Pinned Repositories
IoTGoat
IoTGoat is a deliberately insecure firmware created to educate software developers and security professionals with testing commonly found vulnerabilities in IoT devices.
owasp-istg
The IoT Security Testing Guide (ISTG) provides a comprehensive methodology for penetration tests in the IoT field, offering flexibility to adapt innovations, and developments in the IoT market while still ensuring comparability of test results.
www-project-iot-security-testing-guide
OWASP IoT Security Testing Guide site repository
embeddedappsec
Embedded AppSec Best Practices
EmbedOS
EmbedOS - Embedded security testing virtual machine
firmwalker
Script for searching the extracted firmware file system for goodies!
IoTGoat
IoTGoat is a deliberately insecure firmware based on OpenWrt.
owasp-fstm
The Firmware Security Testing Methodology (FSTM) is composed of nine stages tailored to enable security researchers, software developers, consultants, and Information Security professionals with conducting firmware security assessments.
OWASP-IoT-Top-10-2018-Mapping
OWASP IoT Top 10 2018 Mapping Project
ubi_reader
Collection of Python scripts for reading information about and extracting data from UBI and UBIFS images.
scriptingxss's Repositories
scriptingxss/owasp-fstm
The Firmware Security Testing Methodology (FSTM) is composed of nine stages tailored to enable security researchers, software developers, consultants, and Information Security professionals with conducting firmware security assessments.
scriptingxss/IoTGoat
IoTGoat is a deliberately insecure firmware based on OpenWrt.
scriptingxss/EmbedOS
EmbedOS - Embedded security testing virtual machine
scriptingxss/embeddedappsec
Embedded AppSec Best Practices
scriptingxss/firmwalker
Script for searching the extracted firmware file system for goodies!
scriptingxss/OWASP-IoT-Top-10-2018-Mapping
OWASP IoT Top 10 2018 Mapping Project
scriptingxss/ubi_reader
Collection of Python scripts for reading information about and extracting data from UBI and UBIFS images.
scriptingxss/GPCamera
GoPro
scriptingxss/IoT-Top10
IoT Top 10 Document Repository
scriptingxss/owasp-mstg
The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security development, testing and reverse engineering.
scriptingxss/ROPgadget
This tool lets you search your gadgets on your binaries to facilitate your ROP exploitation. ROPgadget supports ELF, PE and Mach-O format on x86, x64, ARM, ARM64, PowerPC, SPARC and MIPS architectures.
scriptingxss/armx
ARM-X Firmware Emulation Framework
scriptingxss/awesome-embedded-and-iot-security
A curated list of awesome embedded and IoT security resources.
scriptingxss/dragonslayer
scriptingxss/fwanalyzer
a tool to analyze filesystem images
scriptingxss/iot-inspector-client
IoT Inspector Client
scriptingxss/IoT-Security-Verification-Standard-ISVS
OWASP IoT Security Verification Standard (ISVS)
scriptingxss/jtd-remote
Example of Just the Docs as a remote theme
scriptingxss/OHSTM
Open Hardware Security Testing Methodology
scriptingxss/openwrt-examples
Examples for creating OpenWrt programs&packages.
scriptingxss/owasp-masvs
The Mobile Application Security Verification Standard (MASVS) is a standard for mobile app security.
scriptingxss/PASTA1.0
PASTA: Portable Automotive Security Testbed with Adaptability
scriptingxss/pupy
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
scriptingxss/qira
QEMU Interactive Runtime Analyser
scriptingxss/r00kie-kr00kie
PoC exploit for the CVE-2019-15126 kr00k vulnerability
scriptingxss/s3enum
Fast Amazon S3 bucket enumeration tool for pentesters.
scriptingxss/ScoutSuite
Multi-Cloud Security Auditing Tool
scriptingxss/securekubernetes
Attacking and Defending Kubernetes Clusters: A Guided Tour
scriptingxss/Software-Component-Verification-Standard
Software Component Verification Standard (SCVS)
scriptingxss/The-Hackers-Hardware-Toolkit
The best hacker's gadgets for Red Team pentesters and security researchers.