IoTSecurity101/IoT-Pentest-devices-and-purpose

IoT Pentest Devices and Purpose

This document outlines the various tools and their purposes in IoT security testing for different protocols and technologies.

Table of Contents

Bluetooth
Zigbee
Z-Wave
WiFi
Hardware
SCA (Side Channel Attacks)
CAR
Radio

Bluetooth

Software Tools	Hardware Tools	Purpose
NRF Connect	NRFCONNECT - 52840	MiTM, Replay , Exploiting
All BLE tools except Ubertooth and NRF Connect	CSR 4.0	Sniffing, Replay, Scanning, Exploiting
Ubertooth Tools	Ubertooth	Sniffing, Replay, Scanning, Exploiting
All BLE tools except Ubertooth and NRF Connect tools	Sena 100	Sniffing, Replay, Scanning, Exploiting
Arduino	ESP32 - Development and learning Bluetooth	Development Device for practice
Wireshark	Enable Bluetooth adapter	Resources
...	...	...

Zigbee

Software Tools	Hardware Tools	Purpose
---	---	---
KillerBee	RzRaven Stick	MiTM, Sniffing and Replay
KillerBee	Open Sniffer	MiTM, Sniffing and Replay
KillerBee	ApiMote	MiTM, Sniffing and Replay
nRF5 SDK for Thread and Zigbee	NrfConnect 52840	Sniffing and Development of mesh networks
...	...	...

Z-Wave

Software Tools	Hardware Tools	Purpose
Software Tools	Hardware Tools	Purpose
EZ-Wave	2 No Hackrf — 1 no SDR	Evaluating and Exploiting Z-Wave Networks
Z-Attack	YardStickone	Z-Wave Packet Interception and Injection Tool
RFCrack	Yardstickone	(To be updated)
ZWaveSniffer	ComProbe BPA 500	Sniffing Z-Wave Packets
Z-Force	RfCat	Z-Wave command injection
Domoticz	Z-Wave Plus USB Stick	Home automation system often used for testing Z-Wave devices
OpenZWave	Z-Wave.Me	Library and utilities to support Z-Wave
...	...	...

WiFi

Software Tools	Hardware Tools	Purpose
Aircrack-ng	Alfa AWUS036NH	Cracking WEP/WPA/WPA2 encryption
Wireshark	Alfa AWUS1900	Packet Sniffing
Kismet	Panda PAU09	Network Detection and Sniffing
Reaver	TP-Link TL-WN722N	WPS Pin Cracking
Fern WiFi Cracker	Alfa-card	GUI for testing wireless security
Hostapd-wpe	Ralink RT5370	Rogue AP for Enterprise Network Attacks
Bettercap	Hak5 Pineapple	Man-in-the-Middle attacks
KRACK Attacks Scripts	Any compatible WiFi card	Exploiting WPA2 protocol vulnerabilities (Key Reinstallation Attacks)
FragAttacks Test Suite	Any compatible WiFi card	Exploiting fragmentation and aggregation vulnerabilities in WiFi
...	...	...

Hardware

Software Tools	Hardware Tools	Purpose
Binwalk	Bus Pirate	Firmware analysis, SPI, I2C, UART interfacing
Firmware Mod Kit	JTAGulator	Extracting and building firmware, JTAG pin identification
Ghidra	Shikra	Reverse engineering firmware, multiple interface support
Radare2	Teensy	Reverse engineering, USB-based attacks
Flashrom	CH341A Programmer	Flashing BIOS/EEPROM chips
OpenOCD	SEGGER J-Link	On-chip debugging
URJTAG	FTDI FT2232H	JTAG debugging
FaceDancer	FaceDancer21	USB emulation and attacks
Saleae Logic	Saleae Logic Analyzer	Signal capturing and analysis
...	...	...

SCA (Side Channel Attacks)

Software Tools	Hardware Tools	Purpose	Reference Links
ChipWhisperer Software	ChipWhisperer Capture	Power analysis side-channel attacks	ChipWhisperer
SideChannelMarvels/JeanGrey	Oscilloscope	Fault injection and side-channel analysis	JeanGrey
MATLAB/Simulink	Differential Probe	Data analysis and visualization	MATLAB
Inspector	EM Probe	Electromagnetic side-channel analysis	Inspector
Daredevil	Logic Analyzer	DPA (Differential Power Analysis)	Daredevil
TraceWrangler	EMFI Tool	Fault injection	TraceWrangler
SCADuino	Multimeter	Power measurement for side-channel analysis	SCADuino
TinyAES	SASEBO Board	AES attack experiments	TinyAES

| ... | ... | ... |

CAR

Software Tools	Hardware Tools	Purpose
CANoe	CANtact	CAN bus analysis and simulation
Wireshark	Carloop	Packet capture and analysis
OpenGarages's Vehicle Security Analyzer	OBD-II Adapter	Vehicle diagnostics and analysis
ICSim (Instrument Cluster Simulator)	Raspberry Pi with PiCAN Shield	Simulating car instrument clusters
UDSim	USB2CAN	ECU simulation and fuzz testing
Kayak	Comma.ai Panda	CAN bus monitoring and injection
J1939 Framework	J1939 to USB Adapter	J1939 protocol analysis
Metasploit Automotive Modules	HackRF	RF-based vulnerability assessment
Car Hacking Tools (CHT)	Intrepid Control Systems Hardware	Multi-network vehicle testing

Radio

Software Tools	Hardware Tools	Purpose
GQRX	HackRF	Spectrum analysis
Universal Radio Hacker	RTL-SDR	Signal demodulation and analysis
GNU Radio	BladeRF	Signal processing and manipulation
SDR# (SDRSharp)	USRP	Signal reception and visualization
SDRangel	LimeSDR	Multi-mode SDR transceiver application
RFcat	Yard Stick One	Sub-1GHz RF protocol analysis
osmo-fl2k	FL2000 dongle	Transmitting custom signals
WaveConverter	PlutoSDR	Signal decoding