mirror of
https://github.com/V33RU/awesome-connected-things-sec.git
synced 2026-04-10 12:33:45 +00:00
4.2 KiB
4.2 KiB
Automotive
AutomotiveSecurity
Automotive-Security comprises a vast amount of interlinkings to different cybersecurity areas like IoT Security. So, don't limit yourself.
This page contains additional stuff specific to automotive security compared to IoTSecurity101.
Note: Explore each link to dig more into your topic of interest.
ApproachMethodology
- 1. In-Vehicle Network
- 2. Hardware Hacking & Fault Injections & SCA Attacks
- 3. Firmware Pentesting (OS and Firmware)
- 4. Wireless Connectivity (RF, Zigbee, WiFi, Bluetooth, etc)
- 5. Mobile App (Android & iOS)
- 6. Cloud / Telemetry
Contents
AutomotiveSecurityInformation
InVehicleNetworkCommunicationProtocols
AutomotiveSecurityCommunity
BooksChannelsRelatedToAutomotiveSecurity
Books
Channels
Blogs
ExploitationTools
Hardware
Software
Libraries
Automotive Security Updates
Research Papers & Attack Vectors
- UWBAD - UWB-based keyless entry jamming using COTS hardware. (arXiv)
- SAE J1939 Attacks - Exploits on heavy-vehicle transport layer protocol. (arXiv)
Real-World Exploits
- Kia License Plate API Bug - Remote control via backend endpoint.
- Škoda Mobile App Vulnerability - Weak backend auth led to data & location leaks.
- Nissan Leaf VIN Bug - Climate and trip data control via known VINs.
- Pwn2Own Automotive
- Alpine & Sony IVI RCE
- Tesla EV Charger Remote Exploit
New Tools and Repos
- jaredthecoder/awesome-vehicle-security
- wtsxDev/Vehicle-Security
- souravbaghz/Carpunk
- I-CAN-hack/pq-flasher
Conference & Community Highlights
Recommendations
- Watch: DEF CON Car Hacking Village & Pwn2Own Automotive.
- Read: UWBAD, J1939, backend abuse papers.
- Use: CANalyzat0r, Carpunk, CANalyse2.0.
- Follow: GitHub repos by jaredthecoder, wtsxDev.
- Harden: API auth, VIN exposure, OTA process, UWB signal filtering.