Pinned Repositories
IoTGoat
IoTGoat is a deliberately insecure firmware created to educate software developers and security professionals with testing commonly found vulnerabilities in IoT devices.
owasp-istg
The IoT Security Testing Guide (ISTG) provides a comprehensive methodology for penetration tests in the IoT field, offering flexibility to adapt innovations, and developments in the IoT market while still ensuring comparability of test results.
www-project-iot-security-testing-guide
OWASP IoT Security Testing Guide site repository
embeddedappsec
Embedded AppSec Best Practices
EmbedOS
EmbedOS - Embedded security testing virtual machine
firmwalker
Script for searching the extracted firmware file system for goodies!
IoTGoat
IoTGoat is a deliberately insecure firmware based on OpenWrt.
owasp-fstm
The Firmware Security Testing Methodology (FSTM) is composed of nine stages tailored to enable security researchers, software developers, consultants, and Information Security professionals with conducting firmware security assessments.
OWASP-IoT-Top-10-2018-Mapping
OWASP IoT Top 10 2018 Mapping Project
ubi_reader
Collection of Python scripts for reading information about and extracting data from UBI and UBIFS images.
scriptingxss's Repositories
scriptingxss/ASVS
Application Security Verification Standard
scriptingxss/binaries
Cross Compiled Binaries
scriptingxss/BlueCrawl
Frida (Android) Script for extracting bluetooth information
scriptingxss/dns-rebind-toolkit
A front-end JavaScript toolkit for creating DNS rebinding attacks.
scriptingxss/IDAPythonEmbeddedToolkit
IDA Python Embedded Toolkit -- IDAPython scripts for automating analysis of firmware of embedded devices
scriptingxss/jtagsploitation
scripts and examples for using JTAG debug tools to gain root access
scriptingxss/keyfinder
A tool for finding and analyzing private (and public) key files, including support for Android APK files.
scriptingxss/PentestHardware
Kinda useful notes collated together publicly
scriptingxss/qbot
Qbot Botnet. Telnet botnet, most powerfull and strong botnet. requirements: 2 linux server.
scriptingxss/EZ-Wave
Tools for Evaluating and Exploiting Z-Wave Networks using Software-Defined Radios.
scriptingxss/FACT_core
Firmware Analysis and Comparison Tool
scriptingxss/firmware-arsenal
Tools and scripts for firmware reverse engeneering
scriptingxss/iOSTesting
scriptingxss/iot-malware
Malware source code samples leaked online uploaded to GitHub for those who want to analyze the code
scriptingxss/IoT_resources
This is a list of resources for those interested in hardware/IoT security.
scriptingxss/killerbee
IEEE 802.15.4/ZigBee Security Research Toolkit
scriptingxss/krackattacks-scripts
scriptingxss/LibScanner
RPM/SWID vulnerability scanner
scriptingxss/linux-exploit-suggester
Linux privilege escalation auditing tool
scriptingxss/Mirai-Source-Code
Leaked Mirai Source Code for Research/IoC Development Purposes
scriptingxss/mod_plaintext.py
AKA "Internet Chemotherapy"
scriptingxss/QNXSecurity
QNX and BB10 Security Tools
scriptingxss/subaru_starlink_research
Subaru StarLink persistent root code execution.
scriptingxss/testing
scriptingxss/ubidump
Tool for viewing and extracting files from an UBIFS image
scriptingxss/Z-Attack
Z-Wave Packet Interception and Injection Tool