User Experience on mobile might not be great yet, but I'm working on it.

Your first time on this page? Allow me to give some explanations.

Awesome Embedded and IoT Security

A curated list of awesome embedded and IoT security resources.

Here you can see meta information about this topic like the time we last updated this page, the original creator of the awesome list and a link to the original GitHub repository.

Last Update: Dec. 3, 2020, 12:06 p.m.

Thank you fkie-cad & contributors
View Topic on GitHub:
fkie-cad/awesome-embedded-and-iot-security

Search for resources by name or description.
Simply type in what you are looking for and the results will be filtered on the fly.

Further filter the resources on this page by type (repository/other resource), number of stars on GitHub and time of last commit in months.

Analysis Frameworks

a tool to analyze filesystem images for security

367
62
93d
Apache-2.0

HAL – The Hardware Analyzer

276
35
2d
MIT

HomePwn - Swiss Army Knife for Pentesting of IoT Devices

507
96
5m
GPL-3.0

IEEE 802.15.4/ZigBee Security Research Toolkit

521
173
4m
n/a

Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.

2.53K
479
2y 5m
GPL-2.0

Exploitation Framework for Embedded Devices

8.7K
1.92K
5m
n/a

Pentest framework like Metasploit but specialized for IoT.

Full-featured static analysis framework including extraction of firmware, analysis utilizing different plug-ins and comparison of different firmware versions.

Framework for automatisation of IoT layers security analysis: hardware, software and communication.

Analysis Tools

Firmware Analysis Tool

6.84K
1.04K
8d
MIT

Platform for emulation and dynamic analysis of Linux-based firmware

1.1K
259
16d
MIT

Script for searching the extracted firmware file system for goodies!

592
137
68d
GPL-3.0

Discovering vulnerabilities in firmware through concolic analysis and function clustering.

401
72
77d
GPL-3.0

UNIX-like reverse engineering framework and command-line toolset

13.49K
2.35K
4d
LGPL-3.0

TROMMEL: Sift Through Embedded Device Files to Identify Potential Vulnerable Indicators

172
44
5m
n/a

Open Source suite of reverse engineering tools. Similar to IDA Pro.

Extraction Tools

Standalone Utility for FACT-like extraction

29
10
38d
GPL-3.0

Automatically exported from code.google.com/p/firmware-mod-kit

396
110
1y 4m
n/a

Collection of tools for manipulating EPROM files (can convert lots of binary formats).

Support Tools

Given an Arduino compatible microcontroller or Raspberry PI (experimental), JTAGenum scans pins[] for basic JTAG functionality and can be used to enumerate the Instruction Register for undocumented instructions. Props to JTAG scanner and Arduinull which came before JTAGenum and forwhich much of the code and logic is based on. Feel free to branch and modify religiously (readme, credits, whatever)

403
67
15d
n/a

Free and Open On-Chip Debugging, In-System Programming and Boundary-Scan Testing.

Misc Tools

Set of tools for security testing of Internet of Things devices using specific network IoT protocols

184
50
4m
GPL-2.0

Low-level NAND Flash dump and parsing utility

210
81
9m
n/a

Patches welcome, see https://www.flashrom.org/Development_Guidelines#Patch_submission

396
256
2d
GPL-2.0

Tool for decrypting the firmware files for Samsung SSDs

129
12
113d
n/a

Hardware Tools

Scots Army Knife for electronics

1.22K
78
5d
n/a

Detects and interacts with hardware debug ports like UART and JTAG.

Detects and interacts with hardware debug ports like UART and JTAG.

Detects and interacts with hardware debug ports like UART and JTAG. Among other protocols.

Easy to use Logic Analyzer that support many protocols :euro:.

Alternative to Saleae logic analyzers :euro:.

Open source multi-tool hardware similar to the BusPirate but with NFC capabilities.

Detects Glitch/Side-channel attacks.

J-Link offers USB powered JTAG debug probes for multiple different CPU cores :euro:.

Bluetooth BLE Tools

Open source 2.4 GHz wireless development platform suitable for Bluetooth experimentation.

Easy to use Bluetooth Low Energy sniffer.

ZigBee Tools

ZigBee security research hardware for learning about and evaluating the security of IEEE 802.15.4/ZigBee systems. Killerbee compatible.

Low Cost Battery Operated Wireless Arduino Board that can be turned into a IEEE 802.15.4 protocol sniffer.

SDR Tools

Cheapest SDR for beginners. It is a computer based radio scanner for receiving live radio signals frequencies from 500 kHz up to 1.75 GHz.

A Software Defined Radio peripheral capable of transmission or reception of radio signals from 1 MHz to 6 GHz. Designed to enable test and development of modern and next generation radio technologies.

Half-duplex sub-1 GHz wireless transceiver.

Software Defined Radio peripheral capable of transmission or reception of radio signals from 100 KHz to 3.8 GHz (full-duplex).

Software Defined Radio peripheral capable of transmission or reception of radio signals from 47 MHz to 6 GHz (full-duplex).

Software Defined Radio peripheral capable of transmission or reception of radio signals from 70 MHz to 6 GHz (full-duplex).

RFID NFC Tools

Powerful general purpose RFID tool. From Low Frequency (125kHz) to High Frequency (13.56MHz) tags.

Programmable, portable tool for NFC security analysis.

Powerful 13.56MHz RFID / NFC platform. Read / write / crack / sniff / emulate.

Books

The best hacker's gadgets for Red Team pentesters and security researchers.

1.59K
243
4m
MPL-2.0

Kinda useful notes collated together publicly

421
72
1y 6m
n/a

Research Papers

Case Studies

Free Training

CSAW Embedded Security Challenge 2019

28
6
1y 10d
MIT

Content related to hardware hacking

22
5
1y 8m
n/a

IoTGoat is a deliberately insecure firmware based on OpenWrt.

153
38
8m
MIT

RHme+ 2015 challenge

86
13
4y 6m
n/a

Rhme2 challenge (2016)

202
42
3y 5m
n/a

Riscure Hack Me embedded hardware CTF 2017-2018.

60
11
2y 6m
n/a

Websites

Development best practices and list of hardware and software tools.

Default login credential database sorted by manufacturer.

A Wiki/Archive of all things IC reversing.

Blogs

Tutorials and Technical Background

Miscellaneous ARM related Tutorials.

A walkthrough covering UART and JTAG bypassing a protected login shell.

Detailed tutorial about how to spot debug pads on a PCB.

An in depth explanation of the UART protocol.

Conferences

The Hague, September.