cyber-security-resources/IoT

IoT Resources

OWASP Resources

• OWASP Internet of Things Project
• OWASP Firmware Security Testing Methodology

IoT Hacking Communities

• IoT Village
• BuildItSecure.ly
• Secure Internet of Things Project (Stanford)

Training Available Through ICS-CERT

• https://ics-cert.us-cert.gov/Training-Available-Through-ICS-CERT

Interesting Blogs

• http://iotpentest.com/
• https://blog.attify.com
• https://payatu.com/blog/
• http://jcjc-dev.com/
• https://w00tsec.blogspot.in/
• http://www.devttys0.com/
• https://www.rtl-sdr.com/
• https://keenlab.tencent.com/en/
• https://courk.cc/
• https://iotsecuritywiki.com/
• https://cybergibbons.com/
• http://firmware.re/

CTFs Related to IoT's and Embedded Devices

• https://github.com/hackgnar/ble_ctf
• https://www.microcorruption.com/
• https://github.com/Riscure/Rhme-2016
• https://github.com/Riscure/Rhme-2017

YouTube Channels for Embedded hacking

• Liveoverflow
• Binary Adventure
• EEVBlog
• JackkTutorials
• Craig Smith

Reverse Enginnering Tools

• IDA Pro
• GDB
• Radare2

MQTT

• Introduction
• Hacking the IoT with MQTT
• thoughts about using IoT MQTT for V2V and Connected Car from CES 2014
• Nmap
• The Seven Best MQTT Client Tools
• A Guide to MQTT by Hacking a Doorbell to send Push Notifications

CoAP

• Introduction
• CoAP client Tools
• CoAP Pentest Tools
• Nmap

Automobile

• Introduction and protocol Overview
• PENTESTING VEHICLES WITH CANTOOLZ
• Building a Car Hacking Development Workbench: Part1
• CANToolz - Black-box CAN network analysis framework

Radio IoT Protocols Overview

• Understanding Radio
• Signal Processing
• Software Defined Radio
• Gnuradio
• Creating a flow graph
• Analysing radio signals
• Recording specific radio signal
• Replay Attacks

Base transceiver station (BTS)

• what is base tranceiver station
• How to Build Your Own Rogue GSM BTS

GSM & SS7 Pentesting

• Introduction to GSM Security
• GSM Security 2
• vulnerabilities in GSM security with USRP B200
• Security Testing 4G (LTE) Networks
• Case Study of SS7/SIGTRAN Assessment
• Telecom Signaling Exploitation Framework - SS7, GTP, Diameter & SIP
• ss7MAPer – A SS7 pen testing toolkit
• Introduction to SIGTRAN and SIGTRAN Licensing
• SS7 Network Architecture
• Introduction to SS7 Signaling

Zigbee & Zwave

• Introduction and protocol Overview
• Hacking Zigbee Devices with Attify Zigbee Framework
• Hands-on with RZUSBstick
• ZigBee & Z-Wave Security Brief

BLE

• Traffic Engineering in a Bluetooth Piconet

• BLE Characteristics Reconnaissance (Active and Passive) with HCI Tools

  • btproxy
  • hcitool & bluez
  • Testing With GATT Tool
  • Cracking encryption

Mobile security (Android & iOS)

• Android
• Android Pentest Video Course
• IOS Pentesting

ARM

• Azeria Labs
• ARM EXPLOITATION FOR IoT

Firmware Pentest

• Firmware analysis and reversing
• Firmware emulation with QEMU
• Dumping Firmware using Buspirate

IoT hardware Overview

• IoT Hardware Guide

Hardware Tools

• Bus Pirate
• EEPROM readers
• Jtagulator / Jtagenum
• Logic Analyzer
• The Shikra
• FaceDancer21 (USB Emulator/USB Fuzzer)
• RfCat
• IoT Exploitation Learning Kit
• Hak5Gear- Hak5FieldKits
• Ultra-Mini Bluetooth CSR 4.0 USB Dongle Adapter
• Attify Badge - UART, JTAG, SPI, I2C (w/ headers)

Hardware Interfaces

• Serial Terminal Basics
• Reverse Engineering Serial Ports

UART

• Identifying UART interface
• onewire-over-uart
• Accessing sensor via UART

JTAG

• Identifying JTAG interface
• NAND Glitching Attack