From 95c01c661a1ee9ee6a0cb8ca3fb7612092ea454c Mon Sep 17 00:00:00 2001 From: 0xricksanchez Date: Tue, 14 Apr 2020 08:44:26 +0200 Subject: [PATCH] PR --- readme.md | 25 +++++++++++++++++-------- 1 file changed, 17 insertions(+), 8 deletions(-) diff --git a/readme.md b/readme.md index 7a1d887..976185e 100644 --- a/readme.md +++ b/readme.md @@ -21,13 +21,15 @@ They are easy to use and you do not need to be an expert to get first meaningful - [Analysis Tools](#analysis-tools) - [Extraction Tools](#extraction-tools) - [Support Tools](#support-tools) + - [Misc Tools](#misc-tools) - [Hardware Tools](#hardware-tools) - [Books](#books) - [Research Papers](#research-papers) - [Case Studies](#case-studies) - [Free Training](#free-training) - [Websites](#websites) - - [Blogs](#blogs) + - [Blogs](#blogs) + - [Tutorials and Technical Background](#tutorials-and-technical-background) - [Conferences](#conferences) @@ -48,7 +50,7 @@ Software tools for analyzing embedded/IoT devices and firmware. ### Analysis Tools -- [Binwalk](https://github.com/ReFirmLabs/binwalk) - Searches a binary for "interesting" stuff. +- [Binwalk](https://github.com/ReFirmLabs/binwalk) - Searches a binary for "interesting" stuff. - [Firmadyne](https://github.com/firmadyne/firmadyne) - Tries to emulate and pentest a firmware. - [Firmwalker](https://github.com/craigz28/firmwalker) - Searches extracted firmware images for interesting files and information. - [Firmware Slap](https://github.com/ChrisTheCoolHut/Firmware_Slap) - Discovering vulnerabilities in firmware through concolic analysis and function clustering. @@ -68,6 +70,10 @@ Software tools for analyzing embedded/IoT devices and firmware. - [JTAGenum](https://github.com/cyphunk/JTAGenum) - Add JTAG capabilities to an Arduino. - [OpenOCD](http://openocd.org/) - Free and Open On-Chip Debugging, In-System Programming and Boundary-Scan Testing. +### Misc Tools + +- [Samsung Firmware Magic](https://github.com/chrivers/samsung-firmware-magic) - Decrypt Samsung SSD firmware updates. + ## Hardware Tools - [Bus Blaster](http://dangerousprototypes.com/docs/Bus_Blaster) - Detects and interacts with hardware debug ports like [UART](https://en.wikipedia.org/wiki/Universal_asynchronous_receiver-transmitter) and [JTAG](https://en.wikipedia.org/wiki/JTAG). @@ -122,17 +128,14 @@ s](http://www.s3.eurecom.fr/docs/usenixsec14_costin.pdf) - [Binary Hardening in IoT products](https://cyber-itl.org/2019/08/26/iot-data-writeup.html) - [Cracking Linksys “Encryption”](http://www.devttys0.com/2014/02/cracking-linksys-crypto/) - [Deadly Sins Of Development](https://youtu.be/nXyglaY9N9w) - Conference talk presenting several real world examples on real bad implementations :tv:. -- [Dumping firmware a device with a buspirate and a SPI flash chip](https://www.iotpentest.com/2019/06/dumping-firmware-from-device-using.html) +- [Dumping firmware from a device's SPI flash with a buspirate](https://www.iotpentest.com/2019/06/dumping-firmware-from-device-using.html) - [Hacking the DSP-W215, Again](http://www.devttys0.com/2014/05/hacking-the-dspw215-again/) - [Hacking the PS4](https://cturt.github.io/ps4.html) - Introduction to PS4's security. -- [JTAG Explained](https://blog.senr.io/blog/jtag-explained#) - A walkthrough covering UART and JTAG bypassing a protected login shell. - [Multiple vulnerabilities found in the D-link DWR-932B](https://pierrekim.github.io/blog/2016-09-28-dlink-dwr-932b-lte-routers-vulnerabilities.html) - [Pwning the Dlink 850L routers and abusing the MyDlink Cloud protocol](https://pierrekim.github.io/blog/2017-09-08-dlink-850l-mydlink-cloud-0days-vulnerabilities.html) - [PWN Xerox Printers (...again)](https://www.fkie.fraunhofer.de/content/dam/fkie/de/documents/xerox_phaser_6700_white_paper.pdf) -- [Reverse Engineering Serial Ports](http://www.devttys0.com/2012/11/reverse-engineering-serial-ports/) - [Reversing Firmware With Radare](https://www.bored-nerds.com/reversing/radare/automotive/2019/07/07/reversing-firmware-with-radare.html) - [Reversing the Huawei HG533](http://jcjc-dev.com/2016/04/08/reversing-huawei-router-1-find-uart/) -- [Samsung Firmware Magic](https://github.com/chrivers/samsung-firmware-magic) ## Free Training @@ -154,15 +157,21 @@ s](http://www.s3.eurecom.fr/docs/usenixsec14_costin.pdf) ### Blogs -- [Azeria Lab](https://azeria-labs.com/writing-arm-assembly-part-1/) - [/dev/ttyS0's Embedded Device Hacking](http://www.devttys0.com/blog/) - [Exploiteers](https://www.exploitee.rs/) - [Hackaday](https://hackaday.com) - [jcjc's Hack The World](https://jcjc-dev.com/) -- [Mikroe - UART explained](https://www.mikroe.com/blog/uart-serial-communication) - [Quarkslab](https://blog.quarkslab.com/) - [wrong baud](https://wrongbaud.github.io/) +### Tutorials and Technical Background + +- [Azeria Lab](https://azeria-labs.com/) - Miscellaneous ARM related Tutorials. +- [JTAG Explained](https://blog.senr.io/blog/jtag-explained#) - A walkthrough covering UART and JTAG bypassing a protected login shell. +- [Reverse Engineering Serial Ports](http://www.devttys0.com/2012/11/reverse-engineering-serial-ports/) - Detailed tutorial about how to spot debug pads on a PCB. +- [UART explained](https://www.mikroe.com/blog/uart-serial-communication) - An in depth explanation of the UART protocol. + + ## Conferences Conferences focused on embedded and/or IoT security.