IoT penetration testing cookbook : identify vulnerabilities and secure your smart devices. / Aaron Guzman, Aditya Gupta.

Format:

Book

Author/Creator:

Guzman, Aaron, author.

Gupta, Aditya, author.

Language:

English

Subjects (All):

Computer security.

Internet of things.

Physical Description:

1 online resource (452 pages) : illustrations

Edition:

1st edition

Other Title:

Internet of Things penetration testing cookbook

Place of Publication:

Birmingham, England ; Mumbai, [India] : Packt Publishing, 2017.

System Details:

text file

Biography/History:

Gupta Aditya: Aditya Gupta is the founder of Attify, and an IoT and mobile security researcher. He is also the creator of the popular training course Offensive IoT Exploitation, and the founder of the online store for hackers Attify-Store. Gupta has also published security research papers, authored tools, and spoken numerous times at conferences such as BlackHat, DefCon, OWASP AppSec, ToorCon, and more. In his previous roles, he has worked with various organizations helping to build their security infrastructure and internal automation tools, identify vulnerabilities in web and mobile applications, and lead security planning. He can be reached out to on Twitter at @adi1391 and over email at adityag@attify. com.

Summary:

Over 80 recipes to master IoT security techniques. About This Book Identify vulnerabilities in IoT device architectures and firmware using software and hardware pentesting techniques Understand radio communication analysis with concepts such as sniffing the air and capturing radio signals A recipe based guide that will teach you to pentest new and unique set of IoT devices. Who This Book Is For This book targets IoT developers, IoT enthusiasts, pentesters, and security professionals who are interested in learning about IoT security. Prior knowledge of basic pentesting would be beneficial. What You Will Learn Set up an IoT pentesting lab Explore various threat modeling concepts Exhibit the ability to analyze and exploit firmware vulnerabilities Demonstrate the automation of application binary analysis for iOS and Android using MobSF Set up a Burp Suite and use it for web app testing Identify UART and JTAG pinouts, solder headers, and hardware debugging Get solutions to common wireless protocols Explore the mobile security and firmware best practices Master various advanced IoT exploitation techniques and security automation In Detail IoT is an upcoming trend in the IT industry today; there are a lot of IoT devices on the market, but there is a minimal understanding of how to safeguard them. If you are a security enthusiast or pentester, this book will help you understand how to exploit and secure IoT devices. This book follows a recipe-based approach, giving you practical experience in securing upcoming smart devices. It starts with practical recipes on how to analyze IoT device architectures and identify vulnerabilities. Then, it focuses on enhancing your pentesting skill set, teaching you how to exploit a vulnerable IoT device, along with identifying vulnerabilities in IoT device firmware. Next, this book teaches you how to secure embedded devices and exploit smart devices with hardware techniques. Moving forward, this book reveals advanced hardware pentesting techniques, along with software-defined, radio-based IoT pentesting with Zigbee and Z-Wave. Finally, this book also covers how to use new and unique pentesting techniques for different IoT devices, along with smart devices connected to the cloud. By the end of this book, you will have a fair understanding of how to use different pentesting techniques to exploit and secure various IoT devices. Style and approach This recipe-based book will teach you how to use advanced IoT exploitation a...

Contents:

Cover

Copyright

Credits

About the Authors

About the Reviewers

www.PacktPub.com

Customer Feedback

Dedication

Table of Contents

Preface

Chapter 1: IoT Penetration Testing

Introduction

Defining the IoT ecosystem and penetration testing life cycle

Penetration testing approaches

Black box

White box

Grey box

Firmware 101

Digging deeper into firmware

Development supply chain of firmware

Web applications in IoT

Web communication

Mobile applications in IoT

Hybrid

Native applications

Device basics

Hardware inputs

Introduction to IoT's wireless communications

Wi-Fi

ZigBee

Z-Wave

Bluetooth

Setting up an IoT pen testing lab

Software tool requirements

Firmware software tools

Web application software tools

Mobile application software tools

Android

iOS

Hardware analysis tool requirements

Hardware tools

Hardware analysis software

Radio analysis tool requirements

Radio analysis hardware

Radio analysis software

Chapter 2: IoT Threat Modeling

Getting familiar with threat modeling concepts

Getting ready

How to do it...

Anatomy of threat modeling an IoT device

Step 1 - identifying the assets

Step 2 - creating an IoT device architecture overview

Step 3 - decomposing the IoT device

Step 4 - identifying threats

Step 5 - documenting threats

Threat #1

Threat #2

Threat #3

Step 6 - rating the threats

Threat modeling firmware

Steps 2 and 3 - creating an architecture overview and decomposition

Threat modeling of an IoT web application

How to do it.

Step 1 :Creating an architecture overview and decomposition

Step 2: Identifying threats

Step 3 :Documenting threats

Step 4 : Rating the threats

Threat modeling an IoT mobile application

Step 1: Creating an architecture overview and decomposition

Step 3: Documenting threats

Step 4: Rating the threats

Threat modeling IoT device hardware

Threat modeling IoT radio communication

Chapter 3: Analyzing and Exploiting Firmware

Defining firmware analysis methodology

Obtaining firmware

Downloading from the vendor's website

Proxying or mirroring traffic during device updates

Dumping firmware directly from the device

Googling

How it works...

Analyzing firmware

There's more...

See also

Analyzing filesystem contents

Manual analysis

Automated tools and scripts

Emulating firmware for dynamic analysis

Getting started with ARM and MIPS

Getting Ready

Exploiting MIPS

There's more.

Backdooring firmware with firmware-mod-kit (FMK)

Chapter 4: Exploitation of Embedded Web Applications

Getting started with web app security testing

Web penetration testing methodologies

Choosing your testing tools

Using Burp Suite

Useful intruder payloads

Using OWASP ZAP

Exploiting command injection

Exploiting XSS

Introduction to using BeEF XSS payloads

Basic usage of BeEF when hooking a victim

Proxying traffic through a victim's browser

Exploiting CSRF

Chapter 5: Exploiting IoT Mobile Applications

Acquiring IoT mobile applications

Decompiling Android applications

Decrypting iOS applications

Using MobSF for static analysis

Android static analysis

iOS static analysis

Analyzing iOS data storage with idb

Analyzing Android data storage

Performing dynamic analysis testing

Chapter 6: IoT Device Hacking

Hardware exploitation versus software exploitation

Hardware hacking methodology

Information gathering and recon

External and internal analysis of the device

Identifying communication interfaces.

Acquiring data using hardware communication techniques

Software exploitation using hardware exploitation methods

Hardware reconnaissance techniques

Opening the device

Looking at various chips present

Electronics 101

Resistor

Voltage

Current

Capacitor

Transistor

Memory types

Serial and parallel communication

Identifying buses and interfaces

UART identification

SPI and I2C identification

JTAG identification

Serial interfacing for embedded devices

NAND glitching

JTAG debugging and exploitation

Chapter 7: Radio Hacking

Getting familiar with SDR

Key terminologies in radio

Hands-on with SDR tools

Analyzing FM

RTL-SDR for GSM analysis

Working with GNU Radio

Understanding and exploiting ZigBee

Gaining insight into Z-Wave

Understanding and exploiting BLE

Chapter 8: Firmware Security Best Practices

Preventing memory-corruption vulnerabilities

Preventing injection attacks

Securing firmware updates

Securing sensitive information

Hardening embedded frameworks

Securing third-party code and components

Chapter 9: Mobile Security Best Practices

Storing data securely

Implementing authentication controls.

How to do it...

Securing data in transit

Securely using Android and iOS platform components

Employing reverse engineering protections

Chapter 10 : Securing Hardware

Hardware best practices

Uncommon screw types

Antitamper and hardware protection mechanisms

Side channel attack protections

Exposed interfaces

Encrypting communication data and TPM

Chapter 11: Advanced IoT Exploitation and Security Automation

Finding ROP gadgets

Chaining web security vulnerabilities

Step 1 - identifying assets and entry points

Step 2 - finding the weakest link

Step 3 - reconnaissance

Android application

iOS application

Web application

Step 4 - identifying vulnerabilities

Step 5 - Exploitation

Chaining vulnerabilities

Configuring continuous integration testing for firmware

Configuring continuous integration testing for web applications

Configuring continuous integration testing for mobile applications

Index.

Notes:

Includes bibliographical references at the end of each chapters and index.

Description based on online resource; title from PDF title page (EBC, viewed December 29, 2017).

ISBN:

9781787285170

1787285170

OCLC:

1018480585