Awesome Embedded And IoT Security – Key Tools And Insights

Botnets like Mirai have proven that there is a need for more security in embedded and IoT devices. This list shall help beginners and experts to find helpful resources on the topic.

If you are a beginner, you should have a look at the Books and Case Studies sections.

If you want to start right away with your own analysis, you should give the Analysis Frameworks a try.

They are easy to use and you do not need to be an expert to get first meaningful results.

Contents

• Software Tools
  • Analysis Frameworks
  • Analysis Tools
  • Extraction Tools
  • Support Tools
  • Misc Tools
• Hardware Tools
  • Bluetooth BLE Tools
  • ZigBee Tools
  • SDR Tools
  • RFID NFC Tools
• Books
• Research Papers
• Case Studies
• Free Training
• Websites
  • Blogs
  • Tutorials and Technical Background
  • YouTube Channels
• Conferences
• Contribute
• License

Software Tools

Software tools for analyzing embedded/IoT devices and firmware.

Analysis Frameworks

• EXPLIoT – Pentest framework like Metasploit but specialized for IoT.
• FACT – The Firmware Analysis and Comparison Tool – Full-featured static analysis framework including extraction of firmware, analysis utilizing different plug-ins and comparison of different firmware versions.
  • Improving your firmware security analysis process with FACT – Conference talk about FACT ????.
• FwAnalyzer – Analyze security of firmware based on customized rules. Intended as additional step in DevSecOps, similar to CI.
• HAL – The Hardware Analyzer – A comprehensive reverse engineering and manipulation framework for gate-level netlists.
• HomePWN – Swiss Army Knife for Pentesting of IoT Devices.
• IoTSecFuzz – Framework for automatisation of IoT layers security analysis: hardware, software and communication.
• Killerbee – Framework for Testing & Auditing ZigBee and IEEE 802.15.4 Networks.
• PRET – Printer Exploitation Toolkit.
• Routersploit – Framework dedicated to exploit embedded devices.

For more information click here.