Download Chapter 4: NETWORK ASSESSMENTS
You can find the book's downloadable resources and latest updates on GitHub.
Practical IoT Hacking isn’t just another security book – it’s a philosophy on security testing developed by hackers for hackers, with a focus on concepts and techniques that will quickly get you testing actual IoT systems, devices and protocols.
The book starts with an introduction to the IoT security world, walking you through common IoT threats and giving you a framework for threat modeling that includes breaking down the architecture into components and using attack trees to identify threats. You’ll develop a security testing methodology, discover the silent art of passive reconnaissance, and conduct holistic manual security assessments on all layers of an IoT system. From there, you’ll enter the IoT network and perform VLAN hopping, crack MQTT authentication, punch holes through firewalls by abusing UPnP, develop an mDNS poisoner, and craft WS-Discovery attacks.
Later chapters deal specifically with hardware hacking, where you’ll uncover the inner workings of UART and JTAG/SWD, and explore how to leverage bus protocols (SPI, I²C) to attack embedded IoT devices. Radio hacking is also covered in-depth, with the authors demonstrating a variety of attacks against RFID systems, like cloning access cards, showing how to develop a LoRa traffic sniffer and helping you master techniques for attacking the Bluetooth Low Energy (BLE) protocol.
- Common IoT threats, like signal-jamming, replay, and hardware-integrity attacks
- Methods and tools for analyzing network protocols, like developing a Wireshark dissector for the DICOM protocol and writing a DICOM service scanner as an Nmap Scripting Engine (NSE) module
- The DICOM protocol, and how to write a DICOM service scanner for the NSE module
- How to hack a microcontroller through UART and SWD (Serial Wire Debug) interfaces
- Techniques for reverse engineering firmware and analyzing mobile companion apps (both Android and iOS)
- How to develop your own NFC fuzzer using Proxmark3
- Wi-Fi association attacks against wireless clients, and ways of abusing Wi-Fi Direct
- Techniques for hacking the smart home, like jamming wireless alarms, playing back IP camera feeds, and taking control of a smart treadmill
The authors demonstrate tools and use susceptible devices that are affordable and easy to obtain, so you can practice on your own throughout the book. In addition, there are custom code examples and proof-of-concept exploits that you can download from the book’s GitHub page: https://github.com/practical-iot-hacking.