Book Image

Intro to IoT Pentesting [Video]

By : ACI Learning, Daniel Lowrie, Sophie Goodwin
Book Image

Intro to IoT Pentesting [Video]

By: ACI Learning, Daniel Lowrie, Sophie Goodwin

Overview of this book

The course begins by introducing you to the world of IoT and its significance in today's tech-driven society, emphasizing the importance of security in this interconnected environment. It covers the spectrum of IoT targets and the necessity of robust security measures to protect them. The course focuses on practical skills, including the use of hardware components like multimeters, TTL to USB, and JTAGulators, as well as software tools such as terminal emulators, Binwalk, and QEMU. You will learn about firmware analysis, including acquisition, extraction, and emulation, alongside techniques for exploiting embedded operating systems, network services, and IoT web applications. The course wraps up by guiding you through hands-on practices for identifying hardware vulnerabilities, automating UART pin identification, and gaining device access, ensuring you have the knowledge to perform comprehensive pentests on IoT devices.
Table of Contents (6 chapters)
Chapter 4
Exploiting Vulnerabilities
Content Locked
Section 2
Exploiting Network Services
One of the main shortcomings of IoT development is that of sparse resources. This can lead developers to use whatever works within their constraints without regard to security. This also applies to network service applications like ftp, http, and others. In this episode, we will attempt to use standard pentesting tools and techniques to discover and exploit vulnerabilities in network services of IoT devices.