IoT Resources

A list of resources for those interested in hardware, embedded, and IoT security.

Contents

• Community
• Books
• Training
• Certification
• Conferences
• How To's
• CTF's
• Blogs
• Tools

Community

Discord

• Hardware Hacking
• Assembly Language
• Reverse Engineering
• Exploitsecurity.io

Reddit

• /r/HardwareHacking
• /r/ReverseEngineering

Books

Hardware Hacking

• Microcontroller Exploits (2024) - Travis Goodspeed
• The Hardware Hacking Handbook: Breaking Embedded Security with Hardware Attacks (2021) - Jasper van Woudenberg, Colin O'Flynn
• Practical Hardware Pentesting: A guide to attacking embedded systems and protecting them against the most common hardware attacks (2021) - Jean-Georges Valle
• The Hacker's Hardware Toolkit: The best collection of hardware gadgets for Red Team hackers, Pentesters and security researchers (2019) - Yago Hansen
• Hardware Security: A Hands-on Learning Approach (2018) - Swarup Bhunia and Mark M. Tehranipoor
• Pentesting Hardware - A Practical Handbook (2018) - Mark Carney
• The Hardware Hacker: Adventures in Making and Breaking Hardware (2006) - Andrew "Bunny" Huang
• Hardware Hacking: Have Fun While Voiding Your Warranty (2004) - Joe Grand

Firmware

• Building Secure Firmware: Armoring the Foundation of the Platform (2020) Jiewen Yao and Vincent Zimmer
• The Firmware Handbook (2004) Jack Ganssle

Reverse Engineering

• Engineering Secure Devices (2024) - Dominik Merli

• Blue Fox: Arm Assembly Internals and Reverse Engineering (2023) - Maria Markstedter

• Reverse Engineering for Beginners (2023) - Dennis Yurichev

• Deciphering Schematics (2022) - Keng Tiong Ng

• Manual PCB-RE: The Essentials (2021) - Keng Tiong Ng

• The Ghidra Book: The Definitive Guide (2020) - Chris Eagle and Kara Nance

• PCB-RE: Real-World Examples (2019) - Keng Tiong Ng

• PCB-RE: Tools & Techniques (2017) - Keng Tiong Ng

• The Art of PCB Reverse Engineering (Standard Edition): Unravelling the Beauty of the Original Design (2015) - Keng Tiong Ng

• Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation (2014) - Bruce Dang, Alexandre Gazet, Elias Bachaalany

• IDA Pro Book (2011) - Chris Eagle

• Hacking the Xbox: An Introduction to Reverse Engineering (2003)- Andrew "Bunny" Huang

General IoT Security

• Practical IoT Hacking (2021) - Fotios Chantzis and Ioannis Stais
• IoT Hackers Handbook: An Ultimate Guide to Hacking the Internet of Things and Learning IoT Security (2019) - By Aditya Gupta
• Practical Internet of Things Security (2018) - Brian Russell and Drew Van Duren
• Internet of Things for Architects (2018) - Perry Lea (not a security/hacking book but it contains very useful IoT concepts)
• IoT Penetration Testing Cookbook (2017) - Aaron Guzman and Aditya Gupta
• Abusing the Internet of things: Blackouts, Freakouts, and Stakeouts (2015) - Nitesh Dhanjani

Car Hacking

• The Car Hackers Handbook: A Guide for the Penetration Tester (2016) - Craig Smith
• Illmatics - (ongoing) - Charlie Miller and Chris Valasek

Wireless / RF Security

• Hacking Internet of Things: Bluetooth Low Energy (2018) - Shashank Pandey
• Inside Radio: An Attack and Defense Guide (2018) - Qing Yang and Lin Huang
• Hacking Wireless Exposed: Wireless Security Secrets and Solutions (2015) - Joshua Wright and Johnny Cache
• The Hobbyist's Guide to the RTL-SDR: Really Cheap Software Defined Radio (2015) - Carl Laufer (not a security book but useful resources/tips regarding SDR)

Training/Certification

Training

• Gray Hat Academy - Includes online/self-paced options
• Attify - Includes online/self-paced options
• Toothless Consulting - Includes online/self-paced options
• SecuringHardware - Includes online/self-paced options
• Joe Grand
• HardwareSecurity
• Payatu - Includes online/self-paced options
• SANS
  • SEC556: IoT Penetration Testing - Includes online/self-paced options
  • SEC617: Wireless Penetration Testing and Ethical Hacking - Includes online/self-paced options
• TCM Beginner's Guide to IoT and Hardware Hacking - Includes online/self-paced options
• Advanced Security Training - Includes online/self-paced options
• EC-Council Hands-on IoT Pentesting - Includes online/self-paced options
• VoidStar Security
• Exploit Academy - Includes online/self-paced options
• We Hack in Disguise (WHID) - Includes online/self-paced options

Certification

• TCM Practical Junior IoT Tester (PJIT)
• GIAC Assessing and Auditing Wireless Networks (GAWN)
• WHID Certified Hardware Hacker (CH2)

Conferences (some of which also include training)

• Hardwear.io - Europe/USA - https://hardwear.io/
• Recon.cx - Montreal/Brussels - https://recon.cx/
• ASHES Workshop - USA - http://ashesworkshop.org/

How To's

General

• Porticullis Labs - Hardware hacking: How to train a team - https://labs.portcullis.co.uk/blog/hardware-hacking-how-to-train-a-team/
• EEV Blog - https://www.eevblog.com/
• LiveOverflow - https://liveoverflow.com/

Reverse Engineering

• Practical reverse engineering - https://jcjc-dev.com/2016/04/08/reversing-huawei-router-1-find-uart/

Hardware debug ports

• JTAG explained - https://blog.senr.io/blog/jtag-explained
• UART Thou Mad? - https://media.blackhat.com/us-13/US-13-Kohlenberg-UART-Thou-Mad-WP.pdf

USB

• USB Reverse Engineering: Down the rabbit hole - https://www.devalias.net/devalias/2018/05/13/usb-reverse-engineering-down-the-rabbit-hole/

CTF's

• TrustworthyComputing CSAW Embedded Security Challenge (2019 - Present) (Students only)
• Exploit This
• Hack The Silicon Hack@DAC (2018 - Present)
• Hardwear.io CTF
• Mitre Embedded Capture the Flag (eCTF) (Students only)
• Microcorruption Embeddeed Security CTF

RHme

• RHme3 Pre-qual writeup RHme3 Binaries, writeups, DIY board
• RHme2 Binaries, writeups, DIY board
• RHme1 Binaries, writeups, DIY board

Ph0wn

• Ph0wn 2018 - Present
• Ph0wn 2017
  • 2017 writeups and pictures

Hackgnar

• BLE CTF
• BLE CTF Infinity

Blogs

• Exploitee - List of several IoT Devices hacked by Exploitee.rs team.
• PenTestPartners - IoT Security Blog
• Firmware Security - News/info mostly on firmware security
• Attify - IoT Security Blog
• Independent Security Evaluators - IoT Security Research Blog

Tools

Bluetooth/BLE

• UberTooth One - https://greatscottgadgets.com/ubertoothone/
• Bluefruit LE Sniffer - https://www.adafruit.com/product/2269
• General Purpose BT/BLE dongles

ZigBee

• ApiMote - http://apimote.com/
• Atmel RZUSBstick - Discontinued product (Lucky if you have one!)

SDR

• HackRF One - https://greatscottgadgets.com/hackrf/
• YardStick One - https://greatscottgadgets.com/yardstickone/
• LimeSDR - https://www.crowdsupply.com/lime-micro/limesdr
• BladeRF - https://www.nuand.com/product/bladerf-xa4/
• USRP - https://www.ettus.com/product

Hardware Hacking

• Chipwhisperer - http://newae.com/tools/chipwhisperer/
• Bus Pirate - http://dangerousprototypes.com/docs/Bus_Pirate
• Attify Badge - https://www.attify-store.com/products/attify-badge-assess-security-of-iot-devices
• Shikra - https://int3.cc/products/the-shikra
• FaceDancer - https://int3.cc/collections/frontpage/products/facedancer21
• JTAGulator - http://www.grandideastudio.com/jtagulator/
• HydraBus - https://hydrabus.com/hydrabus-1-0-specifications/
• GoodFET - http://goodfet.sourceforge.net/
• Logic Analyzer - https://www.saleae.com/ or https://www.dreamsourcelab.com/product/dslogic-plus/
• Raspberry Pi, Arduino...

RFID/NFC

• Proxmark 3 - https://proxmark.com/
• ChameleonMini - https://github.com/emsec/ChameleonMini/wiki
• HydraNFC - https://hydrabus.com/hydranfc-1-0-specifications/