IoT Penetration Testing Cookbook
This is the code repository for IoT Penetration Testing Cookbook, published by Packt. It contains all the supporting project files necessary to work through the book from start to finish.
About the Book
This book follows a recipe-based approach, giving you practical experience in securing upcoming smart devices. It starts with practical recipes on how to analyze IoT device architectures and identify vulnerabilities. Then, it focuses on enhancing your pentesting skill set, teaching you how to exploit a vulnerable IoT device, along with identifying vulnerabilities in IoT device firmware. Next, this book teaches you how to secure embedded devices and exploit smart devices with hardware techniques. Moving forward, this book reveals advanced hardware pentesting techniques, along with software-defined, radio-based IoT pentesting with Zigbee and Z-Wave. Finally, this book also covers how to use new and unique pentesting techniques for different IoT devices, along with smart devices connected to the cloud.
Instructions and Navigation
All of the code is organized into folders. Each folder starts with a number followed by the application name. For example, Chapter02.
Chapter 1,2,10 does not contain any code files.
The code will look like the following:
<Contextpath="/jira"docBase="${catalina.home}
/atlassian- jira" reloadable="false" useHttpOnly="true">
Following are the software requirements for this book:
- Microsoft Threat Modeling Tool 2016
- Binwalk, Firmadyne, Firmwalker, Angr (optional), Firmware-mod-toolkit, Firmware analysis toolkit, GDB, Radare2 (optional), Binary Analysis Tool (BAT), Qemu, IDA Pro (optional)
- Burp Suite, OWASP ZAP
- Mobile Security Framework (MobSF), Idb, SQLite Browser 3.10.1, Cydia, openURL, dumpdecrypted, ipainstaller, SSL Kill Switch 2, Clutch2, Cycript, JD-GUI, Hopper 8 RTL-SDR
- Node security project (Nsp), Retirejs, Dependency-check, flawfinder, Jenkins 2.60.3
Following are the hardware requirements for this book:
- Attify Badge (alternatively, a combination of C232HM-DDHSL-0 cable and Adafruit FTDI Breakout), Salae Logic Sniffer (8-Channel), RzRaven USB Stick flashed with KillerBee framework, JTAGulator, Xbee with Xbee Shield, Ubertooth, BLE adapter