Courses & TutorialsProgramming

Awesome Embedded and IoT Security – Massive Collection of Resources

A curated list of awesome resources about embedded and IoT security. The list contains software and hardware tools, books, research papers and more.

Botnets like Mirai have proven that there is a need for more security in embedded and IoT devices. This list shall help beginners and experts to find helpful resources on the topic.
If you are a beginner, you should have a look at the Books and Case Studies sections.
If you want to start right away with your own analysis, you should give the Analysis Frameworks a try.
They are easy to use and you do not need to be an expert to get first meaningful results.

Items marked with 💶 are comercial products.

Contents

Software Tools

Software tools for analyzing embedded/IoT devices and firmware.

Analysis Frameworks

  • EXPLIoT – Pentest framework like Metasploit but specialized for IoT.
  • FACT – The Firmware Analysis and Comparison Tool – Full-featured static analysis framework including extraction of firmware, analysis utilizing different plug-ins and comparison of different firmware versions.
  • FwAnalyzer – Analyze security of firmware based on customized rules. Intended as additional step in DevSecOps, similar to CI.
  • HAL – The Hardware Analyzer – A comprehensive reverse engineering and manipulation framework for gate-level netlists.
  • HomePWN – Swiss Army Knife for Pentesting of IoT Devices.
  • IoTSecFuzz – Framework for automatisation of IoT layers security analysis: hardware, software and communication.
  • Killerbee – Framework for Testing & Auditing ZigBee and IEEE 802.15.4 Networks.
  • PRET – Printer Exploitation Toolkit.
  • Routersploit – Framework dedicated to exploit embedded devices.

Analysis Tools

  • Binwalk – Searches a binary for “interesting” stuff, as well as extracts arbitrary files.
  • emba – Analyze Linux-based firmware of embedded devices.
  • Firmadyne – Tries to emulate and pentest a firmware.
  • Firmwalker – Searches extracted firmware images for interesting files and information.
  • Firmware Slap – Discovering vulnerabilities in firmware through concolic analysis and function clustering.
  • Ghidra – Software Reverse Engineering suite; handles arbitrary binaries, if you provide CPU architecture and endianness of the binary.
  • Radare2 – Software Reverse Engineering framework, also handles popular formats and arbitrary binaries, has an extensive command line toolset.
  • Trommel – Searches extracted firmware images for interesting files and information.

Extraction Tools

  • FACT Extractor – Detects container format automatically and executes the corresponding extraction tool.
  • Firmware Mod Kit – Extraction tools for several container formats.
  • The SRecord package – Collection of tools for manipulating EPROM files (can convert lots of binary formats).

Support Tools

  • JTAGenum – Add JTAG capabilities to an Arduino.
  • OpenOCD – Free and Open On-Chip Debugging, In-System Programming and Boundary-Scan Testing.

Misc Tools

  • Cotopaxi – Set of tools for security testing of Internet of Things devices using specific network IoT protocols.
  • dumpflash – Low-level NAND Flash dump and parsing utility.
  • flashrom – Tool for detecting, reading, writing, verifying and erasing flash chips.
  • Samsung Firmware Magic – Decrypt Samsung SSD firmware updates.

Hardware Tools

  • Bus Blaster – Detects and interacts with hardware debug ports like UART and JTAG.
  • Bus Pirate – Detects and interacts with hardware debug ports like UART and JTAG.
  • Shikra – Detects and interacts with hardware debug ports like UART and JTAG. Among other protocols.
  • JTAGULATOR – Detects JTAG Pinouts fast.
  • Saleae – Easy to use Logic Analyzer that support many protocols 💶.
  • Ikalogic – Alternative to Saleae logic analyzers 💶.
  • HydraBus – Open source multi-tool hardware similar to the BusPirate but with NFC capabilities.
  • ChipWhisperer – Detects Glitch/Side-channel attacks.
  • Glasgow – Tool for exploring and debugging different digital interfaces.
  • J-Link – J-Link offers USB powered JTAG debug probes for multiple different CPU cores 💶.

Bluetooth BLE Tools

  • UberTooth One – Open source 2.4 GHz wireless development platform suitable for Bluetooth experimentation.
  • Bluefruit LE Sniffer – Easy to use Bluetooth Low Energy sniffer.

ZigBee Tools

  • ApiMote – ZigBee security research hardware for learning about and evaluating the security of IEEE 802.15.4/ZigBee systems. Killerbee compatible.
  • Atmel RZUSBstick – Discontinued product. Lucky if you have one! – Tool for development, debugging and demonstration of a wide range of low power wireless applications including IEEE 802.15.4, 6LoWPAN, and ZigBee networks. Killerbee compatible.
  • Freakduino – Low Cost Battery Operated Wireless Arduino Board that can be turned into a IEEE 802.15.4 protocol sniffer.

SDR Tools

  • RTL-SDR – Cheapest SDR for beginners. It is a computer based radio scanner for receiving live radio signals frequencies from 500 kHz up to 1.75 GHz.
  • HackRF One – Software Defined Radio peripheral capable of transmission or reception of radio signals from 1 MHz to 6 GHz (half-duplex).
  • YardStick One – Half-duplex sub-1 GHz wireless transceiver.
  • LimeSDR – Software Defined Radio peripheral capable of transmission or reception of radio signals from 100 KHz to 3.8 GHz (full-duplex).
  • BladeRF 2.0 – Software Defined Radio peripheral capable of transmission or reception of radio signals from 47 MHz to 6 GHz (full-duplex).
  • USRP B Series – Software Defined Radio peripheral capable of transmission or reception of radio signals from 70 MHz to 6 GHz (full-duplex).

RFID NFC Tools

  • Proxmark 3 RDV4 – Powerful general purpose RFID tool. From Low Frequency (125kHz) to High Frequency (13.56MHz) tags.
  • ChamaleonMini – Programmable, portable tool for NFC security analysis.
  • HydraNFC – Powerful 13.56MHz RFID / NFC platform. Read / write / crack / sniff / emulate.

Books

Research Papers

Case Studies

Free Training

Websites

Blogs

Tutorials and Technical Background

Conferences

Conferences focused on embedded and/or IoT security.

  • Hardwear.io
    • EU, The Hague, September.
    • USA, Santa Clara, June.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button