.webp)
Botnets like Mirai have proven that there is a need for more security in embedded and IoT devices. This list shall help beginners and experts to find helpful resources on the topic.
If you are a beginner, you should have a look at the Books and Case Studies sections.
If you want to start right away with your own analysis, you should give the Analysis Frameworks a try.
They are easy to use and you do not need to be an expert to get first meaningful results.
Items marked with are comercial products.
Contents
- Software Tools
- Analysis Frameworks
- Analysis Tools
- Extraction Tools
- Support Tools
- Misc Tools
- Hardware Tools
- Bluetooth BLE Tools
- ZigBee Tools
- SDR Tools
- RFID NFC Tools
- Books
- Research Papers
- Case Studies
- Free Training
- Websites
- Blogs
- Tutorials and Technical Background
- YouTube Channels
- Conferences
- Contribute
- License
Software Tools
Software tools for analyzing embedded/IoT devices and firmware.
Analysis Frameworks
- EXPLIoT – Pentest framework like Metasploit but specialized for IoT.
- FACT – The Firmware Analysis and Comparison Tool – Full-featured static analysis framework including extraction of firmware, analysis utilizing different plug-ins and comparison of different firmware versions.
- Improving your firmware security analysis process with FACT – Conference talk about FACT ????.
- FwAnalyzer – Analyze security of firmware based on customized rules. Intended as additional step in DevSecOps, similar to CI.
- HAL – The Hardware Analyzer – A comprehensive reverse engineering and manipulation framework for gate-level netlists.
- HomePWN – Swiss Army Knife for Pentesting of IoT Devices.
- IoTSecFuzz – Framework for automatisation of IoT layers security analysis: hardware, software and communication.
- Killerbee – Framework for Testing & Auditing ZigBee and IEEE 802.15.4 Networks.
- PRET – Printer Exploitation Toolkit.
- Routersploit – Framework dedicated to exploit embedded devices.
For more information click here.