Awesome-Mirrors
/
awesome-embedded-and-iot-security
mirror of https://github.com/fkie-cad/awesome-embedded-and-iot-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

PR

This commit is contained in:
0xricksanchez 2020-04-14 08:44:26 +02:00
parent 93b83a8a90
commit 95c01c661a
1 changed files with 17 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
readme.md
View File

@ -21,13 +21,15 @@ They are easy to use and you do not need to be an expert to get first meaningful
- [Analysis Tools](#analysis-tools)
- [Extraction Tools](#extraction-tools)
- [Support Tools](#support-tools)
- [Misc Tools](#misc-tools)
- [Hardware Tools](#hardware-tools)
- [Books](#books)
- [Research Papers](#research-papers)
- [Case Studies](#case-studies)
- [Free Training](#free-training)
- [Websites](#websites)
- [Blogs](#blogs)
- [Blogs](#blogs)
- [Tutorials and Technical Background](#tutorials-and-technical-background)
- [Conferences](#conferences)
@ -48,7 +50,7 @@ Software tools for analyzing embedded/IoT devices and firmware.
### Analysis Tools
- [Binwalk](https://github.com/ReFirmLabs/binwalk) - Searches a binary for "interesting" stuff.
- [Binwalk](https://github.com/ReFirmLabs/binwalk) - Searches a binary for "interesting" stuff.
- [Firmadyne](https://github.com/firmadyne/firmadyne) - Tries to emulate and pentest a firmware.
- [Firmwalker](https://github.com/craigz28/firmwalker) - Searches extracted firmware images for interesting files and information.
- [Firmware Slap](https://github.com/ChrisTheCoolHut/Firmware_Slap) - Discovering vulnerabilities in firmware through concolic analysis and function clustering.
@ -68,6 +70,10 @@ Software tools for analyzing embedded/IoT devices and firmware.
- [JTAGenum](https://github.com/cyphunk/JTAGenum) - Add JTAG capabilities to an Arduino.
- [OpenOCD](http://openocd.org/) - Free and Open On-Chip Debugging, In-System Programming and Boundary-Scan Testing.
### Misc Tools
- [Samsung Firmware Magic](https://github.com/chrivers/samsung-firmware-magic) - Decrypt Samsung SSD firmware updates.
## Hardware Tools
- [Bus Blaster](http://dangerousprototypes.com/docs/Bus_Blaster) - Detects and interacts with hardware debug ports like [UART](https://en.wikipedia.org/wiki/Universal_asynchronous_receiver-transmitter) and [JTAG](https://en.wikipedia.org/wiki/JTAG).
@ -122,17 +128,14 @@ s](http://www.s3.eurecom.fr/docs/usenixsec14_costin.pdf)
- [Binary Hardening in IoT products](https://cyber-itl.org/2019/08/26/iot-data-writeup.html)
- [Cracking Linksys “Encryption”](http://www.devttys0.com/2014/02/cracking-linksys-crypto/)
- [Deadly Sins Of Development](https://youtu.be/nXyglaY9N9w) - Conference talk presenting several real world examples on real bad implementations :tv:.
- [Dumping firmware a device with a buspirate and a SPI flash chip](https://www.iotpentest.com/2019/06/dumping-firmware-from-device-using.html)
- [Dumping firmware from a device's SPI flash with a buspirate](https://www.iotpentest.com/2019/06/dumping-firmware-from-device-using.html)
- [Hacking the DSP-W215, Again](http://www.devttys0.com/2014/05/hacking-the-dspw215-again/)
- [Hacking the PS4](https://cturt.github.io/ps4.html) - Introduction to PS4's security.
- [JTAG Explained](https://blog.senr.io/blog/jtag-explained#) - A walkthrough covering UART and JTAG bypassing a protected login shell.
- [Multiple vulnerabilities found in the D-link DWR-932B](https://pierrekim.github.io/blog/2016-09-28-dlink-dwr-932b-lte-routers-vulnerabilities.html)
- [Pwning the Dlink 850L routers and abusing the MyDlink Cloud protocol](https://pierrekim.github.io/blog/2017-09-08-dlink-850l-mydlink-cloud-0days-vulnerabilities.html)
- [PWN Xerox Printers (...again)](https://www.fkie.fraunhofer.de/content/dam/fkie/de/documents/xerox_phaser_6700_white_paper.pdf)
- [Reverse Engineering Serial Ports](http://www.devttys0.com/2012/11/reverse-engineering-serial-ports/)
- [Reversing Firmware With Radare](https://www.bored-nerds.com/reversing/radare/automotive/2019/07/07/reversing-firmware-with-radare.html)
- [Reversing the Huawei HG533](http://jcjc-dev.com/2016/04/08/reversing-huawei-router-1-find-uart/)
- [Samsung Firmware Magic](https://github.com/chrivers/samsung-firmware-magic)
## Free Training
@ -154,15 +157,21 @@ s](http://www.s3.eurecom.fr/docs/usenixsec14_costin.pdf)
### Blogs
<!--lint ignore no-repeat-punctuation-->
- [Azeria Lab](https://azeria-labs.com/writing-arm-assembly-part-1/)
- [/dev/ttyS0's Embedded Device Hacking](http://www.devttys0.com/blog/)
- [Exploiteers](https://www.exploitee.rs/)
- [Hackaday](https://hackaday.com)
- [jcjc's Hack The World](https://jcjc-dev.com/)
- [Mikroe - UART explained](https://www.mikroe.com/blog/uart-serial-communication)
- [Quarkslab](https://blog.quarkslab.com/)
- [wrong baud](https://wrongbaud.github.io/)
### Tutorials and Technical Background
- [Azeria Lab](https://azeria-labs.com/) - Miscellaneous ARM related Tutorials.
- [JTAG Explained](https://blog.senr.io/blog/jtag-explained#) - A walkthrough covering UART and JTAG bypassing a protected login shell.
- [Reverse Engineering Serial Ports](http://www.devttys0.com/2012/11/reverse-engineering-serial-ports/) - Detailed tutorial about how to spot debug pads on a PCB.
- [UART explained](https://www.mikroe.com/blog/uart-serial-communication) - An in depth explanation of the UART protocol.
## Conferences
Conferences focused on embedded and/or IoT security.