Compare commits

...

4 Commits

Author SHA1 Message Date
Stjepan Jureković
8e3c90efc0
Merge 05b79bc3ef into fbd0301e66 2023-10-17 14:25:02 +02:00
René Helmke
fbd0301e66
add cwe_checker (#34) 2023-10-17 14:23:14 +02:00
René Helmke
3bc3511e79
awesome lint fix (#35)
* awesome-lint action fix
* fix linting errors
  * toc youtube channels entry, ignore awesome-license rule during linting
2023-10-17 14:21:12 +02:00
Stjepan Jureković
05b79bc3ef
Added Edge Computing Technology and Applications
Hi,

Stjepan from Manning here. I thought this title might be a good match for your list. Thank you for considering it.

Best,
2023-01-11 11:26:16 +01:00
2 changed files with 13 additions and 10 deletions

View File

@ -13,7 +13,4 @@ jobs:
- uses: actions/checkout@v2 - uses: actions/checkout@v2
with: with:
fetch-depth: 0 # fix remark-lint:awesome-git-repo-age fetch-depth: 0 # fix remark-lint:awesome-git-repo-age
- name: Test awesome-lint with custom file path - run: 'npx awesome-lint "readme.md"'
uses: jthegedus/github-action-awesome-lint@68fc989d5a01aa127ce502a59f72ebe4166386f1 # commit_sha of tag v0.1.0
with:
args: 'readme.md'

View File

@ -1,3 +1,4 @@
<!--lint ignore awesome-license-->
<div align="center"> <div align="center">
<img width="500" height="350" src="iot_awesome_logo.svg" alt="Awesome"> <img width="500" height="350" src="iot_awesome_logo.svg" alt="Awesome">
<br /> <br />
@ -8,8 +9,8 @@
> A curated list of awesome resources about embedded and IoT security. The list contains software and hardware tools, books, research papers and more. > A curated list of awesome resources about embedded and IoT security. The list contains software and hardware tools, books, research papers and more.
Botnets like [Mirai](<https://en.wikipedia.org/wiki/Mirai_(malware)>) have proven that there is a need for more security in embedded and IoT devices. This list shall help beginners and experts to find helpful resources on the topic. Botnets like [Mirai](<https://en.wikipedia.org/wiki/Mirai_(malware)>) have proven that there is a need for more security in embedded and IoT devices. This list shall help beginners and experts to find helpful resources on the topic.
If you are a beginner, you should have a look at the <ins>*Books*</ins> and <ins>*Case Studies*</ins> sections. If you are a beginner, you should have a look at the <ins>_Books_</ins> and <ins>_Case Studies_</ins> sections.
If you want to start right away with your own analysis, you should give the <ins>*Analysis Frameworks*</ins> a try. If you want to start right away with your own analysis, you should give the <ins>_Analysis Frameworks_</ins> a try.
They are easy to use and you do not need to be an expert to get first meaningful results. They are easy to use and you do not need to be an expert to get first meaningful results.
> Items marked with :euro: are comercial products. > Items marked with :euro: are comercial products.
@ -34,6 +35,7 @@ They are easy to use and you do not need to be an expert to get first meaningful
- [Websites](#websites) - [Websites](#websites)
- [Blogs](#blogs) - [Blogs](#blogs)
- [Tutorials and Technical Background](#tutorials-and-technical-background) - [Tutorials and Technical Background](#tutorials-and-technical-background)
- [YouTube Channels](#youtube-channels)
- [Conferences](#conferences) - [Conferences](#conferences)
- [Contribute](#contribute) - [Contribute](#contribute)
- [License](#license) - [License](#license)
@ -58,6 +60,7 @@ Software tools for analyzing embedded/IoT devices and firmware.
### Analysis Tools ### Analysis Tools
- [Binwalk](https://github.com/ReFirmLabs/binwalk) - Searches a binary for "interesting" stuff, as well as extracts arbitrary files. - [Binwalk](https://github.com/ReFirmLabs/binwalk) - Searches a binary for "interesting" stuff, as well as extracts arbitrary files.
- [cwe\_checker](https://github.com/fkie-cad/cwe_checker) - Finds vulnerable patterns in binary executables - ELF support for x86, ARM, and MIPS, experimental bare-metal support.
- [emba](https://github.com/e-m-b-a/emba) - Analyze Linux-based firmware of embedded devices. - [emba](https://github.com/e-m-b-a/emba) - Analyze Linux-based firmware of embedded devices.
- [Firmadyne](https://github.com/firmadyne/firmadyne) - Tries to emulate and pentest a firmware. - [Firmadyne](https://github.com/firmadyne/firmadyne) - Tries to emulate and pentest a firmware.
- [Firmwalker](https://github.com/craigz28/firmwalker) - Searches extracted firmware images for interesting files and information. - [Firmwalker](https://github.com/craigz28/firmwalker) - Searches extracted firmware images for interesting files and information.
@ -125,6 +128,7 @@ Software tools for analyzing embedded/IoT devices and firmware.
## Books ## Books
- 2023, Perry Lea: [Edge Computing Technology and Applications](https://www.manning.com/books/edge-computing-technology-and-applications)
- 2020, Fotios Chantzis, Evangel Deirme, Ioannis Stais, Paulino Calderon, Beau Woods: [Practical IoT Hacking](https://www.amazon.com/Fotios-Chantzis-ebook/dp/B085BVVSN6/) - 2020, Fotios Chantzis, Evangel Deirme, Ioannis Stais, Paulino Calderon, Beau Woods: [Practical IoT Hacking](https://www.amazon.com/Fotios-Chantzis-ebook/dp/B085BVVSN6/)
- 2020, Jasper van Woudenberg, Colin O'Flynn: [The Hardware Hacking Handbook: Breaking Embedded Security with Hardware Attacks](https://nostarch.com/hardwarehacking) - 2020, Jasper van Woudenberg, Colin O'Flynn: [The Hardware Hacking Handbook: Breaking Embedded Security with Hardware Attacks](https://nostarch.com/hardwarehacking)
- 2019, Yago Hansen: [The Hacker's Hardware Toolkit: The best collection of hardware gadgets for Red Team hackers, Pentesters and security researchers](https://github.com/yadox666/The-Hackers-Hardware-Toolkit/blob/master/TheHackersHardwareToolkit.pdf) - 2019, Yago Hansen: [The Hacker's Hardware Toolkit: The best collection of hardware gadgets for Red Team hackers, Pentesters and security researchers](https://github.com/yadox666/The-Hackers-Hardware-Toolkit/blob/master/TheHackersHardwareToolkit.pdf)
@ -145,6 +149,7 @@ Software tools for analyzing embedded/IoT devices and firmware.
## Research Papers ## Research Papers
<!--lint ignore match-punctuation--> <!--lint ignore match-punctuation-->
- 2020, Oser et al: [SAFER: Development and Evaluation of an IoT Device Risk Assessment Framework in a Multinational Organization](https://dl.acm.org/doi/abs/10.1145/3414173) - 2020, Oser et al: [SAFER: Development and Evaluation of an IoT Device Risk Assessment Framework in a Multinational Organization](https://dl.acm.org/doi/abs/10.1145/3414173)
- 2019, Agarwal et al: [Detecting IoT Devices and How They Put Large Heterogeneous Networks at Security Risk](https://www.mdpi.com/1424-8220/19/19/4107) - 2019, Agarwal et al: [Detecting IoT Devices and How They Put Large Heterogeneous Networks at Security Risk](https://www.mdpi.com/1424-8220/19/19/4107)
- 2019, Almakhdhub et al: [BenchIoT: A Security Benchmark for the Internet of Things](https://nebelwelt.net/publications/files/19DSN.pdf) - 2019, Almakhdhub et al: [BenchIoT: A Security Benchmark for the Internet of Things](https://nebelwelt.net/publications/files/19DSN.pdf)
@ -168,7 +173,7 @@ Software tools for analyzing embedded/IoT devices and firmware.
## Case Studies ## Case Studies
<!--lint ignore no-repeat-punctuation--> <!--lint ignore no-repeat-punctuation-->
- [Binary Hardening in IoT products](https://cyber-itl.org/2019/08/26/iot-data-writeup.html) - [Binary Hardening in IoT products](https://cyber-itl.org/2019/08/26/iot-data-writeup.html)
- [Cracking Linksys “Encryption”](http://www.devttys0.com/2014/02/cracking-linksys-crypto/) - [Cracking Linksys “Encryption”](http://www.devttys0.com/2014/02/cracking-linksys-crypto/)
- [Deadly Sins Of Development](https://youtu.be/nXyglaY9N9w) - Conference talk presenting several real world examples on real bad implementations :tv:. - [Deadly Sins Of Development](https://youtu.be/nXyglaY9N9w) - Conference talk presenting several real world examples on real bad implementations :tv:.
@ -226,6 +231,7 @@ Software tools for analyzing embedded/IoT devices and firmware.
- [UART explained](https://www.mikroe.com/blog/uart-serial-communication) - An in depth explanation of the UART protocol. - [UART explained](https://www.mikroe.com/blog/uart-serial-communication) - An in depth explanation of the UART protocol.
### YouTube Channels ### YouTube Channels
- [Flashback Team](https://www.youtube.com/c/FlashbackTeam) - A duo of hackers explaining their step by step approach to finding and exploiting vulnerabilities in embedded devices. - [Flashback Team](https://www.youtube.com/c/FlashbackTeam) - A duo of hackers explaining their step by step approach to finding and exploiting vulnerabilities in embedded devices.
- [StackSmashing](https://www.youtube.com/c/stacksmashing) - Reverse engineering and hardware hacking of embedded devices. - [StackSmashing](https://www.youtube.com/c/stacksmashing) - Reverse engineering and hardware hacking of embedded devices.
@ -233,9 +239,9 @@ Software tools for analyzing embedded/IoT devices and firmware.
Conferences focused on embedded and/or IoT security. Conferences focused on embedded and/or IoT security.
- [Hardwear.io](https://hardwear.io/) - [Hardwear.io](https://hardwear.io/)
- EU, The Hague, September. - EU, The Hague, September.
- USA, Santa Clara, June. - USA, Santa Clara, June.
## Contribute ## Contribute