IoT 101 – A Detailed Learning Map

iot 101
IoT pentesting

this blog is largely forked from GitHub iot-security101 . We would like to thank the creator for creating this awesome blog

Approach Methodology

1. Network
2. Web (Front & Backend and Web services)
3. Mobile App (Android & iOS)
4. Wireless Connectivity (Zigbee , WiFi , Bluetooth , etc)
5. Firmware Pentesting (OS of IoT Devices)
6. Hardware Hacking & Fault Injections & SCA Attacks
7. Storage Medium
8. I/O Ports

To seen Hacked devices


Chat groups for IoT Security


Books For IoT Pentesting


Blogs for iotpentest

  1. https://payatu.com/blog/
  2. http://jcjc-dev.com/
  3. https://w00tsec.blogspot.in/
  4. http://www.devttys0.com/
  5. https://www.rtl-sdr.com/
  6. https://keenlab.tencent.com/en/
  7. https://courk.cc/
  8. https://iotsecuritywiki.com/
  9. https://cybergibbons.com/
  10. http://firmware.re/
  11. https://iotmyway.wordpress.com/
  12. http://blog.k3170makan.com/
  13. https://blog.tclaverie.eu/
  14. http://blog.besimaltinok.com/category/iot-pentest/
  15. https://ctrlu.net/
  16. http://iotpentest.com/
  17. https://blog.attify.com
  18. https://duo.com/decipher/
  19. http://www.sp3ctr3.me
  20. http://blog.0x42424242.in/
  21. https://dantheiotman.com/
  22. https://blog.danman.eu/
  23. https://quentinkaiser.be/
  24. https://blog.quarkslab.com
  25. https://blog.ice9.us/
  26. https://labs.f-secure.com/
  27. https://mg.lol/blog/
  28. https://cjhackerz.net/
  29. https://github.com/sponsors/bunnie/

Awesome CheatSheets


Search Engines for IoT Openly devices


CTF For IoT’s And Embeddded

  • https://github.com/hackgnar/ble_ctf
  • https://www.microcorruption.com/
  • https://github.com/Riscure/Rhme-2016
  • https://github.com/Riscure/Rhme-2017
  • https://blog.exploitlab.net/2018/01/dvar-damn-vulnerable-arm-router.html
  • https://github.com/scriptingxss/IoTGoat

YouTube Channels for IoT Pentesting


Vehicle Security Resources

  • https://github.com/jaredthecoder/awesome-vehicle-security

IoT Vulnerabilites Checking Guides


IoT Gateway Software


IoT Pentesting OSes


Exploitation Tools


Reverse Engineering Tools


Introduction


IoT Web and message services

MQTT

Softwares

CoAP


Automobile

CanBus


Radio IoT Protocols Overview


Base transceiver station (BTS


GSM & SS7 Pentesting


Zigbee & Zwave


BLE Intro and SW & HW Tools to pentest

BLE Pentesting Tutorials


Mobile security (Android & iOS)


Online Assemblers


ARM


Pentesting Firmwares and emulating and analyzing


Firmware samples to pentest


IoT hardware Overview


Hardware Gadgets to pentest


Attacking Hardware Interfaces


UART


JTAG


SideChannel Attacks


Awesome IoT Pentesting Guides


Vulnerable IoT and Hardware Applications

  • IoT Goat : https://github.com/scriptingxss/IoTGoat
  • IoT : https://github.com/Vulcainreo/DVID
  • Safe : https://insinuator.net/2016/01/damn-vulnerable-safe/
  • Router : https://github.com/praetorian-code/DVRF
  • SCADA : https://www.slideshare.net/phdays/damn-vulnerable-chemical-process
  • PI : https://whitedome.com.au/re4son/sticky-fingers-dv-pi/
  • SS7 Network: https://www.blackhat.com/asia-17/arsenal.html#damn-vulnerable-ss7-network
  • VoIP : https://www.vulnhub.com/entry/hacklab-vulnvoip,40/

follow the people

Leave a Reply

Your email address will not be published. Required fields are marked *