Once we have the firmware with us, the main step now is to analyze the firmware. This involves looking inside the firmware and trying to identify as many security issues possible, which is what we will be doing in this section.
In this section, we will understand how to analyze firmware once we have access to the firmware binary package. There exist several different techniques in which we can look at firmware and identify security issues in it and we will be covering how to get started and identifying some common security issues in this section.
As mentioned earlier, firmware holds many interesting things for a pen tester, including API keys, private certificates, hardcoded credentials, backdoors, and more.