rhetenor/awesome-awesomeness
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
master
awesome-awesomeness/html/embeddedandiotsecurity.md2.html
rhetenor 652812eed0 update
2025-07-18 23:13:11 +02:00

507 lines
24 KiB
HTML
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<!--lint ignore awesome-license-->
<div data-align="center">
<pre><code>&lt;img width=&quot;500&quot; height=&quot;350&quot; src=&quot;iot_awesome_logo.svg&quot; alt=&quot;Awesome&quot;&gt;</code></pre>
<p><br /></p>
</div>
<h1 id="awesome-embedded-and-iot-security-awesome">Awesome Embedded and
IoT Security <a href="https://awesome.re"><img
src="https://awesome.re/badge.svg" alt="Awesome" /></a></h1>
<blockquote>
<p>A curated list of awesome resources about embedded and IoT security.
The list contains software and hardware tools, books, research papers
and more.</p>
</blockquote>
<p>Botnets like <a
href="https://en.wikipedia.org/wiki/Mirai_(malware)">Mirai</a> have
proven that there is a need for more security in embedded and IoT
devices. This list shall help beginners and experts to find helpful
resources on the topic.<br />
If you are a beginner, you should have a look at the
<ins><em>Books</em></ins> and <ins><em>Case Studies</em></ins>
sections.<br />
If you want to start right away with your own analysis, you should give
the <ins><em>Analysis Frameworks</em></ins> a try. They are easy to use
and you do not need to be an expert to get first meaningful results.</p>
<blockquote>
<p>Items marked with :euro: are comercial products.</p>
</blockquote>
<h2 id="contents">Contents</h2>
<ul>
<li><a href="#software-tools">Software Tools</a>
<ul>
<li><a href="#analysis-frameworks">Analysis Frameworks</a></li>
<li><a href="#analysis-tools">Analysis Tools</a></li>
<li><a href="#extraction-tools">Extraction Tools</a></li>
<li><a href="#support-tools">Support Tools</a></li>
<li><a href="#misc-tools">Misc Tools</a></li>
</ul></li>
<li><a href="#hardware-tools">Hardware Tools</a>
<ul>
<li><a href="#bluetooth-ble-tools">Bluetooth BLE Tools</a></li>
<li><a href="#zigbee-tools">ZigBee Tools</a></li>
<li><a href="#sdr-tools">SDR Tools</a></li>
<li><a href="#rfid-nfc-tools">RFID NFC Tools</a></li>
</ul></li>
<li><a href="#books">Books</a></li>
<li><a href="#research-papers">Research Papers</a></li>
<li><a href="#case-studies">Case Studies</a></li>
<li><a href="#free-training">Free Training</a></li>
<li><a href="#websites">Websites</a>
<ul>
<li><a href="#blogs">Blogs</a></li>
<li><a href="#tutorials-and-technical-background">Tutorials and
Technical Background</a></li>
<li><a href="#youtube-channels">YouTube Channels</a></li>
</ul></li>
<li><a href="#conferences">Conferences</a></li>
<li><a href="#contribute">Contribute</a></li>
<li><a href="#license">License</a></li>
</ul>
<h2 id="software-tools">Software Tools</h2>
<p>Software tools for analyzing embedded/IoT devices and firmware.</p>
<h3 id="analysis-frameworks">Analysis Frameworks</h3>
<ul>
<li><a href="https://gitlab.com/expliot_framework/expliot">EXPLIoT</a> -
Pentest framework like Metasploit but specialized for IoT.</li>
<li><a href="https://fkie-cad.github.io/FACT_core/">FACT - The Firmware
Analysis and Comparison Tool</a> - Full-featured static analysis
framework including extraction of firmware, analysis utilizing different
plug-ins and comparison of different firmware versions.
<ul>
<li><a
href="https://passthesalt.ubicast.tv/videos/improving-your-firmware-security-analysis-process-with-fact/">Improving
your firmware security analysis process with FACT</a> - Conference talk
about FACT :tv:.</li>
</ul></li>
<li><a
href="https://github.com/cruise-automation/fwanalyzer">FwAnalyzer</a> -
Analyze security of firmware based on customized rules. Intended as
additional step in DevSecOps, similar to CI.</li>
<li><a href="https://github.com/emsec/hal">HAL The Hardware
Analyzer</a> - A comprehensive reverse engineering and manipulation
framework for gate-level netlists.</li>
<li><a href="https://github.com/ElevenPaths/HomePWN">HomePWN</a> - Swiss
Army Knife for Pentesting of IoT Devices.</li>
<li><a
href="https://gitlab.com/invuls/iot-projects/iotsecfuzz">IoTSecFuzz</a>
- Framework for automatisation of IoT layers security analysis:
hardware, software and communication.</li>
<li><a href="https://github.com/riverloopsec/killerbee">Killerbee</a> -
Framework for Testing &amp; Auditing ZigBee and IEEE 802.15.4
Networks.</li>
<li><a href="https://github.com/RUB-NDS/PRET">PRET</a> - Printer
Exploitation Toolkit.</li>
<li><a href="https://github.com/threat9/routersploit">Routersploit</a> -
Framework dedicated to exploit embedded devices.</li>
</ul>
<h3 id="analysis-tools">Analysis Tools</h3>
<ul>
<li><a href="https://github.com/ReFirmLabs/binwalk">Binwalk</a> -
Searches a binary for “interesting” stuff, as well as extracts arbitrary
files.</li>
<li><a href="https://github.com/fkie-cad/cwe_checker">cwe_checker</a> -
Finds vulnerable patterns in binary executables - ELF support for x86,
ARM, and MIPS, experimental bare-metal support.</li>
<li><a href="https://github.com/e-m-b-a/emba">emba</a> - Analyze
Linux-based firmware of embedded devices.</li>
<li><a href="https://github.com/firmadyne/firmadyne">Firmadyne</a> -
Tries to emulate and pentest a firmware.</li>
<li><a href="https://github.com/craigz28/firmwalker">Firmwalker</a> -
Searches extracted firmware images for interesting files and
information.</li>
<li><a href="https://github.com/ChrisTheCoolHut/Firmware_Slap">Firmware
Slap</a> - Discovering vulnerabilities in firmware through concolic
analysis and function clustering.</li>
<li><a href="https://ghidra-sre.org/">Ghidra</a> - Software Reverse
Engineering suite; handles arbitrary binaries, if you provide CPU
architecture and endianness of the binary.</li>
<li><a href="https://github.com/radare/radare2">Radare2</a> - Software
Reverse Engineering framework, also handles popular formats and
arbitrary binaries, has an extensive command line toolset.</li>
<li><a href="https://github.com/CERTCC/trommel">Trommel</a> - Searches
extracted firmware images for interesting files and information.</li>
</ul>
<h3 id="extraction-tools">Extraction Tools</h3>
<ul>
<li><a href="https://github.com/fkie-cad/fact_extractor">FACT
Extractor</a> - Detects container format automatically and executes the
corresponding extraction tool.</li>
<li><a href="https://github.com/rampageX/firmware-mod-kit/wiki">Firmware
Mod Kit</a> - Extraction tools for several container formats.</li>
<li><a href="http://srecord.sourceforge.net/">The SRecord package</a> -
Collection of tools for manipulating EPROM files (can convert lots of
binary formats).</li>
</ul>
<h3 id="support-tools">Support Tools</h3>
<ul>
<li><a href="https://github.com/cyphunk/JTAGenum">JTAGenum</a> - Add
JTAG capabilities to an Arduino.</li>
<li><a href="http://openocd.org/">OpenOCD</a> - Free and Open On-Chip
Debugging, In-System Programming and Boundary-Scan Testing.</li>
</ul>
<h3 id="misc-tools">Misc Tools</h3>
<ul>
<li><a href="https://github.com/Samsung/cotopaxi">Cotopaxi</a> - Set of
tools for security testing of Internet of Things devices using specific
network IoT protocols.</li>
<li><a href="https://github.com/ohjeongwook/dumpflash">dumpflash</a> -
Low-level NAND Flash dump and parsing utility.</li>
<li><a href="https://github.com/flashrom/flashrom">flashrom</a> - Tool
for detecting, reading, writing, verifying and erasing flash chips.</li>
<li><a href="https://github.com/chrivers/samsung-firmware-magic">Samsung
Firmware Magic</a> - Decrypt Samsung SSD firmware updates.</li>
</ul>
<h2 id="hardware-tools">Hardware Tools</h2>
<ul>
<li><a href="http://dangerousprototypes.com/docs/Bus_Blaster">Bus
Blaster</a> - Detects and interacts with hardware debug ports like <a
href="https://en.wikipedia.org/wiki/Universal_asynchronous_receiver-transmitter">UART</a>
and <a href="https://en.wikipedia.org/wiki/JTAG">JTAG</a>.</li>
<li><a href="http://dangerousprototypes.com/docs/Bus_Pirate">Bus
Pirate</a> - Detects and interacts with hardware debug ports like UART
and JTAG.</li>
<li><a href="https://int3.cc/products/the-shikra">Shikra</a> - Detects
and interacts with hardware debug ports like UART and JTAG. Among other
protocols.</li>
<li><a href="http://www.grandideastudio.com/jtagulator/">JTAGULATOR</a>
- Detects JTAG Pinouts fast.</li>
<li><a href="https://www.saleae.com/">Saleae</a> - Easy to use Logic
Analyzer that support many protocols :euro:.</li>
<li><a
href="https://www.ikalogic.com/pages/logic-analyzer-sp-series-sp209">Ikalogic</a>
- Alternative to Saleae logic analyzers :euro:.</li>
<li><a
href="https://hydrabus.com/hydrabus-1-0-specifications/">HydraBus</a> -
Open source multi-tool hardware similar to the BusPirate but with NFC
capabilities.</li>
<li><a href="https://newae.com/chipwhisperer/">ChipWhisperer</a> -
Detects Glitch/Side-channel attacks.</li>
<li><a href="https://github.com/GlasgowEmbedded/Glasgow">Glasgow</a> -
Tool for exploring and debugging different digital interfaces.</li>
<li><a
href="https://www.segger.com/products/debug-probes/j-link/models/model-overview/">J-Link</a>
- J-Link offers USB powered JTAG debug probes for multiple different CPU
cores :euro:.</li>
</ul>
<h3 id="bluetooth-ble-tools">Bluetooth BLE Tools</h3>
<ul>
<li><a href="https://greatscottgadgets.com/ubertoothone/">UberTooth
One</a> - Open source 2.4 GHz wireless development platform suitable for
Bluetooth experimentation.</li>
<li><a href="https://www.adafruit.com/product/2269">Bluefruit LE
Sniffer</a> - Easy to use Bluetooth Low Energy sniffer.</li>
</ul>
<h3 id="zigbee-tools">ZigBee Tools</h3>
<ul>
<li><a href="http://apimote.com">ApiMote</a> - ZigBee security research
hardware for learning about and evaluating the security of IEEE
802.15.4/ZigBee systems. Killerbee compatible.</li>
<li>Atmel RZUSBstick - Discontinued product. Lucky if you have one! -
Tool for development, debugging and demonstration of a wide range of low
power wireless applications including IEEE 802.15.4, 6LoWPAN, and ZigBee
networks. Killerbee compatible.</li>
<li><a
href="https://freaklabsstore.com/index.php?main_page=product_info&amp;cPath=22&amp;products_id=219&amp;zenid=fpmu2kuuk4abjf6aurt3bjnfk4">Freakduino</a>
- Low Cost Battery Operated Wireless Arduino Board that can be turned
into a IEEE 802.15.4 protocol sniffer.</li>
</ul>
<h3 id="sdr-tools">SDR Tools</h3>
<ul>
<li><a
href="https://www.rtl-sdr.com/buy-rtl-sdr-dvb-t-dongles/">RTL-SDR</a> -
Cheapest SDR for beginners. It is a computer based radio scanner for
receiving live radio signals frequencies from 500 kHz up to 1.75
GHz.</li>
<li><a href="https://greatscottgadgets.com/hackrf/">HackRF One</a> -
Software Defined Radio peripheral capable of transmission or reception
of radio signals from 1 MHz to 6 GHz (half-duplex).</li>
<li><a href="https://greatscottgadgets.com/yardstickone/">YardStick
One</a> - Half-duplex sub-1 GHz wireless transceiver.</li>
<li><a href="https://www.crowdsupply.com/lime-micro/limesdr">LimeSDR</a>
- Software Defined Radio peripheral capable of transmission or reception
of radio signals from 100 KHz to 3.8 GHz (full-duplex).</li>
<li><a href="https://www.nuand.com/bladerf-2-0-micro/">BladeRF 2.0</a> -
Software Defined Radio peripheral capable of transmission or reception
of radio signals from 47 MHz to 6 GHz (full-duplex).</li>
<li><a
href="https://www.ettus.com/product-categories/usrp-bus-series/">USRP B
Series</a> - Software Defined Radio peripheral capable of transmission
or reception of radio signals from 70 MHz to 6 GHz (full-duplex).</li>
</ul>
<h3 id="rfid-nfc-tools">RFID NFC Tools</h3>
<ul>
<li><a href="https://www.proxmark.com/">Proxmark 3 RDV4</a> - Powerful
general purpose RFID tool. From Low Frequency (125kHz) to High Frequency
(13.56MHz) tags.</li>
<li><a href="http://chameleontiny.com/">ChamaleonMini</a> -
Programmable, portable tool for NFC security analysis.</li>
<li><a
href="https://hydrabus.com/hydranfc-1-0-specifications/">HydraNFC</a> -
Powerful 13.56MHz RFID / NFC platform. Read / write / crack / sniff /
emulate.</li>
</ul>
<h2 id="books">Books</h2>
<ul>
<li>2020, Fotios Chantzis, Evangel Deirme, Ioannis Stais, Paulino
Calderon, Beau Woods: <a
href="https://www.amazon.com/Fotios-Chantzis-ebook/dp/B085BVVSN6/">Practical
IoT Hacking</a></li>
<li>2020, Jasper van Woudenberg, Colin OFlynn: <a
href="https://nostarch.com/hardwarehacking">The Hardware Hacking
Handbook: Breaking Embedded Security with Hardware Attacks</a></li>
<li>2019, Yago Hansen: <a
href="https://github.com/yadox666/The-Hackers-Hardware-Toolkit/blob/master/TheHackersHardwareToolkit.pdf">The
Hackers Hardware Toolkit: The best collection of hardware gadgets for
Red Team hackers, Pentesters and security researchers</a></li>
<li>2019, Aditya Gupta: <a
href="https://www.apress.com/us/book/9781484242995">The IoT Hackers
Handbook: A Practical Guide to Hacking the Internet of Things</a></li>
<li>2018, Mark Swarup Tehranipoor: <a
href="https://www.elsevier.com/books/hardware-security/bhunia/978-0-12-812477-2">Hardware
Security: A Hands-on Learning Approach</a></li>
<li>2018, Mark Carney: <a
href="https://github.com/unprovable/PentestHardware">Pentesting Hardware
- A Practical Handbook (DRAFT)</a></li>
<li>2018, Qing Yang, Lin Huang <a
href="https://link.springer.com/book/10.1007/978-981-10-8447-8">Inside
Radio: An Attack and Defense Guide</a></li>
<li>2017, Aditya Gupta, Aaron Guzman: <a
href="https://www.packtpub.com/networking-and-servers/iot-penetration-testing-cookbook">IoT
Penetration Testing Cookbook</a></li>
<li>2017, Andrew Huang: <a
href="https://nostarch.com/hardwarehackerpaperback">The Hardware Hacker:
Adventures in Making and Breaking Hardware</a></li>
<li>2016, Craig Smith: <a href="https://nostarch.com/carhacking">The Car
Hackers Handbook: A Guide for the Penetration Tester</a></li>
<li>2015, Keng Tiong Ng: <a
href="https://visio-for-engineers.blogspot.com/p/order.html">The Art of
PCB Reverse Engineering</a></li>
<li>2015, Nitesh Dhanjan: <a
href="https://shop.oreilly.com/product/0636920033547.do">Abusing the
Internet of Things: Blackouts, Freakouts, and Stakeouts</a></li>
<li>2015, Joshua Wright , Johnny Cache: <a
href="https://www.mhprofessional.com/9780071827638-usa-hacking-exposed-wireless-third-edition-group">Hacking
Wireless Exposed</a></li>
<li>2014, Debdeep Mukhopadhyay: <a
href="https://www.taylorfrancis.com/books/9780429066900">Hardware
Security: Design, Threats, and Safeguards</a></li>
<li>2014, Jack Ganssle: <a
href="https://www.elsevier.com/books/the-firmware-handbook/ganssle/978-0-7506-7606-9">The
Firmware Handbook (Embedded Technology)</a></li>
<li>2013, Andrew Huang: <a href="https://nostarch.com/xboxfree">Hacking
the XBOX</a></li>
</ul>
<h2 id="research-papers">Research Papers</h2>
<!--lint ignore match-punctuation-->
<ul>
<li>2020, Oser et al: <a
href="https://dl.acm.org/doi/abs/10.1145/3414173">SAFER: Development and
Evaluation of an IoT Device Risk Assessment Framework in a Multinational
Organization</a></li>
<li>2019, Agarwal et al: <a
href="https://www.mdpi.com/1424-8220/19/19/4107">Detecting IoT Devices
and How They Put Large Heterogeneous Networks at Security Risk</a></li>
<li>2019, Almakhdhub et al: <a
href="https://nebelwelt.net/publications/files/19DSN.pdf">BenchIoT: A
Security Benchmark for the Internet of Things</a></li>
<li>2019, Alrawi et al: <a
href="https://alrawi.github.io/static/papers/alrawi_sok_sp19.pdf">SoK:
Security Evaluation of Home-Based IoT Deployments</a></li>
<li>2019, Abbasi et al: <a
href="https://ieeexplore.ieee.org/abstract/document/8806725">Challenges
in Designing Exploit Mitigations for Deeply Embedded Systems</a></li>
<li>2019, Song et al: <a
href="https://www.ndss-symposium.org/wp-content/uploads/2019/02/ndss2019_04A-1_Song_paper.pdf">PeriScope:
An Effective Probing and Fuzzing Framework for the Hardware-OS
Boundary</a></li>
<li>2018, Muench et al: <a
href="http://www.eurecom.fr/en/publication/5417/download/sec-publi-5417.pdf">What
You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded
Devices</a></li>
<li>2017, OMeara et al: <a
href="https://resources.sei.cmu.edu/library/asset-view.cfm?assetid=509271">Embedded
Device Vulnerability Analysis Case Study Using Trommel</a></li>
<li>2017, Jacob et al: <a
href="https://eprint.iacr.org/2017/625.pdf">How to Break Secure Boot on
FPGA SoCs through Malicious Hardware</a></li>
<li>2017, Costin et al: <a
href="http://s3.eurecom.fr/docs/ifip17_costin.pdf">Towards Automated
Classification of Firmware Images and Identification of Embedded
Devices</a></li>
<li>2016, Kammerstetter et al: <a
href="https://www.thinkmind.org/download.php?articleid=securware_2016_2_10_30082">Embedded
Security Testing with Peripheral Device Caching and Runtime Program
State Approximation</a></li>
<li>2016, Chen et al: <a
href="https://www.dcddcc.com/docs/2016_paper_firmadyne.pdf">Towards
Automated Dynamic Analysis for Linux-based Embedded Firmware</a></li>
<li>2016, Costin et al: <a
href="http://s3.eurecom.fr/docs/asiaccs16_costin.pdf">Automated Dynamic
Firmware Analysis at Scale: A Case Study on Embedded Web
Interfaces</a></li>
<li>2015, Shoshitaishvili et al:<a
href="https://www.ndss-symposium.org/wp-content/uploads/2017/09/11_1_2.pdf">Firmalice
- Automatic Detection of Authentication Bypass Vulnerabilities in Binary
Firmware</a></li>
<li>2015, Papp et al: <a
href="http://www.cse.psu.edu/~pdm12/cse597g-f15/readings/cse597g-embedded_systems.pdf">Embedded
Systems Security: Threats, Vulnerabilities, and Attack Taxonomy</a></li>
<li>2014, Zaddach et al: <a
href="http://www.eurecom.fr/en/publication/4158/download/rs-publi-4158.pdf">Avatar:
A Framework to Support Dynamic Security Analysis of Embedded Systems
Firmwares</a></li>
<li>2014, Alimi et al: <a
href="http://ieeexplore.ieee.org/document/6903734/">Analysis of embedded
applications by evolutionary fuzzing</a></li>
<li>2014, Costin et al: <a
href="http://www.s3.eurecom.fr/docs/usenixsec14_costin.pdf">A
Large-Scale Analysis of the Security of Embedded Firmwares</a></li>
<li>2013, Davidson et al: <a
href="https://www.usenix.org/system/files/conference/usenixsecurity13/sec13-paper_davidson.pdf">FIE
on Firmware: Finding Vulnerabilities in Embedded Systems using Symbolic
Execution</a></li>
</ul>
<h2 id="case-studies">Case Studies</h2>
<!--lint ignore no-repeat-punctuation-->
<ul>
<li><a
href="https://cyber-itl.org/2019/08/26/iot-data-writeup.html">Binary
Hardening in IoT products</a></li>
<li><a
href="http://www.devttys0.com/2014/02/cracking-linksys-crypto/">Cracking
Linksys “Encryption”</a></li>
<li><a href="https://youtu.be/nXyglaY9N9w">Deadly Sins Of
Development</a> - Conference talk presenting several real world examples
on real bad implementations :tv:.</li>
<li><a
href="https://www.iotpentest.com/2019/06/dumping-firmware-from-device-using.html">Dumping
firmware from a devices SPI flash with a buspirate</a></li>
<li><a
href="http://www.devttys0.com/2014/05/hacking-the-dspw215-again/">Hacking
the DSP-W215, Again</a></li>
<li><a href="https://cturt.github.io/ps4.html">Hacking the PS4</a> -
Introduction to PS4s security.</li>
<li><a href="https://doi.org/10.5281/zenodo.1035034">IoT
Security@CERN</a></li>
<li><a
href="https://pierrekim.github.io/blog/2016-09-28-dlink-dwr-932b-lte-routers-vulnerabilities.html">Multiple
vulnerabilities found in the D-link DWR-932B</a></li>
<li><a
href="https://pierrekim.github.io/blog/2017-09-08-dlink-850l-mydlink-cloud-0days-vulnerabilities.html">Pwning
the Dlink 850L routers and abusing the MyDlink Cloud protocol</a></li>
<li><a
href="https://www.fkie.fraunhofer.de/content/dam/fkie/de/documents/xerox_phaser_6700_white_paper.pdf">PWN
Xerox Printers (…again)</a></li>
<li><a
href="https://www.bored-nerds.com/reversing/radare/automotive/2019/07/07/reversing-firmware-with-radare.html">Reversing
Firmware With Radare</a></li>
<li><a
href="http://jcjc-dev.com/2016/04/08/reversing-huawei-router-1-find-uart/">Reversing
the Huawei HG533</a></li>
</ul>
<h2 id="free-training">Free Training</h2>
<ul>
<li><a href="https://github.com/TrustworthyComputing/csaw_esc_2019">CSAW
Embedded Security Challenge 2019</a> - CSAW 2019 Embedded Security
Challenge (ESC).</li>
<li><a href="https://microcorruption.com">Embedded Security CTF</a> -
Microcorruption: Embedded Security CTF.</li>
<li><a
href="https://github.com/rdomanski/hardware_hacking/tree/master/my_talks/Hardware_Hacking_101">Hardware
Hacking 101</a> - Workshop @ BSides Munich 2019.</li>
<li><a href="https://github.com/scriptingxss/IoTGoat">IoTGoat</a> -
IoTGoat is a deliberately insecure firmware based on OpenWrt.</li>
<li><a href="https://github.com/Riscure/RHme-2015">Rhme-2015</a> - First
riscure Hack me hardware CTF challenge.</li>
<li><a href="https://github.com/Riscure/Rhme-2016">Rhme-2016</a> -
Riscure Hack me 2 is a low level hardware CTF challenge.</li>
<li><a href="https://github.com/Riscure/Rhme-2017">Rhme-2017/2018</a> -
Riscure Hack Me 3 embedded hardware CTF 2017-2018.</li>
</ul>
<h2 id="websites">Websites</h2>
<ul>
<li><a
href="http://hacking-printers.net/wiki/index.php/Main_Page">Hacking
Printers Wiki</a> - All things printer.</li>
<li><a
href="https://owasp.org/www-project-embedded-application-security/">OWASP
Embedded Application Security Project</a> - Development best practices
and list of hardware and software tools.</li>
<li><a href="https://owasp.org/www-project-internet-of-things/">OWASP
Internet of Things Project</a> - IoT common vulnerabilities and attack
surfaces.</li>
<li><a
href="https://192-168-1-1ip.mobi/default-router-passwords-list/">Router
Passwords</a> - Default login credential database sorted by
manufacturer.</li>
<li><a href="https://siliconpr0n.org/">Siliconpr0n</a> - A Wiki/Archive
of all things IC reversing.</li>
</ul>
<h3 id="blogs">Blogs</h3>
<!--lint ignore no-repeat-punctuation-->
<ul>
<li><a href="https://www.rtl-sdr.com/">RTL-SDR</a></li>
<li><a href="http://www.devttys0.com/blog/">/dev/ttyS0s Embedded Device
Hacking</a></li>
<li><a href="https://www.exploitee.rs/">Exploiteers</a></li>
<li><a href="https://hackaday.com">Hackaday</a></li>
<li><a href="https://jcjc-dev.com/">jcjcs Hack The World</a></li>
<li><a href="https://blog.quarkslab.com/">Quarkslab</a></li>
<li><a href="https://wrongbaud.github.io/">wrong baud</a></li>
<li><a href="https://firmwaresecurity.com/">Firmware Security</a></li>
<li><a
href="https://www.pentestpartners.com/internet-of-things/">PenTestPartners</a></li>
<li><a href="https://blog.attify.com/">Attify</a></li>
<li><a href="https://payatu.com/blog">Patayu</a></li>
<li><a
href="https://gracefulsecurity.com/category/hardware/">GracefulSecurity
- Hardware tag</a></li>
<li><a
href="https://www.blackhillsinfosec.com/tag/hardware-hacking/">Black
Hills - Hardware Hacking tag</a></li>
</ul>
<h3 id="tutorials-and-technical-background">Tutorials and Technical
Background</h3>
<ul>
<li><a href="https://azeria-labs.com/">Azeria Lab</a> - Miscellaneous
ARM related Tutorials.</li>
<li><a href="https://blog.senr.io/blog/jtag-explained#">JTAG
Explained</a> - A walkthrough covering UART and JTAG bypassing a
protected login shell.</li>
<li><a
href="http://www.devttys0.com/2012/11/reverse-engineering-serial-ports/">Reverse
Engineering Serial Ports</a> - Detailed tutorial about how to spot debug
pads on a PCB.</li>
<li><a href="https://www.mikroe.com/blog/uart-serial-communication">UART
explained</a> - An in depth explanation of the UART protocol.</li>
</ul>
<h3 id="youtube-channels">YouTube Channels</h3>
<ul>
<li><a href="https://www.youtube.com/c/FlashbackTeam">Flashback Team</a>
- A duo of hackers explaining their step by step approach to finding and
exploiting vulnerabilities in embedded devices.</li>
<li><a href="https://www.youtube.com/c/stacksmashing">StackSmashing</a>
- Reverse engineering and hardware hacking of embedded devices.</li>
</ul>
<h2 id="conferences">Conferences</h2>
<p>Conferences focused on embedded and/or IoT security.</p>
<ul>
<li><a href="https://hardwear.io/">Hardwear.io</a>
<ul>
<li>EU, The Hague, September.</li>
<li>USA, Santa Clara, June.</li>
</ul></li>
</ul>
<h2 id="contribute">Contribute</h2>
<p>Contributions welcome! Read the <a
href="contributing.md">contribution guidelines</a> first.</p>
<h2 id="license">License</h2>
<p><a href="https://creativecommons.org/publicdomain/zero/1.0/"><img
src="https://mirrors.creativecommons.org/presskit/buttons/88x31/svg/cc-zero.svg"
alt="CC0" /></a></p>
<p>To the extent possible under law, Fraunhofer FKIE has waived all
copyright and related or neighboring rights to this work.</p>
<p><a
href="https://github.com/fkie-cad/awesome-embedded-and-iot-security">embeddedandiotsecurity.md
Github</a></p>
Reference in New Issue View Git Blame Copy Permalink