mirror of
https://github.com/V33RU/awesome-connected-things-sec.git
synced 2026-04-10 12:33:45 +00:00
Create new.md
This commit is contained in:
Mr-IoT
123
new.md
Normal file
123
new.md
Normal file
@@ -0,0 +1,123 @@
|
||||
|
||||
|
||||
|
||||
|
||||
# IoT Security Resources
|
||||
|
||||
A curated collection of resources for IoT Security. You are welcome to fork and [contribute](https://github.com/V33RU/IoTSecurity101/blob/master/contributors.md#contributors).
|
||||
|
||||
## Approach Methodology
|
||||
|
||||
1. Network
|
||||
2. Web (Front & Backend and Web services)
|
||||
3. Mobile App (Android & iOS)
|
||||
4. Wireless Connectivity (Zigbee, WiFi, Bluetooth, etc)
|
||||
5. Firmware Pentesting (OS of IoT Devices)
|
||||
6. Hardware Hacking & Fault Injections & SCA Attacks
|
||||
7. Storage Medium
|
||||
8. I/O Ports
|
||||
|
||||
## Contents
|
||||
|
||||
### IoT Security Information
|
||||
|
||||
- [IoT Security Chat Groups](#chat-groups-for-iot-security)
|
||||
- [IoT and Hardware Security Trainings](#iot-and-hardware-security-trainings)
|
||||
- [Books for IoT Pentesting](#books-for-iot-pentesting)
|
||||
- [Blogs](#blogs-for-iotpentest)
|
||||
- [Awesome Cheat Sheets](#awesome-cheatsheets)
|
||||
- [Search Engines](#search-engines-for-exposed-iot-devices-worldwide)
|
||||
- [CTF](#ctf-for-iot-and-embedded)
|
||||
- [YouTube Channels](#youtube-channels-for-iot-pentesting)
|
||||
- [Exploitation Tools](#exploitation-tools)
|
||||
- [IoT Pentesting OSes](#iot-pentesting-oses)
|
||||
- [IoT Vulnerabilities Checking Guides](#iot-vulnerabilities-checking-guides)
|
||||
- [IoT Labs](#vulnerable-iot-and-hardware-applications)
|
||||
- [Awesome IoT Pentesting Guides](#awesome-iot-pentesting-guides)
|
||||
- [Fuzzing Things](#fuzzing-things)
|
||||
- [IoT Lab Setup Guide](https://github.com/IoT-PTv/IoT-Lab-Setup)
|
||||
- [FlipperZero](#flipperzero)
|
||||
|
||||
### Network
|
||||
|
||||
### Web IoT Message Protocols
|
||||
|
||||
- [MQTT](#mqtt)
|
||||
- [CoAP](#coap)
|
||||
|
||||
### Mobile App
|
||||
|
||||
- [Mobile Security (Android & iOS)](#mobile-security-android--ios)
|
||||
|
||||
### Wireless Protocols
|
||||
|
||||
- [Radio Hacking Starting Guide](#radio-hacker-quick-start-guide)
|
||||
- [Cellular Hacking GSM BTS](#cellular-hacking-gsm-bts)
|
||||
- [Zigbee](#zigbee-all-stuff)
|
||||
- [Bluetooth](#ble-intro-and-sw-hw-tools-to-pentest)
|
||||
- [DECT (Digital Enhanced Cordless Telecommunications)](#dect-digital-enhanced-cordless-telecommunications)
|
||||
|
||||
### Firmware
|
||||
|
||||
- [Reverse Engineering Tools](#reverse-engineering-tools)
|
||||
- [Online Assemblers](#online-assemblers)
|
||||
- [ARM](#arm)
|
||||
- [Pentesting Firmwares and Emulating and Analyzing](#pentesting-firmwares-and-emulating-and-analyzing)
|
||||
- [Firmware Samples to Pentest](#firmware-samples-to-pentest)
|
||||
- [Secureboot](#secureboot)
|
||||
|
||||
### Hardware
|
||||
|
||||
- [IoT Hardware Intro](#iot-hardware-overview-and-hacking)
|
||||
- [Required Hardware to Pentest IoT](#hardware-gadgets-to-pentest)
|
||||
- [Attacking Hardware Interfaces](#attacking-hardware-interfaces)
|
||||
- [SPI](#spi)
|
||||
- [UART](#uart)
|
||||
- [JTAG](#jtag)
|
||||
- [SideChannel Attacks & Glitching Attacks](#sidechannel-attacks)
|
||||
- [Glitching Attacks](#glitching-attacks)
|
||||
|
||||
### Storage Medium
|
||||
|
||||
- [EMMC Hacking](#emmc-hacking)
|
||||
|
||||
### Payment Security
|
||||
|
||||
- [ATM Hacking](#atm-hacking)
|
||||
|
||||
### To See Hacked Devices
|
||||
|
||||
- [Exploitee.rs Blog](https://blog.exploitee.rs/2018/10/)
|
||||
- [Exploitee.rs Website](https://www.exploitee.rs/)
|
||||
- [Exploitee.rs Forum](https://forum.exploitee.rs/)
|
||||
- [Your Lenovo Watch X Is Watching You & Sharing What It Learns](https://www.checkmarx.com/blog/lenovo-watch-watching-you/)
|
||||
- [Your Smart Scale is Leaking More than Your Weight: Privacy Issues in IoT](https://www.checkmarx.com/blog/smart-scale-privacy-issues-iot/)
|
||||
- [Smart Bulb Offers Light, Color, Music, and… Data Exfiltration?](https://www.checkmarx.com/blog/smart-bulb-exfiltration/)
|
||||
- [Besder-IPCamera Analysis](http://blog.0x42424242.in/2019/04/besder-investigative-journey-part-1_24.html)
|
||||
- [Rapid7 Smart Lock Vulnerabilities](https://blog.rapid7.com/2019/08/01/r7-2019-18-multiple-hickory-smart-lock-vulnerabilities/)
|
||||
- [Subaru Head Unit Jailbreak](https://github.com/sgayou/subaru-starlink-research/blob/master/doc/README.md)
|
||||
- [Jeep Hack](http://illmatics.com/Remote%20Car%20Hacking.pdf)
|
||||
- [Dropcam Hacking](https://www.defcon.org/images/defcon-22/dc-22-presentations/Moore-Wardle/DEFCON-22-Colby-Moore-Patrick-Wardle-Synack-DropCam-Updated.pdf)
|
||||
- [Printer Hacking Live Sessions (YouTube)](https://www.youtube.com/watch?v=2LVtEoQA8Qo&ab_channel=gamozolabs)
|
||||
- [LED Light Hacking](https://youtu.be/Nnb2ct3hc68)
|
||||
- [IoT Vulnerabilities with CVE and PoC of Tenda and D-Link](https://github.com/z1r00/IOT_Vul)
|
||||
|
||||
<details>
|
||||
<summary>Chat Groups for IoT Security</summary>
|
||||
|
||||
- [IoTSecurity101 Telegram](https://t.me/iotsecurity1011)
|
||||
- [IoTSecurity101 Reddit](https://www.reddit.com/r/IoTSecurity101/)
|
||||
- [IoTSecurity101 Discord](https://discord.gg/EH9dxT9)
|
||||
- [Hardware Hacking Telegram](https://t.me/hardwareHackingBrasil)
|
||||
- [RFID Discord Group](https://discord.gg/Z43TrcVyPr)
|
||||
- [ICS Discord Group](https://discord.com/invite/CmDDsFK)
|
||||
</details>
|
||||
|
||||
### IoT and Hardware Security Trainings
|
||||
|
||||
- [Open Security Training 2](https://p.ost2.fyi/courses)
|
||||
|
||||
<details>
|
||||
<summary>Books for IoT Pentesting</summary>
|
||||
|
||||
- [The Firmware Handbook (Embedded Technology) 1st Edition by Jack Ganssle](https://www.amazon.com/Firmware-Handbook-Embedded-Technology/dp/075067606
|
||||
Reference in New Issue
Block a user