Book Image

Intro to IoT Pentesting [Video]

By : ACI Learning, Daniel Lowrie, Sophie Goodwin
Book Image

Intro to IoT Pentesting [Video]

By: ACI Learning, Daniel Lowrie, Sophie Goodwin

Overview of this book

The course begins by introducing you to the world of IoT and its significance in today's tech-driven society, emphasizing the importance of security in this interconnected environment. It covers the spectrum of IoT targets and the necessity of robust security measures to protect them. The course focuses on practical skills, including the use of hardware components like multimeters, TTL to USB, and JTAGulators, as well as software tools such as terminal emulators, Binwalk, and QEMU. You will learn about firmware analysis, including acquisition, extraction, and emulation, alongside techniques for exploiting embedded operating systems, network services, and IoT web applications. The course wraps up by guiding you through hands-on practices for identifying hardware vulnerabilities, automating UART pin identification, and gaining device access, ensuring you have the knowledge to perform comprehensive pentests on IoT devices.
Table of Contents (6 chapters)
Chapter 4
Exploiting Vulnerabilities
Content Locked
Section 3
Exploiting IoT Web Apps
Many IoT devices utilize custom web applications to facilitate device administration. In this episode, we will discuss IoT web applications as an attack vector and then we will attempt to exploit a common web app vulnerability for command execution against an IoT target.