Book Image

IoT Penetration Testing Cookbook

By : Aaron Guzman, Aditya Gupta
Book Image

IoT Penetration Testing Cookbook

By: Aaron Guzman, Aditya Gupta

Overview of this book

IoT is an upcoming trend in the IT industry today; there are a lot of IoT devices on the market, but there is a minimal understanding of how to safeguard them. If you are a security enthusiast or pentester, this book will help you understand how to exploit and secure IoT devices. This book follows a recipe-based approach, giving you practical experience in securing upcoming smart devices. It starts with practical recipes on how to analyze IoT device architectures and identify vulnerabilities. Then, it focuses on enhancing your pentesting skill set, teaching you how to exploit a vulnerable IoT device, along with identifying vulnerabilities in IoT device firmware. Next, this book teaches you how to secure embedded devices and exploit smart devices with hardware techniques. Moving forward, this book reveals advanced hardware pentesting techniques, along with software-defined, radio-based IoT pentesting with Zigbee and Z-Wave. Finally, this book also covers how to use new and unique pentesting techniques for different IoT devices, along with smart devices connected to the cloud. By the end of this book, you will have a fair understanding of how to use different pentesting techniques to exploit and secure various IoT devices.

Related Content you might be interested in

Current Title:

Small book image
IoT Penetration Testing Cookbook
Aaron Guzman | Aditya Gupta
Nov, 2017 | 452 pages
Small book image
Practical Internet of Things Security
Brian Russell | Drew Van Duren
Nov, 2018 | 382 pages
Small book image
Practical Hardware Pentesting
JeanGeorges Valle
Apr, 2021 | 382 pages
Small book image
Kali Linux Web Penetration Testing Cookbook
Gilberto NajeraGutierrez
Aug, 2018 | 404 pages
Table of Contents (19 chapters)
Title Page
Title Page
Credits
Credits
About the Authors
About the Authors
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Customer Feedback
Customer Feedback
Dedication
Dedication
Preface
Preface
Free Chapter
1
IoT Penetration Testing
IoT Penetration Testing
Introduction
Defining the IoT ecosystem and penetration testing life cycle
Firmware 101
Web applications in IoT
Mobile applications in IoT
Device basics
Introduction to IoT's wireless communications
Setting up an IoT pen testing lab
2
IoT Threat Modeling
IoT Threat Modeling
Introduction
Getting familiar with threat modeling concepts
Anatomy of threat modeling an IoT device
Threat modeling firmware
Threat modeling of an IoT web application
Threat modeling an IoT mobile application
Threat modeling IoT device hardware
Threat modeling IoT radio communication
3
Analyzing and Exploiting Firmware
Analyzing and Exploiting Firmware
Introduction
Defining firmware analysis methodology
Obtaining firmware
Analyzing firmware
Analyzing filesystem contents
Emulating firmware for dynamic analysis
Getting started with ARM and MIPS
Exploiting MIPS
Backdooring firmware with firmware-mod-kit (FMK)
4
Exploitation of Embedded Web Applications
Exploitation of Embedded Web Applications
Introduction
Getting started with web app security testing
Using Burp Suite
Using OWASP ZAP
Exploiting command injection
Exploiting XSS
Exploiting CSRF
5
Exploiting IoT Mobile Applications
Exploiting IoT Mobile Applications
Introduction
Acquiring IoT mobile applications
Decompiling Android applications
Decrypting iOS applications
Using MobSF for static analysis
Analyzing iOS data storage with idb
Analyzing Android data storage
Performing dynamic analysis testing
6
IoT Device Hacking
IoT Device Hacking
Introduction
Hardware exploitation versus software exploitation
Hardware hacking methodology
Hardware reconnaissance techniques
Electronics 101
Identifying buses and interfaces
Serial interfacing for embedded devices
NAND glitching
JTAG debugging and exploitation
7
Radio Hacking
Radio Hacking
Introduction
Getting familiar with SDR
Hands-on with SDR tools
Understanding and exploiting ZigBee
Gaining insight into Z-Wave
Understanding and exploiting BLE
8
Firmware Security Best Practices
Firmware Security Best Practices
Introduction
Preventing memory-corruption vulnerabilities
Preventing injection attacks
Securing firmware updates
Securing sensitive information
Hardening embedded frameworks
Securing third-party code and components
9
Mobile Security Best Practices
Mobile Security Best Practices
Introduction
Storing data securely
Implementing authentication controls
Securing data in transit
Securely using Android and iOS platform components
Securing third-party code and components
Employing reverse engineering protections
10
Securing Hardware
Securing Hardware
Introduction
Hardware best practices
Uncommon screw types
Antitamper and hardware protection mechanisms
Side channel attack protections
Exposed interfaces
Encrypting communication data and TPM
11
Advanced IoT Exploitation and Security Automation
Advanced IoT Exploitation and Security Automation
Introduction
Finding ROP gadgets
Chaining web security vulnerabilities
Configuring continuous integration testing for firmware
Configuring continuous integration testing for web applications
Configuring continuous integration testing for mobile applications

About the Authors

Aaron Guzman is a principal security consultant from the Los Angeles area with expertise in web app security, mobile app security, and embedded security. He has shared his security research at a number of worldwide conferences, including DEF CON, DerbyCon, AppSec EU, AppSec USA, HackFest, Security Fest, HackMiami, 44Con, and AusCERT as well as a number of regional BSides events. Furthermore, Aaron is a chapter leader for the Open Web Application Security Project (OWASP) Los Angeles chapter and the Cloud Security Alliance SoCal (CSA SoCal) chapter, and was previously the technical reviewer for Practical Internet of Things Security by Packt Publishing. He has contributed to many IoT security guidance publications from CSA, OWASP, PRPL, and a number of others. Aaron leads the OWASP Embedded Application Security project, providing practical guidance to address the most common firmware security bugs for the embedded and IoT community. Follow Aaron's latest research on Twitter at @scriptingxss.

A special thanks to the readers of this book; I hope the content is useful for IoT security research and penetration testing.

Aditya Gupta is the founder of Attify, and an IoT and mobile security researcher. He is also the creator of the popular training course Offensive IoT Exploitation, and the founder of the online store for hackers Attify-Store.

Gupta has also published security research papers, authored tools, and spoken numerous times at conferences such as BlackHat, DefCon, OWASP AppSec, ToorCon, and more.

In his previous roles, he has worked with various organizations helping to build their security infrastructure and internal automation tools, identify vulnerabilities in web and mobile applications, and lead security planning.

He can be reached out to on Twitter at @adi1391 and over email at [email protected].

I would like to thank my parents and sister for providing me with the support and motivation required to succeed in life, and making me curious enough to know "how things work," which led me to pursue a career I love day in, day out.

Last but not the least, thanks to all my colleagues at Attify - I am lucky to have the best pentesters, reverse engineers and problem solvers on my side - to make sure we break every IoT device possible. You guys are the best!

Previous Section
Next Chapter