User Experience on mobile might not be great yet, but I'm working on it.

Your first time on this page? Allow me to give some explanations.

Awesome Embedded and IoT Security

A curated list of awesome embedded and IoT security resources.

Here you can see meta information about this topic like the time we last updated this page, the original creator of the awesome list and a link to the original GitHub repository.

Last Update: June 26, 2022, 10:05 p.m.

Thank you fkie-cad & contributors
View Topic on GitHub:
fkie-cad/awesome-embedded-and-iot-security

Search for resources by name or description.
Simply type in what you are looking for and the results will be filtered on the fly.

Further filter the resources on this page by type (repository/other resource), number of stars on GitHub and time of last commit in months.

Analysis Frameworks

a tool to analyze filesystem images for security

408
68
1y 9m
Apache-2.0

HAL – The Hardware Analyzer

347
43
7m
MIT

HomePwn - Swiss Army Knife for Pentesting of IoT Devices

571
109
1y 30d
GPL-3.0

IEEE 802.15.4/ZigBee Security Research Toolkit

593
202
7m
n/a

Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.

2.86K
537
9m
GPL-2.0

Exploitation Framework for Embedded Devices

9.77K
2.1K
10m
n/a

Analysis Tools

Firmware Analysis Tool

7.84K
1.21K
7m
MIT

EMBA - The security analyzer for embedded device firmware.

950
83
7m
GPL-3.0

Platform for emulation and dynamic analysis of Linux-based firmware

1.3K
295
9m
MIT

Script for searching the extracted firmware file system for goodies!

674
149
1y 9m
GPL-3.0

Discovering vulnerabilities in firmware through concolic analysis and function clustering.

430
76
1y 9m
GPL-3.0

UNIX-like reverse engineering framework and command-line toolset

15.2K
2.56K
7m
LGPL-3.0

TROMMEL: Sift Through Embedded Device Files to Identify Potential Vulnerable Indicators

182
46
2y 4d
n/a

Extraction Tools

Standalone Utility for FACT-like extraction

44
18
7m
GPL-3.0

Automatically exported from code.google.com/p/firmware-mod-kit

520
134
8m
n/a

Support Tools

Given an Arduino compatible microcontroller or Raspberry PI (experimental), JTAGenum scans pins[] for basic JTAG functionality and can be used to enumerate the Instruction Register for undocumented instructions. Props to JTAG scanner and Arduinull which came before JTAGenum and forwhich much of the code and logic is based on. Feel free to branch and modify religiously (readme, credits, whatever)

473
71
1y 108d
n/a

Misc Tools

Set of tools for security testing of Internet of Things devices using specific network IoT protocols

287
72
10m
GPL-2.0

Low-level NAND Flash dump and parsing utility

236
92
1y 8m
n/a

Send patches to review.coreboot.org: https://www.flashrom.org/Development_Guidelines#GitHub

485
304
7m
GPL-2.0

Tool for decrypting the firmware files for Samsung SSDs

147
14
1y 77d
n/a

Hardware Tools

Bluetooth BLE Tools

ZigBee Tools

SDR Tools

RFID NFC Tools

Books

The best hacker's gadgets for Red Team pentesters and security researchers.

1.81K
263
1y 9m
MPL-2.0

Kinda useful notes collated together publicly

463
80
3y 30d
n/a

Research Papers

Case Studies

Free Training

CSAW Embedded Security Challenge 2019

29
6
2y 7m
MIT

Content related to hardware hacking

29
6
3y 92d
n/a

IoTGoat is a deliberately insecure firmware based on OpenWrt.

169
41
2y 90d
MIT

RHme+ 2015 challenge

94
12
6y 21d
n/a

Rhme2 challenge (2016)

223
44
5y 16d
n/a

Riscure Hack Me embedded hardware CTF 2017-2018.

68
10
4y 30d
n/a

Websites

Blogs

Tutorials and Technical Background

Conferences