IoT Penetration Testing Cookbook: Identify vulnerabilities and secure your smart devices

Packt Publishing Ltd
Free sample

Over 80 recipes to master IoT security techniques.About This Book
  • Identify vulnerabilities in IoT device architectures and firmware using software and hardware pentesting techniques
  • Understand radio communication analysis with concepts such as sniffing the air and capturing radio signals
  • A recipe based guide that will teach you to pentest new and unique set of IoT devices.
Who This Book Is For

This book targets IoT developers, IoT enthusiasts, pentesters, and security professionals who are interested in learning about IoT security. Prior knowledge of basic pentesting would be beneficial.

What You Will Learn
  • Set up an IoT pentesting lab
  • Explore various threat modeling concepts
  • Exhibit the ability to analyze and exploit firmware vulnerabilities
  • Demonstrate the automation of application binary analysis for iOS and Android using MobSF
  • Set up a Burp Suite and use it for web app testing
  • Identify UART and JTAG pinouts, solder headers, and hardware debugging
  • Get solutions to common wireless protocols
  • Explore the mobile security and firmware best practices
  • Master various advanced IoT exploitation techniques and security automation
In Detail

IoT is an upcoming trend in the IT industry today; there are a lot of IoT devices on the market, but there is a minimal understanding of how to safeguard them. If you are a security enthusiast or pentester, this book will help you understand how to exploit and secure IoT devices.

This book follows a recipe-based approach, giving you practical experience in securing upcoming smart devices. It starts with practical recipes on how to analyze IoT device architectures and identify vulnerabilities. Then, it focuses on enhancing your pentesting skill set, teaching you how to exploit a vulnerable IoT device, along with identifying vulnerabilities in IoT device firmware. Next, this book teaches you how to secure embedded devices and exploit smart devices with hardware techniques. Moving forward, this book reveals advanced hardware pentesting techniques, along with software-defined, radio-based IoT pentesting with Zigbee and Z-Wave. Finally, this book also covers how to use new and unique pentesting techniques for different IoT devices, along with smart devices connected to the cloud.

By the end of this book, you will have a fair understanding of how to use different pentesting techniques to exploit and secure various IoT devices.

Style and approach

This recipe-based book will teach you how to use advanced IoT exploitation and security automation.

Read more
Collapse

About the author

Aaron Guzman is a principal security consultant from the Los Angeles area with expertise in web app security, mobile app security, and embedded security. He has shared his security research at a number of worldwide conferences, including DEF CON, DerbyCon, AppSec EU, AppSec USA, HackFest, Security Fest, HackMiami, 44Con, and AusCERT as well as a number of regional BSides events. Furthermore, Aaron is a chapter leader for the Open Web Application Security Project (OWASP) Los Angeles chapter and the Cloud Security Alliance SoCal (CSA SoCal) chapter, and was previously the technical reviewer for Practical Internet of Things Security by Packt Publishing. He has contributed to many IoT security guidance publications from CSA, OWASP, PRPL, and a number of others. Aaron leads the OWASP Embedded Application Security project, providing practical guidance to address the most common firmware security bugs for the embedded and IoT community. Follow Aaron's latest research on Twitter at @scriptingxss.

Aditya Gupta is the founder of Attify, and an IoT and mobile security researcher. He is also the creator of the popular training course Offensive IoT Exploitation, and the founder of the online store for hackers Attify-Store. Gupta has also published security research papers, authored tools, and spoken numerous times at conferences such as BlackHat, DefCon, OWASP AppSec, ToorCon, and more. In his previous roles, he has worked with various organizations helping to build their security infrastructure and internal automation tools, identify vulnerabilities in web and mobile applications, and lead security planning. He can be reached out to on Twitter at @adi1391 and over email at adityag@attify.com.

Read more
Collapse
Loading…

Additional Information

Publisher
Packt Publishing Ltd
Read more
Collapse
Published on
Nov 29, 2017
Read more
Collapse
Pages
452
Read more
Collapse
ISBN
9781787285170
Read more
Collapse
Read more
Collapse
Read more
Collapse
Language
English
Read more
Collapse
Genres
Computers / Microprocessors
Computers / Networking / General
Computers / Security / General
Read more
Collapse
Content protection
This content is DRM free.
Read more
Collapse
Read aloud
Available on Android devices
Read more
Collapse

Reading information

Smartphones and Tablets

Install the Google Play Books app for Android and iPad/iPhone. It syncs automatically with your account and allows you to read online or offline wherever you are.

Laptops and Computers

You can read books purchased on Google Play using your computer's web browser.

eReaders and other devices

To read on e-ink devices like the Sony eReader or Barnes & Noble Nook, you'll need to download a file and transfer it to your device. Please follow the detailed Help center instructions to transfer the files to supported eReaders.
©2021 GoogleSite Terms of ServicePrivacyDevelopersAbout Google|Location: United StatesLanguage: English (United States)
By purchasing this item, you are transacting with Google Payments and agreeing to the Google Payments Terms of Service and Privacy Notice.