2023-09-26 01:35:40 +05:30
2020-12-27 21:14:44 +05:30
2018-11-05 13:00:04 +05:30
2022-07-18 23:43:29 +05:30
- A Collection for IoT Security Resources
- You are welcome to fork and [contribute ](https://github.com/V33RU/IoTSecurity101/blob/master/contributors.md#contributors )
2022-07-18 23:42:55 +05:30
2023-01-03 19:24:08 +05:30
- Other Interesting Areas
2023-01-04 01:34:41 +05:30
- [ICS-Security ](https://github.com/V33RU/IoTSecurity101/blob/master/ICS/Industrial%20Control%20Systems.md )
2023-03-23 13:37:38 +05:30
- [Automotive-Security ](https://github.com/V33RU/IoTSecurity101/blob/master/Automotive/Automotive-security.md )
2023-01-03 19:24:08 +05:30
2020-02-27 19:08:57 +05:30
********************************************************************************************************************************
2022-07-18 23:42:55 +05:30
2023-12-23 23:12:41 +05:30
# 🛠️ Approach Methodology
- 🌐 **1. Network **
- 🌐 **2. Web (Front & Backend and Web services) **
- 📱 **3. Mobile App (Android & iOS) **
- 📡 **4. Wireless Connectivity (Zigbee, WiFi, Bluetooth, etc) **
- 💽 **5. Firmware Pentesting (Static and Dynamic analysis, OS of IoT Devices) **
- 🛠️ **6. Hardware Hacking & Fault Injections & SCA Attacks **
- 💾 **7. Storage Medium **
- 🔌 **8. I/O Ports **
## 📑 Contents Overview
### 🛡️ IoT Security Information
- [👥 Chat Groups for IoT Security ](#chat-groups-for-iot-security )
- [🎓 IoT and Hardware Security Trainings ](#iot-and-hardware-security-trainings )
- [🔍 Technical Research and Hacking ](#technical-research-and-hacking )
- [💻 Proof of Concepts: Known Device Vulnerabilities ](#proof-of-concepts-known-device-vulnerabilities )
- [📚 Books for IoT Penetration Testing ](#books-for-iot-penetration-testing )
- [🖋️ Blogs for IoT Pentest ](#blogs-for-iot-pentest )
- [📋 Awesome Cheatsheets ](#awesome-cheatsheets )
- [🔍 Search Engines for Exposed IoT Devices Worldwide ](#search-engines-for-exposed-iot-devices-worldwide )
- [🚩 CTF: Vulnerable IoT and Hardware Applications ](#vulnerable-iot-and-hardware-applications )
- [📺 YouTube Channels for IoT Pentesting ](#youtube-channels-for-iot-pentesting )
- [⚒️ Exploitation Tools ](#exploitation-tools )
- [🖥️ IoT Pentesting OSes ](#iot-pentesting-oses )
- [📘 IoT Vulnerabilities Checking Guides ](#iot-vulnerabilites-checking-guides )
- [🔬 IoT Labs ](#vulnerable-iot-and-hardware-applications )
- [📖 Awesome IoT Pentesting Guides ](#awesome-iot-pentesting-guides )
- [🐛 Fuzzing Things ](#fuzzing-things )
- [🏢 IoT Lab Setup Guide for Corporate/Individual ](https://github.com/IoT-PTv/IoT-Lab-Setup )
- [🔧 FlipperZero ](#flipperzero )
- [🏘 Villages ](#villages )
## Specific Topics
#### 🌐 Network
#### 🌐 Web IoT Message Protocols
- [📨 MQTT ](#mqtt )
- [📬 CoAP ](#coap )
#### 📱 Mobile App
- [🛡️ Mobile Security (Android & iOS) ](#mobile-security-android--ios )
#### 📡 Wireless Protocols
- [📻 Radio Hacking Starting Guide ](#Radio-Hacker-Quick-Start-Guide )
- [📡 Cellular Hacking GSM BTS ](#cellular-hacking-gsm-bts )
- [🐝 Zigbee ](#zigbee-aLL-stuff )
- [🔵 Bluetooth ](#ble-intro-and-sw-hw-tools-to-pentest )
- [📞 DECT ](#dect-digital-enhanced-cordless-telecommunications )
#### 💽 Firmware
- [🔍 Reverse Engineering Tools ](#reverse-engineering-tools )
- [💻 Online Assemblers ](#online-assemblers )
- [💪 ARM ](#arm )
- [🔨 Pentesting Firmwares: Emulating and Analyzing ](#pentesting-firmwares-and-emulating-and-analyzing )
- [🔬 Firmware Samples to Pentest ](#firmware-samples-to-pentest )
- [🔒 Secureboot ](#secureboot )
- [🔍 Binary Analysis ](#binary-analysis )
#### 🛠️ Hardware
- [🔎 IoT Hardware Intro ](#iot-hardware-overview-and-hacking )
- [🛠️ Required Hardware to Pentest IoT ](#hardware-gadgets-to-pentest )
- [🔌 Hardware Interfaces ](#attacking-hardware-interfaces )
- [🔌 SPI ](#spi )
- [🔌 UART ](#uart )
- [🔌 JTAG ](#jtag )
- [🛠️ SideChannel Attacks & Glitching Attacks ](#sidechannel-attacks )
#### 💾 Storage Medium
- [📀 EMMC Hacking ](#emmc-hacking )
#### 💳 Payment Security
- [💵 ATM Hacking ](#ATM-Hacking )
2023-01-03 19:24:08 +05:30
2020-02-27 19:17:40 +05:30
2020-02-27 19:11:31 +05:30
********************************************************************************************************************************
2023-12-23 19:32:26 +05:30
### Technical Research and Hacking
2020-02-27 19:11:31 +05:30
2020-05-09 00:07:53 +05:30
- [Subaru Head Unit Jailbreak ](https://github.com/sgayou/subaru-starlink-research/blob/master/doc/README.md )
- [Jeep Hack ](http://illmatics.com/Remote%20Car%20Hacking.pdf )
2023-09-07 00:23:11 +05:30
- [Dropcam Hacking ](https://www.defcon.org/images/defcon-22/dc-22-presentations/Moore-Wardle/DEFCON-22-Colby-Moore-Patrick-Wardle-Synack-DropCam-Updated.pdf )
- [Printer Hacking Live Sessions - Gamozo Labs ](https://www.youtube.com/watch?v=2LVtEoQA8Qo&ab_channel=gamozolabs )
2023-01-13 16:50:09 +11:00
- [LED Light Hacking ](https://youtu.be/Nnb2ct3hc68 )
2023-11-02 00:59:24 +05:30
- [PS4 Jailbreak – ](https://wololo.net/ps4-jailbreak-ps4-cfw4dummies/ )
2023-12-23 19:32:26 +05:30
- [Your Lenovo Watch X Is Watching You & Sharing What It Learns ](https://www.checkmarx.com/blog/lenovo-watch-watching-you/ )
- [Your Smart Scale is Leaking More than Your Weight: Privacy Issues in IoT ](https://www.checkmarx.com/blog/smart-scale-privacy-issues-iot/ )
2023-12-23 19:53:58 +05:30
- [Besder 6024PB-XMA501 IP camera security analysis ](https://github.com/KostasEreksonas/Besder-6024PB-XMA501-ip-camera-security-investigation )
- [Smart Lock Vulnerabilities ](http://www.savoringgreens.com/index-3218.html )
2018-05-27 10:20:43 +05:30
2023-12-23 19:33:09 +05:30
2023-01-11 21:55:34 +05:30
********************************************************************************************************************************
2023-12-23 19:32:26 +05:30
### Proof of Concepts known Device Vulnerabilities
2023-01-11 21:56:05 +05:30
- [IoT-Vuln-with CVE and PoC of tenda and dlink ](https://github.com/z1r00/IOT_Vul )
2018-05-27 10:20:43 +05:30
2020-02-27 19:11:31 +05:30
********************************************************************************************************************************
2023-09-07 00:23:11 +05:30
### Chat Groups for IoT Security
- [IoTSecurity101 Telegram ](https://t.me/iotsecurity1011 )
- [IoTSecurity101 Reddit ](https://www.reddit.com/r/IoTSecurity101/ )
- [IoTSecurity101 Discord ](https://discord.gg/EH9dxT9 )
- [Hardware Hacking Telegram ](https://t.me/hardwareHackingBrasil )
- [RFID Discord Group ](https://discord.gg/Z43TrcVyPr )
- [ICS Discord Group ](https://discord.com/invite/CmDDsFK )
2019-08-25 13:03:16 +05:30
2023-07-20 08:53:12 +05:30
********************************************************************************************************************************
### IoT and Hardware Security Trainings
- [opensecuritytraining 2 ](https://p.ost2.fyi/courses )
2023-09-07 00:48:40 +05:30
2020-02-27 19:11:31 +05:30
********************************************************************************************************************************
2023-09-10 15:43:24 +05:30
### Books for IoT Penetration Testing
2023-09-10 15:40:59 +05:30
#### 2004
- [The Firmware Handbook (Embedded Technology) 1st Edition by Jack Ganssle ](https://www.amazon.com/Firmware-Handbook-Embedded-Technology/dp/075067606X )
- [Hardware Hacking: Have Fun while Voiding your Warranty 1st Edition ](https://www.elsevier.com/books/hardware-hacking/grand/978-1-932266-83-2 )
#### 2007
- [Linksys WRT54G Ultimate Hacking 1st Edition by Paul Asadoorian ](https://www.amazon.com/Linksys-WRT54G-Ultimate-Hacking-Asadoorian/dp/1597491667 )
#### 2013
- [Hacking the Xbox - An Introduction to Reverse Engineering HACKING THE XBOX by Andrew “bunnie” Huang ](https://www.nostarch.com/xboxfree )
- [Applied Cyber Security and the Smart Grid: Implementing Security Controls into the Modern Power Infrastructure by Eric D. Knapp , Raj Samani ](https://www.amazon.com/Applied-Cyber-Security-Smart-Grid/dp/1597499986/ )
#### 2014
- [Android Hacker's Handbook by Joshua J. Drake ](https://www.amazon.in/Android-Hackers-Handbook-MISL-WILEY-Joshua/dp/812654922X )
#### 2015
- [The Art of Pcb Reverse Engineering: Unravelling the Beauty of the Original Design ](https://www.amazon.in/Art-Pcb-Reverse-Engineering-Unravelling/dp/1499323441 )
- [Abusing the Internet of Things: Blackouts, Freakouts, and Stakeouts 1st Edition, by Nitesh Dhanjani ](https://www.amazon.in/Abusing-Internet-Things-Blackouts-Freakouts-ebook/dp/B013VQ7N36 )
#### 2016
- [Learning Linux Binary Analysis By Ryan "elfmaster" O'Neill ](https://www.packtpub.com/networking-and-servers/learning-linux-binary-analysis )
- [Car hacker's handbook by Craig Smith ](http://opengarages.org/handbook )
#### 2017
- [IoT Penetration Testing Cookbook By Aaron Guzman , Aditya Gupta ](https://www.packtpub.com/networking-and-servers/iot-penetration-testing-cookbook )
#### 2018
- [Inside Radio: An Attack and Defense Guide by Authors: Yang, Qing, Huang, Lin ](https://books.google.co.in/books?id=71NSDwAAQBAJ&printsec=copyright&redir_esc=y#v=onepage&q&f=false )
- [Pentest Hardware ](https://github.com/unprovable/PentestHardware/ )
- [Gray Hat Hacking: The Ethical Hacker's Handbook, Fifth Edition 5th Edition by Daniel Regalado , Shon Harris , Allen Harper , Chris Eagle , Jonathan Ness , Branko Spasojevic , Ryan Linn , Stephen Sims ](https://www.amazon.in/Gray-Hat-Hacking-Ethical-Handbook-ebook/dp/B07D3J9J4H )
#### 2021
- [Practical Hardware Pentesting ](https://www.packtpub.com/product/practical-hardware-pentesting/9781789619133?_ga=2.224205017.333884789.1668314814-101815837.1668314814 )
- [The Hardware Hacking Handbook: Breaking Embedded Security with Hardware Attacks Front Cover Jasper van Woudenberg, Colin O'Flynn ](https://books.google.co.in/books?id=DEqatAEACAAJ&source=gbs_navlinks_s )
- [Practical IoT Hacking-The Definitive Guide to Attacking the Internet of Things by Fotios Chantzis, Ioannis Stais, Paulino Calderon, Evangelos Deirmentzoglou, Beau Woods ](https://nostarch.com/practical-iot-hacking )
2023-11-01 20:43:31 +05:30
- [Manual PCB-RE: The Essentials ](https://www.amazon.in/Manual-PCB-RE-Essentials-Keng-Tiong/dp/B0974Z3NDS )
2023-09-10 15:40:59 +05:30
#### 2022
- [PatrIoT: practical and agile threat research for IoT by Emre Süren ](https://link.springer.com/article/10.1007/s10207-022-00633-3 )
#### 2023
- [Practical Hardware Pentesting - Second Edition ](https://www.packtpub.com/product/practical-hardware-pentesting-second-edition/9781803249322 )
- [Blue Fox: Arm Assembly Internals & Reverse Engineering ](https://www.wiley.com/en-gb/Blue+Fox%3A+Arm+Assembly+Internals+%26+Reverse+Engineering-p-9781119745303 )
- [Fuzzing Against the Machine: Automate vulnerability research with emulated IoT devices on QEMU ](https://www.packtpub.com/product/fuzzing-against-the-machine/9781804614976 )
- [Hardware Security Training, Hands-on! ](https://link.springer.com/book/10.1007/978-3-031-31034-8 )
2023-11-01 17:20:18 +05:30
- [Automotive Cybersecurity Engineering Handbook: The automotive engineer's roadmap to cyber-resilient vehicles Series ](https://www.amazon.in/Automotive-Cybersecurity-Engineering-Handbook-cyber-resilient/dp/1801076537 )
2023-11-23 18:10:47 +05:30
- [Embedded Systems Security and TrustZone ](https://embeddedsecurity.io/ )
2023-09-10 15:40:59 +05:30
2018-05-28 09:58:53 +05:30
2020-02-27 19:11:31 +05:30
********************************************************************************************************************************
2020-04-17 00:40:10 +05:30
2020-05-09 00:07:53 +05:30
### Awesome CheatSheets
2020-02-27 19:11:31 +05:30
2023-09-07 00:48:40 +05:30
- [Hardware Hacking cheat sheet ](https://github.com/arunmagesh/hw_hacking_cheatsheet )
2020-01-30 19:35:37 +05:30
- [Nmap ](https://github.com/gnebbia/nmap_tutorial )
2019-05-14 11:26:46 +05:30
2020-02-27 19:11:31 +05:30
********************************************************************************************************************************
2023-12-23 19:56:50 +05:30
### Search Engines for Internet-Connected Devices
2020-02-27 19:11:31 +05:30
2020-05-09 00:07:53 +05:30
- [Shodan ](https://www.shodan.io/ )
- [Censys ](https://censys.io/ )
2023-09-07 00:48:40 +05:30
- [ZoomEye ](https://www.zoomeye.org/ )
- [BinaryEdge ](https://www.binaryedge.io/ )
- [Thingful ](https://www.thingful.net/ )
- [Wigle ](https://wigle.net/ )
- [Hunter.io ](https://hunter.io/ )
- [BuiltWith ](https://builtwith.com/ )
- [NetDB ](https://github.com/stamparm/NetDB )
- [Recon-ng ](https://github.com/lanmaster53/recon-ng )
- [PublicWWW ](https://publicwww.com/ )
2018-12-04 17:20:03 +05:30
2020-02-27 19:11:31 +05:30
********************************************************************************************************************************
2020-05-09 00:07:53 +05:30
### YouTube Channels for IoT Pentesting
2020-02-27 19:11:31 +05:30
2022-11-28 13:29:24 +05:30
- [Joe Grand ](https://www.youtube.com/@JoeGrand )
2020-05-10 20:12:53 +05:30
- [Liveoverflow ](https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w )
- [Binary Adventure ](https://www.youtube.com/channel/UCSLlgiYtOXZnYPba_W4bHqQ )
- [EEVBlog ](https://www.youtube.com/user/EEVblog )
- [Craig Smith ](https://www.youtube.com/channel/UCxC8G4Oeed4N0-GVeDdFoSA )
- [iotpentest [Mr-IoT]](https://www.youtube.com/channel/UCe2mJv2FPRFhYJ7dvNdYR4Q)
- [Besim ALTINOK - IoT - Hardware - Wireless ](https://www.youtube.com/channel/UCnIV7A3kDL4JXJEljpW6TRQ/playlists )
- [Ghidra Ninja ](https://www.youtube.com/channel/UC3S8vxwRfqLBdIhgRlDRVzw )
- [Cyber Gibbons ](https://www.youtube.com/channel/UC_IYERSoSwdR7AA5P41mYTA )
2020-06-09 16:09:20 +05:30
- [Scanline ](https://www.youtube.com/channel/UCaEgw3321ct_PE4PJvdhXEQ )
2021-08-08 19:52:41 +05:30
- [Aaron Christophel ](https://www.youtube.com/c/12002230/videos )
2022-10-17 22:23:08 +05:30
- [Valerio Di Giampietro ](https://www.youtube.com/c/MakeMeHack )
2018-07-26 11:44:07 +05:30
2020-02-27 19:11:31 +05:30
********************************************************************************************************************************
2020-05-09 00:07:53 +05:30
### Vehicle Security Resources
2019-11-28 01:46:33 +05:30
- https://github.com/jaredthecoder/awesome-vehicle-security
2020-02-27 19:11:31 +05:30
********************************************************************************************************************************
2020-05-09 00:07:53 +05:30
### IoT Vulnerabilites Checking Guides
2018-05-27 12:04:09 +05:30
2019-01-28 11:46:18 +05:30
- [Reflecting upon OWASP TOP-10 IoT Vulnerabilities ](https://embedi.org/blog/reflecting-upon-owasp-top-10-iot-vulnerabilities/ )
2019-04-25 10:30:55 +05:30
- [OWASP IoT Top 10 2018 Mapping Project ](https://scriptingxss.gitbook.io/owasp-iot-top-10-mapping-project/ )
2020-04-12 00:21:35 +05:30
- [Hardware toolkits for IoT security analysis ](https://defcon-nn.ru/0x0B/Hardware%20toolkits%20for%20IoT%20security%20analysis.pdf )
2018-05-27 12:04:09 +05:30
2020-02-27 19:11:31 +05:30
********************************************************************************************************************************
2020-05-09 00:07:53 +05:30
### IoT Gateway Software
2019-11-16 13:52:16 +05:30
- [Webthings by Mozilla - RaspberryPi ](https://iot.mozilla.org/docs/gateway-getting-started-guide.html )
2020-02-27 19:11:31 +05:30
********************************************************************************************************************************
2020-05-09 00:07:53 +05:30
### IoT Pentesting OSes
2020-02-27 19:11:31 +05:30
2023-10-17 08:58:54 +05:30
- [Sigint OS- LTE IMSI Catcher ](https://www.sigintos.com/ )
2019-11-10 16:34:14 +05:30
- [Instatn-gnuradio OS - For Radio Signals Testing ](https://github.com/bastibl/instant-gnuradio )
2019-11-10 16:35:11 +05:30
- [Ubutnu Best Host Linux for IoT's - Use LTS ](https://www.ubuntu.com/ )
2022-11-21 22:57:54 +05:30
- [Internet of Things - Penetration Testing OS v1 ](https://github.com/IoT-PTv )
2020-03-25 11:15:51 +05:30
- [Dragon OS - DEBIAN LINUX WITH PREINSTALLED OPEN SOURCE SDR SOFTWARE ](https://www.rtl-sdr.com/dragonos-debian-linux-with-preinstalled-open-source-sdr-software/ )
2020-03-31 19:59:29 +05:30
- [EmbedOS - Embedded security testing virtual machine ](https://github.com/scriptingxss/EmbedOS )
2020-05-09 00:12:40 +05:30
- [Skywave Linux- Software Defined Radio for Global Online Listening ](https://skywavelinux.com/ )
- [A Small, Scalable Open Source RTOS for IoT Embedded Devices ](https://www.zephyrproject.org/ )
2020-08-12 12:28:48 +05:30
- [ICS - Controlthings.io ](https://www.controlthings.io/platform )
2023-10-11 20:04:45 +05:30
- [AttifyOS - IoT Pentest OS - by Aditya Gupta ](https://github.com/adi0x90/attifyos )
2019-11-10 16:34:14 +05:30
2020-02-27 19:11:31 +05:30
********************************************************************************************************************************
2020-05-09 00:07:53 +05:30
### Exploitation Tools
2020-02-27 19:11:31 +05:30
2019-11-10 16:34:14 +05:30
- [Expliot - IoT Exploitation framework - by Aseemjakhar ](https://gitlab.com/expliot_framework/expliot )
2018-06-05 13:05:14 +05:30
- [Routersploit (Exploitation Framework for Embedded Devices) ](https://github.com/threat9/routersploit )
2019-02-06 16:14:23 +05:30
- [IoTSecFuzz (comprehensive testing for IoT device) ](https://gitlab.com/invuls/iot-projects/iotsecfuzz )
2020-06-16 13:27:23 +05:30
- [HomePwn - Swiss Army Knife for Pentesting of IoT Devices ](https://github.com/ElevenPaths/HomePWN )
2020-05-09 00:12:40 +05:30
- [killerbee - Zigbee exploitation ](https://github.com/riverloopsec/killerbee )
- [PRET - Printer Exploitation Toolkit ](https://github.com/RUB-NDS/PRET )
- [HAL – ](https://github.com/emsec/hal )
- [FwAnalyzer (Firmware Analyzer) ](https://github.com/cruise-automation/fwanalyzer )
2020-07-26 19:23:56 +05:30
- [ISF(Industrial Security Exploitation Framework ](https://github.com/w3h/isf )
- [PENIOT: Penetration Testing Tool for IoT ](https://github.com/yakuza8/peniot )
2021-02-28 10:05:29 +05:30
- [MQTT-PWN ](https://github.com/akamai-threat-research/mqtt-pwn )
2018-05-28 12:37:24 +05:30
2020-02-27 19:11:31 +05:30
********************************************************************************************************************************
2020-05-09 00:07:53 +05:30
### Reverse Engineering Tools
2020-02-27 19:11:31 +05:30
2018-05-28 12:37:24 +05:30
- [IDA Pro ](https://www.youtube.com/watch?v=fgMl0Uqiey8 )
- [GDB ](https://www.youtube.com/watch?v=fgMl0Uqiey8 )
2020-04-04 18:26:44 +05:30
- [Radare2 ](https://radare.gitbooks.io/radare2book/content/ ) | [cutter ](https://cutter.re/ )
2019-04-09 13:04:24 +05:30
- [Ghidra ](https://ghidra-sre.org/ )
2018-05-28 12:37:24 +05:30
2020-02-27 19:11:31 +05:30
********************************************************************************************************************************
2023-12-23 19:56:50 +05:30
### Introduction
2018-05-27 10:56:52 +05:30
2018-05-27 12:04:56 +05:30
- [Introduction to IoT ](https://en.wikipedia.org/wiki/Internet_of_things )
- [IoT Architecture ](https://www.c-sharpcorner.com/UploadFile/f88748/internet-of-things-part-2/ )
2018-05-27 11:14:56 +05:30
- [IoT attack surface ](https://www.owasp.org/index.php/IoT_Attack_Surface_Areas )
2018-05-28 12:37:24 +05:30
- [IoT Protocols Overview ](https://www.postscapes.com/internet-of-things-protocols/ )
2020-02-27 19:11:31 +05:30
********************************************************************************************************************************
2020-05-09 00:07:53 +05:30
### IoT Web and message services
#### MQTT
2020-02-27 19:11:31 +05:30
2018-05-28 12:37:24 +05:30
- [Introduction ](https://www.hivemq.com/blog/mqtt-essentials-part-1-introducing-mqtt )
- [Hacking the IoT with MQTT ](https://morphuslabs.com/hacking-the-iot-with-mqtt-8edaf0d07b9b )
- [thoughts about using IoT MQTT for V2V and Connected Car from CES 2014 ](https://mobilebit.wordpress.com/tag/mqtt/ )
- [Nmap ](https://nmap.org/nsedoc/lib/mqtt.html )
- [The Seven Best MQTT Client Tools ](https://www.hivemq.com/blog/seven-best-mqtt-client-tools )
2018-05-28 15:31:54 +05:30
- [A Guide to MQTT by Hacking a Doorbell to send Push Notifications ](https://youtu.be/J_BAXVSVPVI )
2020-03-14 16:40:02 +05:30
- [Are smart homes vulnerable to hacking ](https://blog.avast.com/mqtt-vulnerabilities-hacking-smart-homes )
2021-01-30 19:08:07 +05:30
- [Deep Learning UDF for KSQL / ksqlDB for Streaming Anomaly Detection of MQTT IoT Sensor Data ](https://github.com/kaiwaehner/ksql-udf-deep-learning-mqtt-iot )
- [Authenticating & Authorizing Devices using MQTT with Auth0 ](https://auth0.com/docs/integrations/authenticate-devices-using-mqtt )
- [Development information for the MQTT with hardware ](https://www.hackster.io/search?i=projects&q=Mqtt )
- [Understanding the MQTT Protocol Packet Structure ](http://www.steves-internet-guide.com/mqtt-protocol-messages-overview/ )
- [R7-2019-18: Multiple Hickory Smart Lock Vulnerabilities ](https://blog.rapid7.com/2019/08/01/r7-2019-18-multiple-hickory-smart-lock-vulnerabilities/ )
- [IoT Live Demo: 100.000 Connected Cars With Kubernetes, Kafka, MQTT, TensorFlow ](https://dzone.com/articles/iot-live-demo-100000-connected-cars-with-kubernete )
2020-03-14 16:40:02 +05:30
2020-05-09 00:07:53 +05:30
#### Softwares
2021-01-30 19:08:07 +05:30
- [Mosquitto-An open source MQTT broker ](https://mosquitto.org/ )
2020-03-14 16:40:02 +05:30
- [HiveMQ ](https://www.hivemq.com/ )
- [MQTT Explorer ](http://mqtt-explorer.com/ )
2021-01-30 19:08:07 +05:30
- [MQTT proxy - IoXY ](https://blog.nviso.eu/2020/07/06/introducing-ioxy-an-open-source-mqtt-intercepting-proxy/ )
- [MQTT Broker Security - 101 ](https://payatu.com/blog/dattatray/iot-security-%E2%80%93-part-12-mqtt-broker-security---101 )
- [Welcome to MQTT-PWN! ](https://mqtt-pwn.readthedocs.io/en/latest/ )
2018-05-28 12:37:24 +05:30
2020-05-09 00:07:53 +05:30
#### CoAP
2020-02-27 19:11:31 +05:30
2018-05-28 12:37:24 +05:30
- [Introduction ](http://coap.technology/ )
- [CoAP client Tools ](http://coap.technology/tools.html )
- [CoAP Pentest Tools ](https://bitbucket.org/aseemjakhar/expliot_framework )
2021-01-30 19:08:07 +05:30
- [Nmap - NSE for coap ](https://nmap.org/nsedoc/lib/coap.html )
2018-05-28 12:37:24 +05:30
2021-01-30 19:08:07 +05:30
2020-02-27 19:11:31 +05:30
********************************************************************************************************************************
2021-02-11 01:02:56 +05:30
### RADIO HACKER QUICK START GUIDE
2020-02-27 19:11:31 +05:30
2023-01-30 13:34:36 +05:30
- [Complete course in Software Defined Radio (SDR) by Michael Ossmann ](https://greatscottgadgets.com/sdr/ )
2021-02-11 00:49:40 +05:30
- [SDR Notes - Radio IoT Protocols Overview ](https://github.com/notpike/SDR-Notes )
2018-05-28 12:37:24 +05:30
- [Understanding Radio ](https://www.taitradioacademy.com/lessons/introduction-to-radio-communications-principals/ )
2021-01-30 19:08:07 +05:30
- [Introduction to Software Defined Radio ](https://www.allaboutcircuits.com/technical-articles/introduction-to-software-defined-radio/ )
- [Introduction Gnuradio companion ](https://wiki.gnuradio.org/index.php/Guided_Tutorial_GRC#Tutorial:_GNU_Radio_Companion )
- [Creating a flow graph in gunradiocompanion ](https://blog.didierstevens.com/2017/09/19/quickpost-creating-a-simple-flow-graph-with-gnu-radio-companion/ )
- [Analysing radio signals 433Mhz ](https://www.rtl-sdr.com/analyzing-433-mhz-transmitters-rtl-sdr/ )
2018-05-28 12:37:24 +05:30
- [Recording specific radio signal ](https://www.rtl-sdr.com/freqwatch-rtl-sdr-frequency-scanner-recorder/ )
2021-01-30 19:08:07 +05:30
- [Replay Attacks with raspberrypi -rpitx ](https://www.rtl-sdr.com/tutorial-replay-attacks-with-an-rtl-sdr-raspberry-pi-and-rpitx/ )
2018-05-28 12:37:24 +05:30
2021-06-11 23:38:51 +05:30
### Cellular Hacking GSM BTS
2020-02-27 19:11:31 +05:30
2021-01-30 15:47:37 +05:30
#### BTS
- [Awesome-Cellular-Hacking ](https://github.com/W00t3k/Awesome-Cellular-Hacking/blob/master/README.md )
2018-06-01 12:01:04 +05:30
- [what is base tranceiver station ](https://en.wikipedia.org/wiki/Base_transceiver_station )
2021-01-30 15:47:37 +05:30
- [How to Build Your Own Rogue GSM BTS ](https://l33t.gg/how-to-build-a-rogue-gsm-bts/ )
2018-06-01 12:01:04 +05:30
2021-04-25 10:03:32 +05:30
#### GSM SS7 Pentesting
2020-02-27 19:11:31 +05:30
2023-12-08 19:51:16 +05:30
- [5Ghoul - 5G NR Attacks & 5G OTA Fuzzing ](https://github.com/asset-group/5ghoul-5g-nr-attacks )
2018-06-07 20:16:37 +05:30
- [Introduction to GSM Security ](http://www.pentestingexperts.com/introduction-to-gsm-security/ )
- [GSM Security 2 ](https://www.ehacking.net/2011/02/gsm-security-2.html )
- [vulnerabilities in GSM security with USRP B200 ](https://ieeexplore.ieee.org/document/7581461/ )
- [Security Testing 4G (LTE) Networks ](https://labs.mwrinfosecurity.com/assets/BlogFiles/mwri-44con-lte-presentation-2012-09-11.pdf )
- [Case Study of SS7/SIGTRAN Assessment ](https://nullcon.net/website/archives/pdf/goa-2017/case-study-of-SS7-sigtran.pdf )
- [Telecom Signaling Exploitation Framework - SS7, GTP, Diameter & SIP ](https://github.com/SigPloiter/SigPloit )
- [ss7MAPer – ](https://n0where.net/ss7-pentesting-toolkit-ss7maper )
- [Introduction to SIGTRAN and SIGTRAN Licensing ](https://www.youtube.com/watch?v=XUY6pyoRKsg )
- [SS7 Network Architecture ](https://youtu.be/pg47dDUL1T0 )
- [Introduction to SS7 Signaling ](https://www.patton.com/whitepapers/Intro_to_SS7_Tutorial.pdf )
2019-05-14 11:31:45 +05:30
- [Breaking LTE on Layer Two ](https://alter-attack.net/ )
2018-06-07 20:16:37 +05:30
2023-04-20 10:53:21 +05:30
#### Hardware Tools
- [Fake BTS Detector (SCL-8521) ](https://www.shoghicom.com/fake-bts-detector.php )
2020-02-27 19:11:31 +05:30
********************************************************************************************************************************
2021-04-25 09:30:58 +05:30
### Zigbee ALL Stuff
2020-02-27 19:11:31 +05:30
2018-05-28 12:49:01 +05:30
- [Introduction and protocol Overview ](http://www.informit.com/articles/article.aspx?p=1409785 )
- [Hacking Zigbee Devices with Attify Zigbee Framework ](https://blog.attify.com/hack-iot-devices-zigbee-sniffing-exploitation/ )
- [Hands-on with RZUSBstick ](https://uk.rs-online.com/web/p/radio-frequency-development-kits/6962415/ )
2018-06-06 12:27:19 +05:30
- [ZigBee & Z-Wave Security Brief ](http://www.riverloopsecurity.com/blog/2018/05/zigbee-zwave-part1/ )
2021-04-25 09:30:58 +05:30
- [Hacking ZigBee Networks ](https://resources.infosecinstitute.com/topic/hacking-zigbee-networks/ )
- [Zigator: Analyzing the Security of Zigbee-Enabled Smart Homes ](https://mews.sv.cmu.edu/papers/wisec-20.pdf )
- [Security Analysis of Zigbee Networks with Zigator and GNU Radio ](https://mews.sv.cmu.edu/research/zigator/testbed-grcon2020-slides.pdf )
- [Low-Cost ZigBee Selective Jamming ](https://www.bastibl.net/reactive-zigbee-jamming/ )
2023-04-20 10:53:21 +05:30
#### SW Tools
2021-04-25 09:30:58 +05:30
- [zigbear ](https://github.com/philippnormann/zigbear )
- [ZigDiggity ](https://github.com/BishopFox/zigdiggity )
- [Zigator ](https://github.com/akestoridis/zigator )
- [Z3sec ](https://github.com/IoTsec/Z3sec )
#### Hardware Tools for Zigbee
- [APIMOTE IEEE 802.15.4/ZIGBEE SNIFFING HARDWARE ](https://www.riverloopsecurity.com/projects/apimote/ )
- [RaspBee-The Raspberry Pi Zigbee gateway ](https://phoscon.de/en/raspbee/ )
- [USRP SDR 2 ](https://www.ettus.com/products/ )
- [ATUSB IEEE 802.15.4 USB Adapter ](http://shop.sysmocom.de/products/atusb )
- [nRF52840-Dongle ](https://www.nordicsemi.com/Software-and-tools/Development-Kits/nRF52840-Dongle )
2018-05-28 12:37:24 +05:30
2020-02-27 19:11:31 +05:30
********************************************************************************************************************************
2021-02-11 00:49:40 +05:30
### BLE Intro and SW-HW Tools to pentest
2020-02-27 19:11:31 +05:30
2020-05-09 00:07:53 +05:30
- [Step By Step guide to BLE Understanding and Exploiting ](https://github.com/V33RU/BLE-NullBlr )
- [Traffic Engineering in a Bluetooth Piconet ](http://www.diva-portal.org/smash/get/diva2:833159/FULLTEXT01.pdf )
- [BLE Characteristics ](https://devzone.nordicsemi.com/nordic/short-range-guides/b/bluetooth-low-energy/posts/ble-characteristics-a-beginners-tutorial )
2020-02-27 19:17:40 +05:30
2020-03-24 11:54:49 +05:30
2020-05-09 00:07:53 +05:30
#### Bluetooth and BLE Pentest Tools
2020-02-27 19:17:40 +05:30
2020-02-27 19:05:55 +05:30
- [btproxy ](https://github.com/conorpp/btproxy )
- [hcitool & bluez ](https://www.pcsuggest.com/linux-bluetooth-setup-hcitool-bluez )
- [Testing With GATT Tool ](https://www.jaredwolff.com/blog/get-started-with-bluetooth-low-energy/ )
2023-04-06 20:50:46 +05:30
- [crackle-Cracking encryption ](https://github.com/mikeryan/crackle )
2020-02-27 19:05:55 +05:30
- [bettercap ](https://github.com/bettercap/bettercap )
- [BtleJuice Bluetooth Smart Man-in-the-Middle framework ](https://github.com/DigitalSecurity/btlejuice )
- [gattacker ](https://github.com/securing/gattacker )
- [BTLEjack Bluetooth Low Energy Swiss army knife ](https://github.com/virtualabs/btlejack )
2023-04-06 20:50:46 +05:30
- [bluing-An intelligence gathering tool for hacking Bluetooth ](https://github.com/fO-000/bluing )
2023-06-19 10:56:58 +05:30
- [DEDSEC-Bluetooth-exploit ](https://github.com/0xbitx/DEDSEC-Bluetooth-exploit )
2020-03-24 11:54:49 +05:30
2021-01-30 19:08:07 +05:30
#### Hardware for bluetooth hacking
2020-02-27 19:17:40 +05:30
2020-02-27 19:05:55 +05:30
- [NRFCONNECT - 52840 ](https://www.nordicsemi.com/Software-and-tools/Development-Kits/nRF52840-Dongle )
- [EDIMAX ](https://www.nordicsemi.com/Software-and-tools/Development-Kits/nRF52840-Dongle )
- [CSR 4.0 ](https://www.amazon.in/GENERIC-Ultra-Mini-Bluetooth-Dongle-Adapter/dp/B0117H7GZ6/ref=asc_df_B0117H7GZ6/?tag=googleshopdes-21&linkCode=df0&hvadid=396984700257&hvpos=1o1&hvnetw=g&hvrand=2179727910417729406&hvpone=&hvptwo=&hvqmt=&hvdev=c&hvdvcmdl=&hvlocint=&hvlocphy=9061998&hvtargid=pla-343685677347&psc=1&ext_vrnc=hi )
- [ESP32 - Development and learning Bluetooth ](https://www.espressif.com/en/products/hardware/esp32/overview )
- [Ubertooth ](https://github.com/greatscottgadgets/ubertooth/wiki/Ubertooth-One )
- [Sena 100 ](http://www.senanetworks.com/ud100-g03.html )
2022-11-13 19:19:17 +05:30
- [ESP-WROVER-KIT-VB ](https://www.digikey.in/en/products/detail/espressif-systems/ESP-WROVER-KIT-VB/8544301 )
2020-02-27 19:17:40 +05:30
2020-03-25 11:15:51 +05:30
#### BLE Pentesting Tutorials
2020-02-27 19:11:31 +05:30
2023-11-06 21:54:56 +05:30
- [Blue2thprinting (blue-[tooth)-printing]: answering the question of 'WTF am I even looking at?!'](https://darkmentor.com/publication/2023-11-hardweario/)
- [Open Wounds: The last 5 years have left Bluetooth to bleed ](https://darkmentor.com/publication/2023-10-hacklu/ )
- [It Was Harder to Sniff Bluetooth Through My Mask During the Pandemic... ](https://darkmentor.com/publication/2023-08-hitb/ )
2019-08-05 12:03:38 +05:30
- [Bluetooth vs BLE Basics ](https://github.com/V33RU/BLE-NullBlr )
2023-09-09 15:52:26 +05:30
- [examining-the-august-smart-lock ](https://blog.quarkslab.com/examining-the-august-smart-lock.html )
2021-04-25 09:04:34 +05:30
- [Finding bugs in Bluetooth ](https://bluetooth.lol/ )
2019-07-26 16:55:41 +05:30
- [Intel Edison as Bluetooth LE — Exploit box ](https://medium.com/@arunmag/intel-edison-as-bluetooth-le-exploit-box-a63e4cad6580 )
- [How I Reverse Engineered and Exploited a Smart Massager ](https://medium.com/@arunmag/how-i-reverse-engineered-and-exploited-a-smart-massager-ee7c9f21bf33 )
- [My journey towards Reverse Engineering a Smart Band — Bluetooth-LE RE ](https://medium.com/@arunmag/my-journey-towards-reverse-engineering-a-smart-band-bluetooth-le-re-d1dea00e4de2 )
- [Bluetooth Smartlocks ](https://www.getkisi.com/blog/smart-locks-hacked-bluetooth-ble )
- [I hacked MiBand 3 ](https://medium.com/@yogeshojha/i-hacked-xiaomi-miband-3-and-here-is-how-i-did-it-43d68c272391 )
- [GATTacking Bluetooth Smart Devices ](https://securing.pl/en/gattacking-bluetooth-smart-devices-introducing-a-new-ble-proxy-tool/index.html )
2020-08-07 22:56:51 +05:30
- [blueooth beacon vulnerability ](https://www.beaconzone.co.uk/blog/category/security/ )
- [Sweyntooth Vulnerabilties ](https://asset-group.github.io/disclosures/sweyntooth/ )
2021-03-20 23:44:58 +05:30
- [AIRDROP_LEAK - sniffs BLE traffic and displays status messages from Apple devices ](https://github.com/hexway/apple_bleee )
2022-11-13 19:19:17 +05:30
- [BRAKTOOTH: Causing Havoc on Bluetooth Link Manager ](https://asset-group.github.io/disclosures/braktooth/ )
2023-07-22 07:30:53 +05:30
- [Practical Introduction to BLE GATT Reverse Engineering: Hacking the Domyos EL500 ](https://jcjc-dev.com/2023/03/19/reversing-domyos-el500-elliptical/ )
2023-07-31 13:31:00 +05:30
- [MojoBox - yet another not so smartlock ](https://mandomat.github.io/2023-03-15-testing-mojobox-security/ )
- [bluetooth-hacking ](https://github.com/zedxpace/bluetooth-hacking- )
2023-09-09 15:52:26 +05:30
2023-03-23 13:35:17 +05:30
********************************************************************************************************************************
### DECT (Digital Enhanced Cordless Telecommunications)
- [Real Time Interception And Monitoring Of A DECT Cordless Telephone ](https://www.youtube.com/watch?v=MDF1eUvOte0&ab_channel=RobVK8FOES )
- [Eavesdropping On Unencrypted DECT Voice Traffic ](https://www.youtube.com/watch?v=WBvYsXrs3DI&ab_channel=RobVK8FOES )
- [Decoding DECT Voice Traffic: In-depth Explanation ](https://www.youtube.com/watch?v=oiMkirm_xfY&ab_channel=RobVK8FOES )
#### Software Tools && Hardware Tools
##### Software
##### Hardware
2019-07-26 16:55:41 +05:30
2020-02-27 19:11:31 +05:30
********************************************************************************************************************************
2020-05-09 00:07:53 +05:30
### Mobile security (Android & iOS)
2020-02-27 19:11:31 +05:30
2020-04-12 01:09:46 +05:30
- [Android App Reverse Engineering 101 ](https://maddiestone.github.io/AndroidAppRE/ )
- [Android Application pentesting book ](https://www.packtpub.com/hardware-and-creative/learning-pentesting-android-devices )
- [Android Pentest Video Course-TutorialsPoint ](https://www.youtube.com/watch?v=zHknRia3I6s&list=PLWPirh4EWFpESLreb04c4eZoCvJQJrC6H )
2018-05-28 12:49:01 +05:30
- [IOS Pentesting ](https://web.securityinnovation.com/hubfs/iOS%20Hacking%20Guide.pdf? )
2020-04-12 01:09:46 +05:30
- [OWASP Mobile Security Testing Guide ](https://owasp.org/www-project-mobile-security-testing-guide/ )
- [Android Tamer - Android Tamer is a Virtual / Live Platform for Android Security professionals ](https://androidtamer.com/ )
2023-11-08 22:28:49 +05:30
********************************************************************************************************************************
### Villages
- [Payment Villages ](https://www.paymentvillage.org/home )
- [ICS Village ](https://www.icsvillage.com/ )
- [IoT Villages ](https://www.iotvillage.org/index.html )
- [RF hackers ](https://rfhackers.com/ )
2023-11-08 22:30:14 +05:30
- [Car Hacking Village ](https://www.carhackingvillage.com/ )
2023-11-08 22:28:49 +05:30
2020-03-24 11:47:29 +05:30
*******************************************************************************************************************************
2020-05-09 00:07:53 +05:30
### Online Assemblers
2018-05-28 12:37:24 +05:30
2020-03-24 11:47:29 +05:30
- [AZM Online Arm Assembler by Azeria ](https://azeria-labs.com/azm/ )
- [Online Disassembler ](https://onlinedisassembler.com/odaweb/ )
- [Compiler Explorer is an interactive online compiler which shows the assembly output of compiled C++, Rust, Go ](https://godbolt.org/ )
2020-02-27 19:11:31 +05:30
********************************************************************************************************************************
2020-05-09 00:07:53 +05:30
### ARM
2020-02-27 19:11:31 +05:30
2018-05-28 15:21:19 +05:30
- [Azeria Labs ](https://azeria-labs.com/ )
2018-06-04 20:17:06 +05:30
- [ARM EXPLOITATION FOR IoT ](https://www.exploit-db.com/docs/english/43906-arm-exploitation-for-iot.pdf )
2019-05-14 11:26:46 +05:30
- [Damn Vulnerable ARM Router (DVAR) ](https://blog.exploitlab.net/2018/01/dvar-damn-vulnerable-arm-router.html )
2019-05-14 11:31:45 +05:30
- [EXPLOIT.EDUCATION ](https://exploit.education/ )
2018-05-28 12:37:24 +05:30
2020-02-27 19:11:31 +05:30
********************************************************************************************************************************
2020-05-09 00:07:53 +05:30
### Pentesting Firmwares and emulating and analyzing
2020-02-27 19:11:31 +05:30
2023-02-21 09:05:12 +05:30
##### Firmware Analysis Tools
2021-03-30 21:50:51 +05:30
- [EMBA-An analyzer for embedded Linux firmware ](https://p4cx.medium.com/emba-b370ce503602 )
2023-02-21 09:05:12 +05:30
- [FACT-Firmware Analysis and Comparison Tool ](https://github.com/fkie-cad/FACT_core )
- [Binwalk ](https://github.com/ReFirmLabs/binwalk )
- [Qiling ](https://github.com/qilingframework/qiling )
- [fwanalyzer ](https://github.com/cruise-automation/fwanalyzer )
- [ByteSweep ](https://gitlab.com/bytesweep/bytesweep )
- [Firmwalker ](https://github.com/craigz28/firmwalker )
- [Checksec.sh ](https://github.com/slimm609/checksec.sh )
- [QEMU ](https://www.qemu.org/ )
- [Firmadyne ](https://github.com/firmadyne/firmadyne )
- [Firmware Modification Kit ](https://code.google.com/archive/p/firmware-mod-kit/ )
##### Resources
2023-11-08 22:28:49 +05:30
- [Firmware analysis and reversing ](https://www.owasp.org/index.php/IoT_Firmware_Analysis )
2023-03-17 22:07:02 +05:30
- [Reversing 101 ](https://0xinfection.github.io/reversing/ )
2021-07-30 00:04:12 +05:30
- [IoT Security Verification Standard (ISVS) ](https://github.com/OWASP/IoT-Security-Verification-Standard-ISVS )
- [OWASP Firmware Security Testing Methodology ](https://scriptingxss.gitbook.io/firmware-security-testing-methodology/ )
2018-05-28 12:49:01 +05:30
- [Firmware emulation with QEMU ](https://www.youtube.com/watch?v=G0NNBloGIvs )
2019-03-02 19:32:26 +05:30
- [Reversing ESP8266 Firmware ](https://boredpentester.com/reversing-esp8266-firmware-part-1/ )
2020-03-24 11:47:29 +05:30
- [Emulating Embedded Linux Devices with QEMU ](https://www.novetta.com/2018/02/emulating-embedded-linux-devices-with-qemu/?__cf_chl_captcha_tk__=2167fb6cf097848dbf0dea8e4ecccc66f2a55e55-1585030085-0-AVfO7wG_mHgvnIgeIl-aiKLNW1IMb5IMLyqLOSOLydnZFzhyAyySWgfKvjvllAtYtmpbJjnaTlwyaWiO2kHXH4APqLuott0R7UReYCTZ3u--g4AJBK4eONEL2bTJcAHg3fzmXhrC-3iAqccNQC4jx1RWEz60y_MKFq63NVeoE1pC0EBYWkk7VqDWusBFbgpj6zRNv0ifKLc3oLYJck-oG13jeSbPISVLMCn6bCHVLaTp2gW7qG6GRELIWgdyfP9viyMDSAww3u-R1NmUgRQzctXIYMWH1MdL5p8lqbSpCa160cW3JaZ16IxT7iP1HkCBurx7rCOVP3DAcI8zrc19V9mi-jU9nXIW0Xf9eIpqlUP-R_txfNw4vF10PwIGKmg0Cpl2IDuY1ty3J8koQkdvxfE )
- [Emulating Embedded Linux Systems with QEMU ](https://www.novetta.com/2018/02/emulating-embedded-linux-systems-with-qemu/?__cf_chl_captcha_tk__=9dd83a08cffb28fae75286f63f399c34eec56852-1585030087-0-AblGAUd4LCDVbghNgQyfL5hgPXNC8pUcLIAbPUpx2tBOb_L4gVVc1sZ7Ivg0g--06WpkdpeV-kylZu3T_Yqgr7GdFpc2cKzxATdc_bsEV7uu1ljIctFloHTW_B1vvjFAe3QXdex4kkn2D4HuQiw9WLszvO2Ff8SvvfEpHoBumOavj-c2iXcEb2dDFMoK3_HB_3-y7q_BEAX3xqDCjqz7TpcoIWt-wTSQwRfx-VuBfO87hrTsX43yzq6BNjCE9s15ZQmPp_NouYIHNMnx3augAfkwZBSUA0r43GbA--3jLmJsTe_qvcn7gMz_HAR-GpnA_Usn_cr94VqtyNpl0vEsC1OMf48oBMMoFQJA6Jjn1hGPv5hV4M4aBtJrTnFoRP2YGwxAyNTM3Df9qw1iyBB8r58 )
2020-03-24 11:53:07 +05:30
- [Fuzzing Embedded Linux Devices ](https://www.novetta.com/2018/07/fuzzing-embedded-linux-devices/?__cf_chl_captcha_tk__=f07f3f76e61b43f9ae6340e94cf4adeaec87977e-1585030089-0-AYkRNbh1wpUia0P5wBgrRfhf92Uy6Pl2mEEBOXi2FUvxROOJ9obK4ZIS78Y4iCRrMdi3umwQrJEyF0u3EPwHPu3_22f5PwOvVDFC0QwFPyw7LkY5bLuansI_8uoEunuLIEQ1VPIZHFpht1vT0_rW4YrYGc8osJZpubAhXfyZe1G7U_ibpZj9tdrUE6SwgA_Ph0io4LRfbjuvpeM03NHuc1sTTqRVdkWiw47kmr9uSAK10ZmQEvE7zpbpkEJM2slchjdYq6hziM3L5l8vB-eEm_JVxsSHbGfdDM3kSfTw3oXlYkvxvLy_llSyyefuub4yOBrqNgzV1Gj_PDTmuRTMxobGo7vZaRdr2LgOXML58kpG6NTDLb3A4YzwVw9u32ErRh4Ab89vn90RsHlWnU928Oc )
- [Emulating ARM Router Firmware ](https://azeria-labs.com/emulating-arm-firmware/ )
- [Reversing Firmware With Radare ](https://www.bored-nerds.com/reversing/radare/automotive/2019/07/07/reversing-firmware-with-radare.html )
2021-07-30 00:04:12 +05:30
- [Samsung Firmware Magic - Unpacking and Decrypting ](https://github.com/chrivers/samsung-firmware-magic )
2020-10-02 09:47:25 +05:30
- [Qiling & Binary Emulation for automatic unpacking ](https://kernemporium.github.io/articles/en/auto_unpacking/m.html )
2021-01-30 18:36:16 +05:30
- [Reverse engineering with #Ghidra: Breaking an embedded firmware encryption scheme ](https://www.youtube.com/watch?v=4urMITJKQQs&ab_channel=stacksmashing )
- [Simulating and hunting firmware vulnerabilities with Qiling ](https://blog.vincss.net/2020/12/pt007-simulating-and-hunting-firmware-vulnerabilities-with-Qiling.html?m=1&s=09 )
2023-06-09 10:41:53 +05:30
2018-11-13 13:18:00 +05:30
2020-02-27 19:11:31 +05:30
********************************************************************************************************************************
2020-05-09 00:07:53 +05:30
### Firmware samples to pentest
2020-02-27 19:11:31 +05:30
2020-05-26 21:11:46 +05:30
- [Download From here by firmware.center ](https://firmware.center/ )
2018-05-28 09:58:53 +05:30
2023-12-10 11:36:36 +05:30
********************************************************************************************************************************
### Binary Analysis
- [Reverse Engineering For Everyone! ](https://0xinfection.github.io/reversing/ )
- [https://www.coalfire.com/the-coalfire-blog/reverse-engineering-and-patching-with-ghidra ](https://flattsecurity.medium.com/finding-bugs-to-trigger-unauthenticated-command-injection-in-a-netgear-router-psv-2022-0044-2b394fb9edc )
- [Part two: Reverse engineering and patching with Ghidra ](https://www.coalfire.com/the-coalfire-blog/reverse-engineering-and-patching-with-ghidra )
- [Automating binary vulnerability discovery with Ghidra and Semgrep ](https://security.humanativaspa.it/automating-binary-vulnerability-discovery-with-ghidra-and-semgrep/ )
2020-02-27 19:11:31 +05:30
********************************************************************************************************************************
2023-02-16 12:52:18 +05:30
### Symlinks Attacks
2023-02-15 23:48:02 +05:30
- [Zip Slip Vulnerability ](https://security.snyk.io/research/zip-slip-vulnerability )
2023-02-16 12:52:18 +05:30
2023-02-15 23:48:02 +05:30
********************************************************************************************************************************
2022-11-13 19:46:47 +05:30
### Secureboot
2021-05-29 13:43:22 +05:30
#### Dev
- [Writing a Bootloader ](http://3zanders.co.uk/2017/10/13/writing-a-bootloader/ )
2023-01-31 18:01:43 +05:30
2021-05-29 13:43:22 +05:30
2022-11-13 19:46:47 +05:30
#### Hacking
- [Pwn the ESP32 Secure Boot ](https://limitedresults.com/2019/09/pwn-the-esp32-secure-boot/ )
- [Pwn the ESP32 Forever: Flash Encryption and Sec. Boot Keys Extraction ](https://limitedresults.com/2019/11/pwn-the-esp32-forever-flash-encryption-and-sec-boot-keys-extraction/ )
- [Amlogic S905 SoC: bypassing the (not so) Secure Boot to dump the BootROM ](https://fredericb.info/2016/10/amlogic-s905-soc-bypassing-not-so.html ) / [another-link ](https://www.cnx-software.com/2016/10/06/hacking-arm-trustzone-secure-boot-on-amlogic-s905-soc/ )
- [Defeating Secure Boot with Symlink Attacks ](https://www.anvilsecure.com/blog/defeating-secure-boot-with-symlink-attacks.html )
- [PS4 Aux Hax 5 & PSVR Secure Boot Hacking with Keys by Fail0verflow! ](https://www.psxhax.com/threads/ps4-aux-hax-5-psvr-secure-boot-hacking-with-keys-by-fail0verflow.12820/ )
2023-01-31 18:01:43 +05:30
- [ECLYPSIUM DISCOVERS MULTIPLE VULNERABILITIES AFFECTING 129 DELL MODELS VIA DELL REMOTE OS RECOVERY AND FIRMWARE UPDATE CAPABILITIES ](https://eclypsium.com/2021/06/24/biosdisconnect/ )
2023-07-10 14:59:29 +05:30
- [Technical Advisory – – ](https://research.nccgroup.com/2023/01/20/technical-advisory-u-boot-unchecked-download-size-and-direction-in-usb-dfu-cve-2022-2347/ )
2023-08-28 09:51:52 +05:30
- [Breaking Secure Boot on the Silicon Labs Gecko platform ](https://blog.quarkslab.com/breaking-secure-boot-on-the-silicon-labs-gecko-platform.html )
2021-05-29 13:43:22 +05:30
********************************************************************************************************************************
2022-12-18 17:26:06 +05:30
### Storage Medium
#### EMMC HACKING
2023-11-24 00:22:49 +05:30
- [eMMC Protocol ](https://prodigytechno.com/emmc-protocol/ )
2021-02-03 15:19:40 +05:30
- [HARDWARE HACKING 101: IDENTIFYING AND DUMPING EMMC FLASH ](https://www.riverloopsecurity.com/blog/2020/03/hw-101-emmc/ )
- [EMMC DATA RECOVERY FROM DAMAGED SMARTPHONE ](https://dangerouspayload.com/2018/10/24/emmc-data-recovery-from-damaged-smartphone/ )
2021-02-03 15:33:44 +05:30
- [Another bunch of Atricles for EMMC ](https://hackaday.com/tag/emmc/ )
- [Unleash your smart-home devices: Vacuum Cleaning Robot Hacking ](https://media.ccc.de/v/34c3-9147-unleash_your_smart-home_devices_vacuum_cleaning_robot_hacking#t=1810 )
2022-12-06 00:26:25 +05:30
- [Hands-On IoT Hacking: Rapid7 at DEF CON 30 IoT Village, Part 1 ](https://www.rapid7.com/blog/post/2022/10/18/hands-on-iot-hacking-rapid7-at-def-con-30-iot-village-part-1/ )
2023-04-06 00:45:16 +05:30
********************************************************************************************************************************
### Payment Device Security
#### ATM Hacking
- [Introduction to ATM Penetration Testing ](https://www.youtube.com/watch?v=Ff-0zXTYhuA )
- [Pwning ATMs For Fun and Profit ](https://www.youtube.com/watch?v=9cG-JL0LHYw )
2023-04-07 12:54:20 +05:30
- [Jackpotting Automated Teller Machines Redux ](https://www.youtube.com/watch?v=4StcW9OPpPc ) By Barnaby Jack
2021-02-03 15:19:40 +05:30
********************************************************************************************************************************
2022-11-30 22:36:14 +05:30
2021-01-30 18:36:16 +05:30
### IoT hardware Overview and Hacking
2020-02-27 19:11:31 +05:30
2021-08-04 00:15:04 +05:30
- [IoT Hardware Guide ](https://www.postscapes.com/internet-of-things-hardware/ )
- [Intro To Hardware Hacking - Dumping Your First Firmware ](https://blog.nvisium.com/intro-to-hardware-hacking-dumping-your-first-firmware )
2018-05-28 13:00:55 +05:30
2021-01-30 18:36:16 +05:30
#### Hardware Gadgets to pentest
2020-02-27 19:11:31 +05:30
2018-05-28 12:49:01 +05:30
- [Bus Pirate ](https://www.sparkfun.com/products/12942 )
2020-02-18 11:03:51 +05:30
- [EEPROM reader/SOIC Cable ](https://www.sparkfun.com/products/13153 )
- [Jtagulator/Jtagenum ](https://www.adafruit.com/product/1550 )
2018-05-28 12:49:01 +05:30
- [Logic Analyzer ](https://www.saleae.com/ )
2018-05-29 13:42:30 +05:30
- [The Shikra ](https://int3.cc/products/the-shikra )
2018-05-29 13:41:18 +05:30
- [FaceDancer21 (USB Emulator/USB Fuzzer) ](https://int3.cc/products/facedancer21 )
- [RfCat ](https://int3.cc/products/rfcat )
- [Hak5Gear- Hak5FieldKits ](https://hakshop.com/ )
- [Ultra-Mini Bluetooth CSR 4.0 USB Dongle Adapter ](https://www.ebay.in/itm/Ultra-Mini-Bluetooth-CSR-4-0-USB-Dongle-Adapter-Black-Golden-with-2-yr-wrnty-/332302813975 )
- [Attify Badge - UART, JTAG, SPI, I2C (w/ headers) ](https://www.attify-store.com/products/attify-badge-assess-security-of-iot-devices )
2020-02-18 11:03:51 +05:30
2021-01-30 18:36:16 +05:30
#### Attacking Hardware Interfaces
2020-02-27 19:11:31 +05:30
2021-05-20 20:50:06 +05:30
- [An Introduction to Hardware Hacking ](https://securityboulevard.com/2020/09/an-introduction-to-hardware-hacking/ )
2021-02-03 19:44:40 +05:30
- [Serial Terminal Basics ](https://learn.sparkfun.com/tutorials/terminal-basics/all )
- [Reverse Engineering Serial Ports ](http://www.devttys0.com/2012/11/reverse-engineering-serial-ports/ )
- [REVERSE ENGINEERING ARCHITECTURE AND PINOUT OF CUSTOM ASICS ](https://sec-consult.com/en/blog/2019/02/reverse-engineering-architecture-pinout-plc/ )
- [ChipWhisperer - Hardware attacks ](http://wiki.newae.com/Main_Page )
2021-08-04 00:15:04 +05:30
- [Hardware hacking tutorial: Dumping and reversing firmware ](https://ivanorsolic.github.io/post/hardwarehacking1/ )
2020-05-09 00:07:53 +05:30
2021-01-30 18:36:16 +05:30
2021-02-03 19:43:06 +05:30
#### SPI
2021-02-01 23:03:12 +05:30
2021-02-01 21:02:02 +05:30
- [Dumping the firmware From Router using BUSPIRATE - SPI Dump ](https://www.iotpentest.com/2019/06/dumping-firmware-from-device-using.html )
2021-02-01 23:03:12 +05:30
- [How to Flash Chip of a Router With a Programmer | TP-Link Router Repair & MAC address change ](https://www.youtube.com/watch?v=fbt4OJXJdOc&ab_channel=ElectricalProjects%5BCreativeLab%5D )
2022-02-04 20:12:05 +05:30
- [Extracting Flash Memory over SPI ](https://akimbocore.com/article/extracting-flash-memory-over-spi/ )
2022-12-06 00:26:25 +05:30
- [Extracting Firmware from Embedded Devices (SPI NOR Flash) ](https://www.youtube.com/watch?v=nruUuDalNR0&ab_channel=FlashbackTeam )
2022-02-04 20:15:31 +05:30
- [SPI-Blogs ](https://www.google.com/search?q=%22spi+dump%22&source=hp&ei=5jv9YaW6JNvl2roPgbGqMA&iflsig=AHkkrS4AAAAAYf1J9qNY6Snarz3dsHr9KXF1YSY6AKVL&ved=0ahUKEwilxY3apOb1AhXbslYBHYGYCgYQ4dUDCAg&uact=5&oq=%22spi+dump%22&gs_lcp=Cgdnd3Mtd2l6EAMyBggAEBYQHjIGCAAQFhAeMgYIABAWEB4yBggAEBYQHjIGCAAQFhAeMgYIABAWEB4yBggAEBYQHjIGCAAQFhAeMgYIABAWEB4yCAgAEBYQChAeUABYAGC-A2gAcAB4AIABYIgBYJIBATGYAQCgAQKgAQE&sclient=gws-wiz )
2023-11-22 21:26:02 +05:30
- [Reading FlashROMS - Youtube ](https://www.youtube.com/results?search_query=reading+chip+flash+rom )
2021-02-01 23:03:12 +05:30
2021-02-03 19:43:06 +05:30
#### UART
2020-02-27 19:11:31 +05:30
2018-05-28 12:49:01 +05:30
- [Identifying UART interface ](https://www.mikroe.com/blog/uart-serial-communication )
- [onewire-over-uart ](https://github.com/dword1511/onewire-over-uart )
- [Accessing sensor via UART ](http://home.wlu.edu/~levys/courses/csci250s2017/SensorsSignalsSerialSockets.pdf )
2019-02-13 10:16:00 +00:00
- [Using UART to connect to a chinese IP cam ](https://www.davidsopas.com/using-uart-to-connect-to-a-chinese-ip-cam/ )
2019-03-02 19:28:16 +05:30
- [A journey into IoT – ](https://techblog.mediaservice.net/2019/03/a-journey-into-iot-hardware-hacking-uart/ )
2021-01-30 16:49:23 +05:30
- [UARTBruteForcer ](https://github.com/FireFart/UARTBruteForcer )
2021-02-01 21:02:02 +05:30
- [UART Connections and Dynamic analysis on Linksys e1000 ](https://www.youtube.com/watch?v=ix6rSV2Dj44&ab_channel=Defenceindepth )
2021-08-04 00:15:04 +05:30
- [Accessing and Dumping Firmware Through UART ](https://www.cyberark.com/resources/threat-research-blog/accessing-and-dumping-firmware-through-uart )
2023-06-17 17:52:20 +10:00
- [UART Exploiter ](https://github.com/exploitsecurityio/uart-exploiter )
2020-02-27 19:17:40 +05:30
2021-02-03 19:43:06 +05:30
#### JTAG
2020-02-27 19:11:31 +05:30
2023-01-08 01:44:59 +05:30
- [HARDWARE HACKING 101: INTRODUCTION TO JTAG ](https://www.riverloopsecurity.com/blog/2021/05/hw-101-jtag/ )
- [How To Find The JTAG Interface - Hardware Hacking Tutorial ](https://www.youtube.com/watch?v=_FSM_10JXsM&ab_channel=MakeMeHack )
2021-05-08 22:30:24 +05:30
- [Buspirate JTAG Connections - Openocd ](https://research.kudelskisecurity.com/2014/05/01/jtag-debugging-made-easy-with-bus-pirate-and-openocd/#:~:text=The%20Bus%20Pirate%20is%20an,protocols%20like%20I%C2%B2C%20and%20SPI. )
2023-01-08 01:44:59 +05:30
- [Extracting Firmware from External Memory via JTAG ](https://www.youtube.com/watch?v=IadnBUJAvks&ab_channel=JoeGrand )
- [Analyzing JTAG ](https://nse.digital/pages/guides/hardware/jtag.html )
2023-01-08 01:58:27 +05:30
- [The hitchhacker’ ](https://media.defcon.org/DEF%20CON%2030/DEF%20CON%2030%20presentations/stacksmashing%20-%20The%20hitchhackers%20guide%20to%20iPhone%20Lightning%20%20%20JTAG%20hacking.pdf )
2021-01-30 16:49:23 +05:30
2022-11-08 21:34:49 +05:30
#### SideChannel Attacks
2020-02-27 19:11:31 +05:30
2021-01-30 16:49:23 +05:30
- [Side channel attacks ](https://yifan.lu/ )
- [Attacks on Implementations of Secure Systems ](https://github.com/Yossioren/AttacksonImplementationsCourseBook )
2020-08-14 09:04:00 +05:30
- [fuzzing, binary analysis, IoT security, and general exploitation ](https://github.com/0xricksanchez/paper_collection )
2021-01-30 16:49:23 +05:30
- [Espressif ESP32: Bypassing Encrypted Secure Boot(CVE-2020-13629) ](https://raelize.com/blog/espressif-esp32-bypassing-encrypted-secure-boot-cve-2020-13629/ )
2022-11-08 21:34:49 +05:30
- [Breaking AES with ChipWhisperer - Piece of scake (Side Channel Analysis 100) ](https://www.youtube.com/watch?v=FktI4qSjzaE&ab_channel=LiveOverflow )
2023-01-20 17:10:21 +06:00
- [Researchers use Rowhammer bit flips to steal 2048-bit crypto key ](https://arstechnica.com/information-technology/2019/06/researchers-use-rowhammer-bitflips-to-steal-2048-bit-crypto-key/ )
2022-11-08 21:34:49 +05:30
#### Glitching attacks
- [NAND Glitching Attack ](http://www.brettlischalk.com/posts/nand-glitching-wink-hub-for-root )
- [Tutorial CW305-4 Voltage Glitching with Crowbars ](https://wiki.newae.com/index.php?title=Tutorial_CW305-4_Voltage_Glitching_with_Crowbars&mobileaction=toggle_view_mobile )
2021-01-30 16:49:23 +05:30
- [Voltage Glitching Attack using SySS iCEstick Glitcher ](https://www.youtube.com/watch?v=FVUhVewFmxw&feature=youtu.be&ab_channel=SySSPentestTV )
2021-06-02 21:23:05 +05:30
- [Samy Kamkar - FPGA Glitching & Side Channel Attacks ](https://www.youtube.com/watch?v=oGndiX5tvEk )
2021-06-02 21:37:19 +05:30
- [Hardware Power Glitch Attack (Fault Injection) - rhme2 Fiesta (FI 100) ](https://www.youtube.com/watch?v=6Pf3pY3GxBM&ab_channel=LiveOverflow )
2022-11-08 21:34:49 +05:30
- [Keys in flash - Glitching AES keys from an Arduino / ATmega with a camera flash ](https://srfilipek.medium.com/keys-in-a-flash-3e984d0de54b )
- [Implementing Practical Electrical Glitching Attacks ](blackhat.com/docs/eu-15/materials/eu-15-Giller-Implementing-Electrical-Glitching-Attacks.pdf )
2023-11-22 21:26:02 +05:30
- [HOW TO VOLTAGE FAULT INJECTION ](https://www.synacktiv.com/publications/how-to-voltage-fault-injection )
2019-08-05 12:03:38 +05:30
2020-02-27 19:17:40 +05:30
********************************************************************************************************************************
2020-05-09 00:07:53 +05:30
### Awesome IoT Pentesting Guides
2020-02-27 19:11:31 +05:30
2020-02-18 11:03:51 +05:30
- [Shodan Pentesting Guide ](https://community.turgensec.com/shodan-pentesting-guide/ )
- [Car Hacking Practical Guide 101 ](https://medium.com/@yogeshojha/car-hacking-101-practical-guide-to-exploiting-can-bus-using-instrument-cluster-simulator-part-i-cd88d3eb4a53 )
2020-04-11 14:11:32 +05:30
- [OWASP Firmware Security Testing Methodology
](https://scriptingxss.gitbook.io/firmware-security-testing-methodology/)
2022-12-15 01:29:59 +05:30
- [Awesome-bluetooth-security ](https://github.com/engn33r/awesome-bluetooth-security )
2022-11-15 00:00:48 +05:30
********************************************************************************************************************************
### Fuzzing Things
- [OWASP Fuzzing Info ](https://owasp.org/www-community/Fuzzing )
- [Fuzzing_ICS_protocols ](https://1modm.github.io/Fuzzing_ICS_protocols.html )
- [Fuzzowski - the Network Protocol Fuzzer that we will want to use ](https://hakin9.org/fuzzowski-the-network-protocol-fuzzer-that-we-will-want-to-use/ )
- [Fuzz Testing of Application Reliability ](https://pages.cs.wisc.edu/~bart/fuzz/ )
2022-11-28 14:49:17 +05:30
- [FIRM-AFL : High-Throughput Greybox Fuzzing of IoT Firmware via Augmented Process Emulation ](https://www.usenix.org/conference/usenixsecurity19/presentation/zheng )
- [Snipuzz : Black-box Fuzzing of IoT Firmware via Message Snippet Inference ](https://arxiv.org/pdf/2105.05445.pdf )
2022-11-15 00:24:29 +05:30
- [fuzzing-iot-binaries] - [part1 ](https://blog.attify.com/fuzzing-iot-devices-part-1/ ) / [part2 ](https://blog.attify.com/fuzzing-iot-binaries-with-afl-part-ii/ )
2023-09-07 19:11:56 +05:30
- [Modern Vulnerability Research Techniques on Embedded Systems ](https://breaking-bits.gitbook.io/breaking-bits/vulnerability-discovery/reverse-engineering/modern-approaches-toward-embedded-research )
2023-09-12 12:52:24 +05:30
- [FuzzingPaper ](https://github.com/wcventure/FuzzingPaper/tree/master/Paper )
- [Exercises to learn how to fuzz with American Fuzzy Lop ](https://github.com/mykter/afl-training )
- [Broadcom and Cypress firmware emulation for fuzzing and further full-stack debugging ](https://github.com/seemoo-lab/frankenstein )
- [Bluetooth experimentation framework for Broadcom and Cypress chips. ](https://github.com/seemoo-lab/internalblue )
2023-11-24 20:42:58 +05:30
- [Fuzzing Forum ](https://github.com/google/fuzzing )
2023-06-25 09:39:04 +05:30
********************************************************************************************************************************
### FlipperZero
2023-07-10 14:59:29 +05:30
2023-06-25 09:39:04 +05:30
#### Custom firmwares
2023-07-10 14:59:29 +05:30
- Flipper Zero Unleashed Firmware : https://github.com/DarkFlippers/unleashed-firmware
- RogueMaster Flipper Zero Firmware : https://github.com/RogueMaster/flipperzero-firmware-wPlugins
-
#### Interesting research
- CVE-2022-40363 : [Exploiting Flipper Zero’ ](https://vvx7.io/posts/2022/09/your-amiibos-haunted/ )
#### Flipperzero101
- [Flipper Zero - Starter Guide ](https://www.youtube.com/watch?v=MJd6qugqHg8&ab_channel=PenAce )
2023-08-22 03:04:54 +05:30
- [A collection of Awesome resources for the Flipper Zero device. ](https://github.com/djsime1/awesome-flipperzero )
2022-12-19 10:14:31 +05:30
2023-07-10 14:59:29 +05:30
#### Cool Hacks
- [Flipper Zero - Starter Guide ](https://www.youtube.com/watch?v=MJd6qugqHg8&ab_channel=PenAce )
2023-11-01 22:10:25 +05:30
- [gaylord M FOCker - ready to pwn your MIFARE tags ](https://luemmelsec.github.io/gaylord-M-FOCker-ready-to-pwn-your-MIFARE-tags/ )
2022-12-19 10:14:31 +05:30
********************************************************************************************************************************
### ICS
2023-01-20 17:10:21 +06:00
- [ICS-Security ](https://github.com/V33RU/IoTSecurity101/blob/master/ICS/Industrial%20Control%20Systems.md )
2021-04-25 11:10:47 +05:30
2020-02-27 19:17:40 +05:30
2022-12-19 10:14:31 +05:30
********************************************************************************************************************************
### Automotive
- [Automotive-Security ](https://github.com/V33RU/IoTSecurity101/blob/master/Automotive-Security.md )
2020-02-27 19:17:40 +05:30
********************************************************************************************************************************
2023-09-07 09:26:08 +05:30
### Vulnerable IoT and Hardware Applications
2019-08-05 12:03:38 +05:30
2019-09-11 12:56:12 +05:30
- IoT : https://github.com/Vulcainreo/DVID
- Safe : https://insinuator.net/2016/01/damn-vulnerable-safe/
2023-07-10 14:59:29 +05:30
- IoT-vulhub : https://vulntotal-team.github.io/IoT-vulhub/#%E5%AE%89%E8%A3%85
2019-09-11 12:56:12 +05:30
- Router : https://github.com/praetorian-code/DVRF
- SCADA : https://www.slideshare.net/phdays/damn-vulnerable-chemical-process
- PI : https://whitedome.com.au/re4son/sticky-fingers-dv-pi/
- SS7 Network: https://www.blackhat.com/asia-17/arsenal.html#damn -vulnerable-ss7-network
2021-02-01 23:03:12 +05:30
- VoIP : https://www.vulnhub.com/entry/hacklab-vulnvoip,40/
2022-10-22 22:09:40 +05:30
- Hardware Hacking 101 : https://github.com/rdomanski/hardware_hacking
- RHME-2015 : https://github.com/Riscure/RHme-2015
- RHME-2016 : https://github.com/Riscure/Rhme-2016
- RHME-2017 : https://github.com/Riscure/Rhme-2017
2023-09-07 09:26:08 +05:30
- ### CTF For IoT And Embeddded
#### Awesome Hardware, IoT, Firmware, ARM, and Reverse Engineering CTFs and Platforms
#### Hardware CTFs
- [BLE CTF ](https://github.com/hackgnar/ble_ctf ) - A framework focused on Bluetooth Low Energy security.
- [Rhme-2016 ](https://github.com/Riscure/Rhme-2016 ) - Riscure's hardware security competition for 2016.
- [Rhme-2017 ](https://github.com/Riscure/Rhme-2017 ) - Riscure's hardware security competition for 2017.
#### IoT CTFs
- [IoTGoat ](https://github.com/scriptingxss/IoTGoat ) - Deliberately insecure firmware based on OpenWrt for IoT security training.
- [IoT Village CTF ](https://www.iotvillage.org/ ) - A Capture The Flag event specifically focused on IoT security.
- [IoTSec CTF ](https://ctf.iotsec.io/ ) - Offers IoT related challenges for continuous learning.
#### Firmware CTFs
- [Damn Vulnerable ARM Router ](https://blog.exploitlab.net/2018/01/dvar-damn-vulnerable-arm-router.html ) - A deliberately vulnerable ARM router for exploitation practice.
- [Firmware Security Training & CTF ](https://github.com/0x6d696368/RouterAnalysisToolkit ) - Firmware analysis tools and challenges by Router Analysis Toolkit.
#### ARM CTFs
- [ARM-X CTF ](https://github.com/therealsaumil/armx ) - A set of challenges focused on ARM exploitation.
- [Azeria Labs ARM Challenges ](https://azeria-labs.com/writing-arm-assembly-part-1/ ) - Offers ARM assembly challenges and tutorials.
#### Reverse Engineering CTFs
- [Microcorruption ](https://www.microcorruption.com/ ) - Embedded security CTF focusing on lock systems.
- [Pwnable.kr ](https://pwnable.kr/ ) - Offers various reverse engineering challenges.
#### Platforms for Continuous Learning
- [Hack The Box ](https://www.hackthebox.eu/ ) - Platform offering a range of challenges, including hardware and reverse engineering.
- [Root Me ](https://www.root-me.org/ ) - Platform with various types of challenges including hardware and reverse engineering.
- [CTFtime ](https://ctftime.org/ ) - Lists various CTFs, including those in hardware, IoT, and firmware.
2020-07-26 19:27:29 +05:30
2020-04-12 00:40:10 +05:30
2021-02-03 18:56:17 +05:30
********************************************************************************************************************************
2020-05-09 00:07:53 +05:30
## follow the people
2020-04-12 00:55:39 +05:30
2020-04-12 01:00:51 +05:30
- [Jilles ](https://twitter.com/jilles_com )
2020-04-17 00:40:10 +05:30
- [Joe Fitz ](https://twitter.com/securelyfitz )
2020-04-12 01:00:51 +05:30
- [Aseem Jakhar ](https://twitter.com/aseemjakhar )
- [Cybergibbons ](https://twitter.com/cybergibbons )
2020-04-17 00:40:10 +05:30
- [Jasper ](https://twitter.com/jzvw )
- [Dave Jones ](https://twitter.com/eevblog )
- [bunnie ](https://twitter.com/bunniestudios )
2020-04-12 01:00:51 +05:30
- [Ilya Shaposhnikov ](https://twitter.com/drakylar )
- [Mark C. ](https://twitter.com/LargeCardinal )
- [A-a-ron Guzman ](https://twitter.com/scriptingxss )
- [Yashin Mehaboobe ](https://twitter.com/YashinMehaboobe )
2020-04-12 01:02:17 +05:30
- [Arun Magesh ](https://www.linkedin.com/in/marunmagesh )
2023-01-05 23:09:23 +05:30
- [Mr-IoT ](https://twitter.com/v33riot )
2023-01-05 23:10:13 +05:30
- [QKaiser ](https://twitter.com/qkaiser )
2023-06-19 10:18:31 +05:30
- [9lyph ](https://twitter.com/9lyph )
2023-12-23 19:55:47 +05:30
********************************************************************************************************************************
### Blogs for IoT Pentest
- [Exploitee.rs Website ](https://www.exploitee.rs/ )
- [Jilles.com ](https://jilles.com/ )
- [Syss Tech Blog ](https://blog.syss.com/ )
- [Payatu Blog ](https://payatu.com/blog/ )
- [Raelize Blog ](https://raelize.com/blog/ )
- [JCJC Dev Blog ](http://jcjc-dev.com/ )
- [W00tsec Blog ](https://w00tsec.blogspot.in/ )
- [Devttys0 Blog ](http://www.devttys0.com/ ) (Use Wayback Machine to check old blogs)
- [Wrongbaud Blog ](https://wrongbaud.github.io/ )
- [Embedded Bits Blog ](https://embeddedbits.org/ )
- [RTL-SDR Blog ](https://www.rtl-sdr.com/ )
- [Keenlab Blog ](https://keenlab.tencent.com/en/ )
- [Courk.cc ](https://courk.cc/ )
- [IoT Security Wiki ](https://iotsecuritywiki.com/ )
- [Cybergibbons Blog ](https://cybergibbons.com/ )
- [Firmware.RE ](http://firmware.re/ )
- [K3170makan Blog ](http://blog.k3170makan.com/ )
- [Tclaverie Blog ](https://blog.tclaverie.eu/ )
- [Besimaltinok Blog ](http://blog.besimaltinok.com/category/iot-pentest/ )
- [Ctrlu Blog ](https://ctrlu.net/ )
- [IoT Pentest Blog ](http://iotpentest.com/ )
- [Duo Decipher Blog ](https://duo.com/decipher/ )
- [Sp3ctr3 Blog ](http://www.sp3ctr3.me )
- [0x42424242.in Blog ](http://blog.0x42424242.in/ )
- [Dantheiotman Blog ](https://dantheiotman.com/ )
- [Danman Blog ](https://blog.danman.eu/ )
- [Quentinkaiser Blog ](https://quentinkaiser.be/ )
- [Quarkslab Blog ](https://blog.quarkslab.com )
- [Ice9 Blog ](https://blog.ice9.us/ )
- [F-Secure Labs Blog ](https://labs.f-secure.com/ )
- [MG.lol Blog ](https://mg.lol/blog/ )
- [CJHackerz Blog ](https://cjhackerz.net/ )
- [Bunnie's Blog ](https://github.com/sponsors/bunnie/ )
- [IoT My Way Blog ](https://iotmyway.wordpress.com/ )
- [Synacktiv Publications ](https://www.synacktiv.com/publications.html )
- [Cr4.sh Blog ](http://blog.cr4.sh/ )
- [Ktln2 Blog ](https://ktln2.org/ )
- [Naehrdine Blog ](https://naehrdine.blogspot.com/ )
- [Limited Results Blog ](https://limitedresults.com/ )
- [Fail0verflow Blog ](https://fail0verflow.com/blog/ )
- [Exploit Security Blog ](https://www.exploitsecurity.io/blog )
- [Attify Blog ](https://blog.attify.com )
