Devices with Attify Zigbee Framework | | | |
| Hands-on with RZUSBstick | | | |
| ZigBee & Z-Wave Security Brief | | | |
| Hacking ZigBee Networks | | | |
| Zigator: Analyzing the Security of Zigbee-Enabled Smart Homes | | | |
| Security Analysis of Zigbee Networks with Zigator and GNU Radio | | | |
| Low-Cost ZigBee Selective Jamming | | | |
| zigbear | 27 | almost 5 years ago | |
| ZigDiggity | 261 | about 3 years ago | |
| Zigator | 29 | over 1 year ago | |
| Z3sec | 108 | almost 7 years ago | |
| APIMOTE IEEE 802.15.4/ZIGBEE SNIFFING HARDWARE | | | |
| RaspBee-The Raspberry Pi Zigbee gateway | | | |
| USRP SDR 2 | | | |
| ATUSB IEEE 802.15.4 USB Adapter | | | |
| nRF52840-Dongle | | | |
| |
| awesome-bluetooth-security | 518 | 12 months ago | |
| BLE-NullBlr: Step By Step guide to BLE Understanding and Exploiting | 8 | about 5 years ago | |
| Traffic Engineering in a Bluetooth Piconet (PDF) | | | |
| BLE Characteristics: A Beginner's Tutorial | | | |
| Bluing - An intelligence gathering tool for hacking Bluetooth | 757 | over 1 year ago | |
| btproxy | 515 | over 4 years ago | |
| hcitool & bluez | | | |
| Testing With GATT Tool | | | |
| crackle - Cracking encryption | 845 | about 3 years ago | |
| bettercap | 16,771 | 6 days ago | |
| BtleJuice Bluetooth Smart Man-in-the-Middle framework | 744 | about 6 years ago | |
| gattacker | 706 | almost 3 years ago | |
| BTLEjack Bluetooth Low Energy Swiss army knife | 1,918 | 4 months ago | |
| DEDSEC-Bluetooth-exploit | 30 | 6 months ago | |
| BrakTooth Proof of Concept-Blutooth Classic Attacks | 447 | 3 months ago | |
| sweyntooth_bluetooth_low_energy_attacks Public | 281 | almost 3 years ago | |
| esp32_bluetooth_classic_sniffer Public | 506 | over 1 year ago | |
| NRFCONNECT - 52840 | | | |
| EDIMAX | | | |
| CSR 4.0 | | | |
| ESP32 - Development and learning Bluetooth | | | |
| Ubertooth | 1,947 | 10 months ago | |
| Sena 100 | | | |
| ESP-WROVER-KIT-VB | | | |
| Blue2thprinting: Answering the Question of 'WTF am I even looking at?!' | | | |
| Open Wounds: The Last 5 Years Have Left Bluetooth to Bleed | | | |
| It Was Harder to Sniff Bluetooth Through My Mask During the Pandemic... | | | |
| Bluetooth vs BLE Basics | 8 | about 5 years ago | |
| Examining the August Smart Lock | | | |
| Finding Bugs in Bluetooth | | | |
| Intel Edison as Bluetooth LE โ Exploit Box | | | |
| How I Reverse Engineered and Exploited a Smart Massager | | | |
| My Journey Towards Reverse Engineering a Smart Band โ Bluetooth-LE RE | | | |
| Bluetooth Smartlocks | | | |
| I Hacked MiBand 3 | | | |
| GATTacking Bluetooth Smart Devices | | | |
| Bluetooth Beacon Vulnerability | | | |
| Sweyntooth Vulnerabilities | | | |
| AIRDROP_LEAK - Sniffs BLE Traffic and Displays Status Messages from Apple Devices | 2,094 | about 1 year ago | |
| BRAKTOOTH: Causing Havoc on Bluetooth Link Manager | | | |
| Practical Introduction to BLE GATT Reverse Engineering: Hacking the Domyos EL500 | | | |
| MojoBox - Yet Another Not So Smartlock | | | |
| Bluetooth-Hacking | 132 | 8 months ago | |
| Bluetooth Forward and Future Secrecy Attacks and Defenses (BLUFFS) [CVE 2023-24023] | 495 | 10 months ago | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / DECT (Digital Enhanced Cordless Telecommunications) |
| Real Time Interception And Monitoring Of A DECT Cordless Telephone | | | |
| Eavesdropping On Unencrypted DECT Voice Traffic | | | |
| Decoding DECT Voice Traffic: In-depth Explanation | | | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / Mobile security (Android & iOS) |
| Android App Reverse Engineering 101 | | | A comprehensive guide to reverse engineering Android applications |
| Android Application Pentesting Book | | | A detailed book on penetration testing techniques for Android devices |
| Android Pentest Video Course - TutorialsPoint | | | A series of video tutorials on Android penetration testing |
| Android Tamer | | | A Virtual/Live Platform for Android Security professionals, offering tools and environment for Android security |
| iOS Pentesting | | | A guide to penetration testing in iOS environments |
| OWASP Mobile Security Testing Guide | | | The Open Web Application Security Project's guide for mobile security testing, applicable to iOS |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / Villages |
| Payment Villages | | | |
| ICS Village | | | |
| IoT Villages | | | |
| RF hackers | | | |
| Car Hacking Village | | | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / Online Assemblers |
| AZM Online Arm Assembler by Azeria | | | |
| Online Disassembler | | | |
| Compiler Explorer is an interactive online compiler which shows the assembly output of compiled C++, Rust, Go | | | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / ARM |
| Azeria Labs | | | |
| ARM EXPLOITATION FOR IoT | | | |
| Damn Vulnerable ARM Router (DVAR) | | | |
| EXPLOIT.EDUCATION | | | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / Pentesting Firmwares and emulating and analyzing |
| EMBA-An analyzer for embedded Linux firmware | | | |
| FACT-Firmware Analysis and Comparison Tool | 1,242 | 7 days ago | |
| Binwalk-v3 | 11,276 | 9 days ago | |
| fwhunt-scanner-Tools for analyzing UEFI firmware and checking UEFI modules with FwHunt rules | 214 | 3 months ago | |
| Qiling | 5,158 | about 1 month ago | |
| fwanalyzer | 492 | about 1 year ago | |
| ByteSweep | | | |
| Firmwalker | 1,057 | about 1 year ago | |
| Checksec.sh | 2,026 | 24 days ago | |
| QEMU | | | |
| Firmadyne | 1,830 | 4 months ago | |
| Firmware Modification Kit | | | |
| Firmware analysis and reversing | | | |
| Reversing 101 | | | |
| IoT Security Verification Standard (ISVS) | 134 | almost 2 years ago | |
| OWASP Firmware Security Testing Methodology | | | |
| Firmware emulation with QEMU | | | |
| Reversing ESP8266 Firmware | | | |
| Emulating ARM Router Firmware | | | |
| Reversing Firmware With Radare | | | |
| Samsung Firmware Magic - Unpacking and Decrypting | 210 | over 3 years ago | |
| Qiling & Binary Emulation for automatic unpacking | | | |
| Reverse engineering with #Ghidra: Breaking an embedded firmware encryption scheme | | | |
| Simulating and hunting firmware vulnerabilities with Qiling | | | |
| Using Symbolic Execution to Detect UEFI Firmware Vulnerabilities | | | |
| Binarly Finds Six High Severity Firmware Vulnerabilities in HP Enterprise Devices | | | |
| Emulating and Exploiting UEFI Firmware | | | |
| IoT binary analysis & emulation part -1 | | | |
| ross debugging for ARM / MIPS ELF with QEMU/toolchain | | | |
| Qemu + buildroot 101 | | | |
| Emulating IoT Firmware Made Easy: Start Hacking Without the Physical Device | | | |
| Adaptive Emulation Framework for Multi-Architecture IoT Firmware Testing | | | |
| Automatic Firmware Emulation through Invalidity-guided Knowledge Inference | | | |
| Debugging D-Link: Emulating firmware and hacking hardware | | | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / Firmware samples to pentest |
| Download From here by firmware.center | | | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / Binary Analysis |
| Reverse Engineering For Everyone! | | | |
| https://www.coalfire.com/the-coalfire-blog/reverse-engineering-and-patching-with-ghidra | | | |
| Part two: Reverse engineering and patching with Ghidra | | | |
| Automating binary vulnerability discovery with Ghidra and Semgrep | | | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / Symlinks Attacks |
| Zip Slip Vulnerability | | | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / Secureboot |
| Writing a Bootloader | | | |
| Pwn the ESP32 Secure Boot | | | |
| Pwn the ESP32 Forever: Flash Encryption and Sec. Boot Keys Extraction | | | |
| Amlogic S905 SoC: bypassing the (not so) Secure Boot to dump the BootROM | | | / |
| Defeating Secure Boot with Symlink Attacks | | | |
| PS4 Aux Hax 5 & PSVR Secure Boot Hacking with Keys by Fail0verflow! | | | |
| Eclypsium Discovers Multiple Vulnerabilities Affecting 129 Dell Models Via Dell Remote OS Recovery And Firmware Update Capabilities | | | |
| Technical Advisory โ U-Boot โ Unchecked Download Size and Direction in USB DFU (CVE-2022-2347) | | | |
| Breaking Secure Boot on the Silicon Labs Gecko platform | | | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / Storage Medium |
| EMMC Protocol | | | |
| RPMB, a secret place inside the eMMC | | | |
| Hardware Hacking 101: Identifying And Dumping EMMC Flash | | | |
| EMMC Data Recovery From Damaged Smartphone | | | |
| Another Bunch Of Articles For EMMC | | | |
| Unleash Your Smart-Home Devices: Vacuum Cleaning Robot Hacking | | | |
| Hands-On IoT Hacking: Rapid7 At DEF CON 30 IoT Village, Part 1 | | | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / Payment Device Security |
| Introduction to ATM Penetration Testing | | | |
| Pwning ATMs For Fun and Profit | | | |
| Jackpotting Automated Teller Machines Redux | | | By Barnaby Jack |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / IoT hardware Overview and Hacking |
| IoT Hardware Guide | | | |
| Intro To Hardware Hacking - Dumping Your First Firmware | | | |
| Bus Pirate | | | |
| EEPROM reader/SOIC Cable | | | |
| Jtagulator/Jtagenum | | | |
| Logic Analyzer | | | |
| The Shikra | | | |
| FaceDancer21 (USB Emulator/USB Fuzzer) | | | |
| RfCat | | | |
| Hak5Gear- Hak5FieldKits | | | |
| Ultra-Mini Bluetooth CSR 4.0 USB Dongle Adapter | | | |
| Attify Badge - UART, JTAG, SPI, I2C (w/ headers) | | | |
| An Introduction to Hardware Hacking | | | |
| Serial Terminal Basics | | | |
| Reverse Engineering Serial Ports | | | |
| REVERSE ENGINEERING ARCHITECTURE AND PINOUT OF CUSTOM ASICS | | | |
| ChipWhisperer - Hardware attacks | | | |
| Hardware hacking tutorial: Dumping and reversing firmware | | | |
| Dumping the firmware From Router using BUSPIRATE - SPI Dump | | | |
| TPM 2.0: Extracting Bitlocker keys through SPI | | | |
| How to Flash Chip of a Router With a Programmer | | | |
| Extracting Flash Memory over SPI | | | |
| Extracting Firmware from Embedded Devices (SPI NOR Flash) | | | |
| SPI-Blogs | | | |
| Reading FlashROMS - Youtube | | | |
| Intro to Embedded RE: UART Discovery and Firmware Extraction via UBoot | | | |
| Router Analysis Part 1: UART Discovery and SPI Flash Extraction | | | |
| Identifying UART interface | | | |
| onewire-over-uart | 153 | over 7 years ago | |
| Accessing sensor via UART | | | |
| Using UART to connect to a chinese IP cam | | | |
| A journey into IoT โ Hardware hacking: UART | | | |
| UARTBruteForcer | 16 | almost 9 years ago | |
| UART Connections and Dynamic analysis on Linksys e1000 | | | |
| Accessing and Dumping Firmware Through UART | | | |
| UART Exploiter | 5 | over 1 year ago | |
| HARDWARE HACKING 101: INTRODUCTION TO JTAG | | | |
| How To Find The JTAG Interface - Hardware Hacking Tutorial | | | |
| Buspirate JTAG Connections - Openocd | | | |
| Extracting Firmware from External Memory via JTAG | | | |
| Analyzing JTAG | | | |
| The hitchhackerโs guide to iPhone Lightning & JTAG hacking | | | |
| Debugging 8-bit AVRยฎ microcontrollers trhough JTAG and AVR-gdb | | | |
| Introduction to TPM (Trusted Platform Module) | | | |
| Trusted platform module security defeated in 30 minutes, no soldering required | | | |
| Side channel attacks | | | |
| Attacks on Implementations of Secure Systems | 225 | 3 months ago | |
| fuzzing, binary analysis, IoT security, and general exploitation | 1,234 | 18 days ago | |
| Espressif ESP32: Bypassing Encrypted Secure Boot(CVE-2020-13629) | | | |
| Breaking AES with ChipWhisperer - Piece of scake (Side Channel Analysis 100) | | | |
| Researchers use Rowhammer bit flips to steal 2048-bit crypto key | | | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / Awesome IoT Pentesting Guides |
| Shodan Pentesting Guide | | | |
| Car Hacking Practical Guide 101 | | | |
| OWASP Firmware Security Testing Methodology | | | |
| Awesome-bluetooth-security | 518 | 12 months ago | |
| awesome-embedded-fuzzing | 34 | over 2 years ago | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / Fuzzing Things |
| OWASP Fuzzing Info | | | |
| Fuzzing_ICS_protocols | | | |
| Fuzzowski - the Network Protocol Fuzzer that we will want to use | | | |
| Fuzz Testing of Application Reliability | | | |
| FIRM-AFL : High-Throughput Greybox Fuzzing of IoT Firmware via Augmented Process Emulation | | | |
| Snipuzz : Black-box Fuzzing of IoT Firmware via Message Snippet Inference | | | |
| part1 | | | [fuzzing-iot-binaries] - / |
| Modern Vulnerability Research Techniques on Embedded Systems | | | |
| FuzzingPaper | 2,467 | about 1 month ago | |
| Exercises to learn how to fuzz with American Fuzzy Lop | 1,227 | about 2 years ago | |
| Broadcom and Cypress firmware emulation for fuzzing and further full-stack debugging | 436 | 10 months ago | |
| Bluetooth experimentation framework for Broadcom and Cypress chips. | 687 | 3 months ago | |
| Fuzzing Forum | 3,513 | 29 days ago | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / FlipperZero |
| Flipper Zero Unleashed Firmware | 17,564 | 11 days ago | |
| RogueMaster Flipper Zero Firmware | 5,314 | 7 days ago | |
| Exploiting Flipper Zeroโs NFC file loader | | | CVE-2022-40363: |
| Flipper Zero - Starter Guide (YouTube) | | | |
| Awesome Resources for Flipper Zero | 18,960 | about 2 months ago | |
| Gaylord M FOCker - Pwn MIFARE Tags | | | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / ICS |
| ICS-Security | 2,726 | about 1 month ago | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / Automotive |
| Automotive-Security | 2,726 | about 1 month ago | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / Vulnerable IoT and Hardware Applications |
| DVID | 188 | 9 months ago | IoT: - |
| Damn Vulnerable Safe | | | Safe: - |
| IoT-vulhub | | | IoT-vulhub: - |
| DVRF | 673 | over 3 years ago | Router: - |
| Damn Vulnerable Chemical Process | | | SCADA: - |
| Sticky Fingers DV-Pi | | | PI: - |
| Damn Vulnerable SS7 Network | | | SS7 Network: - |
| Hacklab VulnVoIP | | | VoIP: - |
| Hardware Hacking 101 | 46 | over 5 years ago | Hardware Hacking 101: - |
| RHme-2015 | 0 | 3 months ago | RHME-2015: - |
| Rhme-2016 | 2 | 3 months ago | RHME-2016: - |
| Rhme-2017 | 0 | 3 months ago | RHME-2017: - |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / CTF For IoT And Embeddded |
| BLE CTF | 673 | 3 months ago | A framework focused on Bluetooth Low Energy security |
| Rhme-2016 | 2 | 3 months ago | Riscure's hardware security competition for 2016 |
| Rhme-2017 | 0 | 3 months ago | Riscure's hardware security competition for 2017 |
| IoTGoat | 180 | over 4 years ago | Deliberately insecure firmware based on OpenWrt for IoT security training |
| IoT Village CTF | | | A Capture The Flag event specifically focused on IoT security |
| IoTSec CTF | | | Offers IoT related challenges for continuous learning |
| Emulate to Exploitate | | | |
| Damn Vulnerable ARM Router | | | A deliberately vulnerable ARM router for exploitation practice |
| Firmware Security Training & CTF | | | Firmware analysis tools and challenges by Router Analysis Toolkit |
| ARM-X CTF | 692 | 11 days ago | A set of challenges focused on ARM exploitation |
| Azeria Labs ARM Challenges | | | Offers ARM assembly challenges and tutorials |
| Microcorruption | | | Embedded security CTF focusing on lock systems |
| Pwnable.kr | | | Offers various reverse engineering challenges |
| Hack The Box | | | Platform offering a range of challenges, including hardware and reverse engineering |
| Root Me | | | Platform with various types of challenges including hardware and reverse engineering |
| CTFtime | | | Lists various CTFs, including those in hardware, IoT, and firmware |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / follow the people |
| Jilles | | | |
| Joe Fitz | | | |
| Aseem Jakhar | | | |
| Cybergibbons | | | |
| Jasper | | | |
| Dave Jones | | | |
| bunnie | | | |
| Ilya Shaposhnikov | | | |
| Mark C. | | | |
| A-a-ron Guzman | | | |
| Yashin Mehaboobe | | | |
| Arun Magesh | | | |
| Mr-IoT | | | |
| QKaiser | | | |
| 9lyph | | | |
๐ ๏ธ Approach Methodology / Specific Topics in IoT Security / Blogs for IoT Pentest |
| wrongbaud | | | |
| Firmware Analysis | | | |
| voidstarsec | | | |
| Exploitee.rs Website | | | |
| Jilles.com | | | |
| Syss Tech Blog | | | |
| Payatu Blog | | | |
| Raelize Blog | | | |
| JCJC Dev Blog | | | |
| W00tsec Blog | | | |
| Devttys0 Blog | | | (Use Wayback Machine for old blogs) |
| Wrongbaud Blog | | | |
| Embedded Bits Blog | | | |
| RTL-SDR Blog | | | |
| Keenlab Blog | | | |
| Courk.cc | | | |
| IoT Security Wiki | | | |
| Cybergibbons Blog | | | |
| Firmware.RE | | | |
| K3170makan Blog | | | |
| Tclaverie Blog | | | |
| Besimaltinok Blog | | | |
| Ctrlu Blog | | | |
| IoT Pentest Blog | | | |
| Duo Decipher Blog | | | |
| Sp3ctr3 Blog | | | |
| 0x42424242.in Blog | | | |
| Dantheiotman Blog | | | |
| Danman Blog | | | |
| Quentinkaiser Blog | | | |
| Quarkslab Blog | | | |
| Ice9 Blog | | | |
| F-Secure Labs Blog | | | |
| MG.lol Blog | | | |
| CJHackerz Blog | | | |
| Bunnie's Blog | | | |
| Synacktiv Publications | | | |
| Cr4.sh Blog | | | |
| Ktln2 Blog | | | |
| Naehrdine Blog | | | |
| Limited Results Blog | | | |
| Fail0verflow Blog | | | |
| Exploit Security Blog | | | |
| Attify Blog | | | |
IoTSecurity101