A curated list of awesome embedded and IoT security resources.
Go to file
2019-07-29 16:10:15 +02:00
.gitattributes awesome embedded and iot security init 2019-07-26 09:22:29 +02:00
.gitignore awesome embedded and iot security init 2019-07-26 09:22:29 +02:00
.travis.yml awesome embedded and iot security init 2019-07-26 09:22:29 +02:00
code-of-conduct.md awesome embedded and iot security init 2019-07-26 09:22:29 +02:00
contributing.md awesome embedded and iot security init 2019-07-26 09:22:29 +02:00
LICENSE LICENSE File added 2019-07-26 09:41:47 +02:00
package.json awesome embedded and iot security init 2019-07-26 09:22:29 +02:00
readme.md some resources added 2019-07-29 16:10:15 +02:00

Awesome Embedded and IoT Security Awesome

A curated list of resources about embedded and IoT security. The list contains software and hardware tools, books, research papers and more.

Contents

Software Tools

Software tools for analyzing embedded/IoT firmware.

Analysis Frameworks

  • FACT - The Firmware Analysis and Comparison Tool - Full featured static analysis framework including extraction of firmware, analysis utilizing different plug-ins and comparison of different firmware versions.
  • EXPLIoT - Pentest framework like Metasploit but specialized for IoT.

Analysis Tools

  • Binwalk - Searches a binary for "interesting" stuff.
  • Firmadyne - Tries to emulate and pentest a firmware.
  • firmwalker - Searches extracted firmware images for interesting files and information.
  • Trommel - Searches extracted firmware images for interesting files and information.

Extraction Tools

  • Binwalk - Extracts arbitrary files utilizing a carving approach.
  • FACT Extractor - Detects container format automatically and executes the corresponding extraction tool.
  • Firmware Mod Kit - Extraction tools for several container formats.

Hardware Tools

  • Bus Blaster - Detects and interacts with hardware debug ports like UART and JTAG.
  • Bus Pirate - Detects and interacts with hardware debug ports like UART and JTAG.
  • JTAGULATOR - Detects JTAG Pinouts.

Books

Research Papers

Case Studies

Case studies are a good start to learn how to find a vulnerabilities in embedded firmware.

Websites

Conferences

Contribute

Contributions welcome! Read the contribution guidelines first.

License

CC0

To the extent possible under law, Fraunhofer FKIE has waived all copyright and related or neighboring rights to this work.