awesome-embedded-and-iot-security

IoT security toolkit

A curated collection of resources and tools for analyzing and securing embedded and IoT devices

A curated list of awesome embedded and IoT security resources.

GitHub

2k stars
65 watching
241 forks
last commit: about 1 year ago
Linked from 5 awesome lists

awesomeawesome-listembeddedfirmwareiotsecurity

Awesome Embedded and IoT Security / Software Tools / Analysis Frameworks

EXPLIoT Pentest framework like Metasploit but specialized for IoT
FACT - The Firmware Analysis and Comparison Tool Full-featured static analysis framework including extraction of firmware, analysis utilizing different plug-ins and comparison of different firmware versions

Awesome Embedded and IoT Security / Software Tools / Analysis Frameworks / FACT - The Firmware Analysis and Comparison Tool

Improving your firmware security analysis process with FACT Conference talk about FACT

Awesome Embedded and IoT Security / Software Tools / Analysis Frameworks

FwAnalyzer 493 about 1 year ago Analyze security of firmware based on customized rules. Intended as additional step in DevSecOps, similar to CI
HAL – The Hardware Analyzer 626 about 20 hours ago A comprehensive reverse engineering and manipulation framework for gate-level netlists
HomePWN 880 almost 2 years ago Swiss Army Knife for Pentesting of IoT Devices
IoTSecFuzz Framework for automatisation of IoT layers security analysis: hardware, software and communication
Killerbee 767 about 1 year ago Framework for Testing & Auditing ZigBee and IEEE 802.15.4 Networks
PRET 3,949 4 months ago Printer Exploitation Toolkit
Routersploit 12,237 about 1 month ago Framework dedicated to exploit embedded devices

Awesome Embedded and IoT Security / Software Tools / Analysis Tools

Binwalk 11,412 4 days ago Searches a binary for "interesting" stuff, as well as extracts arbitrary files
cwe_checker 1,138 4 months ago Finds vulnerable patterns in binary executables - ELF support for x86, ARM, and MIPS, experimental bare-metal support
emba 2,732 1 day ago Analyze Linux-based firmware of embedded devices
Firmadyne 1,836 5 months ago Tries to emulate and pentest a firmware
Firmwalker 1,062 over 1 year ago Searches extracted firmware images for interesting files and information
Firmware Slap 471 about 4 years ago Discovering vulnerabilities in firmware through concolic analysis and function clustering
Ghidra Software Reverse Engineering suite; handles arbitrary binaries, if you provide CPU architecture and endianness of the binary
Radare2 20,791 4 days ago Software Reverse Engineering framework, also handles popular formats and arbitrary binaries, has an extensive command line toolset
Trommel 207 over 4 years ago Searches extracted firmware images for interesting files and information

Awesome Embedded and IoT Security / Software Tools / Extraction Tools

FACT Extractor 83 11 days ago Detects container format automatically and executes the corresponding extraction tool
Firmware Mod Kit 840 3 months ago Extraction tools for several container formats
The SRecord package Collection of tools for manipulating EPROM files (can convert lots of binary formats)

Awesome Embedded and IoT Security / Software Tools / Support Tools

JTAGenum 728 about 1 year ago Add JTAG capabilities to an Arduino
OpenOCD Free and Open On-Chip Debugging, In-System Programming and Boundary-Scan Testing

Awesome Embedded and IoT Security / Software Tools / Misc Tools

Cotopaxi 351 6 months ago Set of tools for security testing of Internet of Things devices using specific network IoT protocols
dumpflash 290 over 2 years ago Low-level NAND Flash dump and parsing utility
flashrom 904 5 days ago Tool for detecting, reading, writing, verifying and erasing flash chips
Samsung Firmware Magic 212 over 3 years ago Decrypt Samsung SSD firmware updates

Awesome Embedded and IoT Security / Hardware Tools

Bus Blaster Detects and interacts with hardware debug ports like and
Bus Pirate Detects and interacts with hardware debug ports like UART and JTAG
Shikra Detects and interacts with hardware debug ports like UART and JTAG. Among other protocols
JTAGULATOR Detects JTAG Pinouts fast
Saleae Easy to use Logic Analyzer that support many protocols
Ikalogic Alternative to Saleae logic analyzers
HydraBus Open source multi-tool hardware similar to the BusPirate but with NFC capabilities
ChipWhisperer Detects Glitch/Side-channel attacks
Glasgow 1,928 1 day ago Tool for exploring and debugging different digital interfaces
J-Link J-Link offers USB powered JTAG debug probes for multiple different CPU cores

Awesome Embedded and IoT Security / Hardware Tools / Bluetooth BLE Tools

UberTooth One Open source 2.4 GHz wireless development platform suitable for Bluetooth experimentation
Bluefruit LE Sniffer Easy to use Bluetooth Low Energy sniffer

Awesome Embedded and IoT Security / Hardware Tools / ZigBee Tools

ApiMote ZigBee security research hardware for learning about and evaluating the security of IEEE 802.15.4/ZigBee systems. Killerbee compatible
Freakduino Low Cost Battery Operated Wireless Arduino Board that can be turned into a IEEE 802.15.4 protocol sniffer

Awesome Embedded and IoT Security / Hardware Tools / SDR Tools

RTL-SDR Cheapest SDR for beginners. It is a computer based radio scanner for receiving live radio signals frequencies from 500 kHz up to 1.75 GHz
HackRF One Software Defined Radio peripheral capable of transmission or reception of radio signals from 1 MHz to 6 GHz (half-duplex)
YardStick One Half-duplex sub-1 GHz wireless transceiver
LimeSDR Software Defined Radio peripheral capable of transmission or reception of radio signals from 100 KHz to 3.8 GHz (full-duplex)
BladeRF 2.0 Software Defined Radio peripheral capable of transmission or reception of radio signals from 47 MHz to 6 GHz (full-duplex)
USRP B Series Software Defined Radio peripheral capable of transmission or reception of radio signals from 70 MHz to 6 GHz (full-duplex)

Awesome Embedded and IoT Security / Hardware Tools / RFID NFC Tools

Proxmark 3 RDV4 Powerful general purpose RFID tool. From Low Frequency (125kHz) to High Frequency (13.56MHz) tags
ChamaleonMini Programmable, portable tool for NFC security analysis
HydraNFC Powerful 13.56MHz RFID / NFC platform. Read / write / crack / sniff / emulate

Awesome Embedded and IoT Security / Books

Practical IoT Hacking 2020, Fotios Chantzis, Evangel Deirme, Ioannis Stais, Paulino Calderon, Beau Woods:
The Hardware Hacking Handbook: Breaking Embedded Security with Hardware Attacks 2020, Jasper van Woudenberg, Colin O'Flynn:
The Hacker's Hardware Toolkit: The best collection of hardware gadgets for Red Team hackers, Pentesters and security researchers 2,083 about 4 years ago 2019, Yago Hansen:
The IoT Hacker's Handbook: A Practical Guide to Hacking the Internet of Things 2019, Aditya Gupta:
Hardware Security: A Hands-on Learning Approach 2018, Mark Swarup Tehranipoor:
Pentesting Hardware - A Practical Handbook (DRAFT) 491 over 5 years ago 2018, Mark Carney:
Inside Radio: An Attack and Defense Guide 2018, Qing Yang, Lin Huang
IoT Penetration Testing Cookbook 2017, Aditya Gupta, Aaron Guzman:
The Hardware Hacker: Adventures in Making and Breaking Hardware 2017, Andrew Huang:
The Car Hacker's Handbook: A Guide for the Penetration Tester 2016, Craig Smith:
The Art of PCB Reverse Engineering 2015, Keng Tiong Ng:
Abusing the Internet of Things: Blackouts, Freakouts, and Stakeouts 2015, Nitesh Dhanjan:
Hacking Wireless Exposed 2015, Joshua Wright , Johnny Cache:
Hardware Security: Design, Threats, and Safeguards 2014, Debdeep Mukhopadhyay:
The Firmware Handbook (Embedded Technology) 2014, Jack Ganssle:
Hacking the XBOX 2013, Andrew Huang:

Awesome Embedded and IoT Security / Research Papers

SAFER: Development and Evaluation of an IoT Device Risk Assessment Framework in a Multinational Organization 2020, Oser et al:
Detecting IoT Devices and How They Put Large Heterogeneous Networks at Security Risk 2019, Agarwal et al:
BenchIoT: A Security Benchmark for the Internet of Things 2019, Almakhdhub et al:
SoK: Security Evaluation of Home-Based IoT Deployments 2019, Alrawi et al:
Challenges in Designing Exploit Mitigations for Deeply Embedded Systems 2019, Abbasi et al:
PeriScope: An Effective Probing and Fuzzing Framework for the Hardware-OS Boundary 2019, Song et al:
What You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices 2018, Muench et al:
Embedded Device Vulnerability Analysis Case Study Using Trommel 2017, O'Meara et al:
How to Break Secure Boot on FPGA SoCs through Malicious Hardware 2017, Jacob et al:
Towards Automated Classification of Firmware Images and Identification of Embedded Devices 2017, Costin et al:
Embedded Security Testing with Peripheral Device Caching and Runtime Program State Approximation 2016, Kammerstetter et al:
Towards Automated Dynamic Analysis for Linux-based Embedded Firmware 2016, Chen et al:
Automated Dynamic Firmware Analysis at Scale: A Case Study on Embedded Web Interfaces 2016, Costin et al:
Firmalice - Automatic Detection of Authentication Bypass Vulnerabilities in Binary Firmware 2015, Shoshitaishvili et al:
Embedded Systems Security: Threats, Vulnerabilities, and Attack Taxonomy 2015, Papp et al:
Avatar: A Framework to Support Dynamic Security Analysis of Embedded Systems' Firmwares 2014, Zaddach et al:
Analysis of embedded applications by evolutionary fuzzing 2014, Alimi et al:
A Large-Scale Analysis of the Security of Embedded Firmwares 2014, Costin et al:
FIE on Firmware: Finding Vulnerabilities in Embedded Systems using Symbolic Execution 2013, Davidson et al:

Awesome Embedded and IoT Security / Case Studies

Binary Hardening in IoT products
Cracking Linksys “Encryption”
Deadly Sins Of Development Conference talk presenting several real world examples on real bad implementations
Dumping firmware from a device's SPI flash with a buspirate
Hacking the DSP-W215, Again
Hacking the PS4 Introduction to PS4's security
IoT Security@CERN
Multiple vulnerabilities found in the D-link DWR-932B
Pwning the Dlink 850L routers and abusing the MyDlink Cloud protocol
PWN Xerox Printers (...again)
Reversing Firmware With Radare
Reversing the Huawei HG533

Awesome Embedded and IoT Security / Free Training

CSAW Embedded Security Challenge 2019 34 about 5 years ago CSAW 2019 Embedded Security Challenge (ESC)
Embedded Security CTF Microcorruption: Embedded Security CTF
Hardware Hacking 101 46 over 5 years ago Workshop @ BSides Munich 2019
IoTGoat 180 over 4 years ago IoTGoat is a deliberately insecure firmware based on OpenWrt
Rhme-2015 0 3 months ago First riscure Hack me hardware CTF challenge
Rhme-2016 2 3 months ago Riscure Hack me 2 is a low level hardware CTF challenge
Rhme-2017/2018 0 3 months ago Riscure Hack Me 3 embedded hardware CTF 2017-2018

Awesome Embedded and IoT Security / Websites

Hacking Printers Wiki All things printer
OWASP Embedded Application Security Project Development best practices and list of hardware and software tools
OWASP Internet of Things Project IoT common vulnerabilities and attack surfaces
Router Passwords Default login credential database sorted by manufacturer
Siliconpr0n A Wiki/Archive of all things IC reversing

Awesome Embedded and IoT Security / Websites / Blogs

RTL-SDR
/dev/ttyS0's Embedded Device Hacking
Exploiteers
Hackaday
jcjc's Hack The World
Quarkslab
wrong baud
Firmware Security
PenTestPartners
Attify
Patayu
GracefulSecurity - Hardware tag
Black Hills - Hardware Hacking tag

Awesome Embedded and IoT Security / Websites / Tutorials and Technical Background

Azeria Lab Miscellaneous ARM related Tutorials
JTAG Explained A walkthrough covering UART and JTAG bypassing a protected login shell
Reverse Engineering Serial Ports Detailed tutorial about how to spot debug pads on a PCB
UART explained An in depth explanation of the UART protocol

Awesome Embedded and IoT Security / Websites / YouTube Channels

Flashback Team A duo of hackers explaining their step by step approach to finding and exploiting vulnerabilities in embedded devices
StackSmashing Reverse engineering and hardware hacking of embedded devices

Awesome Embedded and IoT Security / Conferences

Hardwear.io

Backlinks from these awesome lists:

More related projects: