Software Tools / Analysis Tools

• cwe_checker (⭐957) - Finds vulnerable patterns in binary executables - ELF support for x86, ARM, and MIPS, experimental bare-metal support.

Websites / YouTube Channels

• Flashback Team - A duo of hackers explaining their step by step approach to finding and exploiting vulnerabilities in embedded devices.

• StackSmashing - Reverse engineering and hardware hacking of embedded devices.

Software Tools / Analysis Tools

• emba (⭐2.1k) - Analyze Linux-based firmware of embedded devices.

Software Tools / Analysis Tools

• Binwalk (⭐9.7k) - Searches a binary for "interesting" stuff, as well as extracts arbitrary files.

Conferences / YouTube Channels

• Hardwear.io
  • EU, The Hague, September.
  • USA, Santa Clara, June.

Research Papers / RFID NFC Tools

• 2020, Oser et al: SAFER: Development and Evaluation of an IoT Device Risk Assessment Framework in a Multinational Organization

Hardware Tools / SDR Tools

• RTL-SDR - Cheapest SDR for beginners. It is a computer based radio scanner for receiving live radio signals frequencies from 500 kHz up to 1.75 GHz.

Research Papers / RFID NFC Tools

• 2019, Agarwal et al: Detecting IoT Devices and How They Put Large Heterogeneous Networks at Security Risk

Case Studies / RFID NFC Tools

• IoT Security@CERN

Websites / Blogs

• RTL-SDR

Software Tools / Analysis Frameworks

• HomePWN (⭐787) - Swiss Army Knife for Pentesting of IoT Devices.

Software Tools / Misc Tools

• Cotopaxi (⭐334) - Set of tools for security testing of Internet of Things devices using specific network IoT protocols.

• dumpflash (⭐264) - Low-level NAND Flash dump and parsing utility.

• flashrom (⭐731) - Tool for detecting, reading, writing, verifying and erasing flash chips.

• Samsung Firmware Magic (⭐191) - Decrypt Samsung SSD firmware updates.

Hardware Tools / Misc Tools

• HydraBus - Open source multi-tool hardware similar to the BusPirate but with NFC capabilities.

• Glasgow (⭐1.8k) - Tool for exploring and debugging different digital interfaces.

Books / RFID NFC Tools

• 2020, Fotios Chantzis, Evangel Deirme, Ioannis Stais, Paulino Calderon, Beau Woods: Practical IoT Hacking

• 2018, Qing Yang, Lin Huang Inside Radio: An Attack and Defense Guide

• 2015, Joshua Wright , Johnny Cache: Hacking Wireless Exposed

Research Papers / RFID NFC Tools

• 2014, Costin et al: A Large-Scale Analysis of the Security of Embedded Firmwares

Websites / RFID NFC Tools

• OWASP Internet of Things Project - IoT common vulnerabilities and attack surfaces.

Hardware Tools / ZigBee Tools

• Atmel RZUSBstick - Discontinued product. Lucky if you have one! - Tool for development, debugging and demonstration of a wide range of low power wireless applications including IEEE 802.15.4, 6LoWPAN, and ZigBee networks. Killerbee compatible.

Hardware Tools / SDR Tools

• HackRF One - Software Defined Radio peripheral capable of transmission or reception of radio signals from 1 MHz to 6 GHz (half-duplex).

Hardware Tools / RFID NFC Tools

• Proxmark 3 RDV4 - Powerful general purpose RFID tool. From Low Frequency (125kHz) to High Frequency (13.56MHz) tags.

Books / RFID NFC Tools

• 2015, Keng Tiong Ng: The Art of PCB Reverse Engineering

Hardware Tools / Misc Tools

• Shikra - Detects and interacts with hardware debug ports like UART and JTAG. Among other protocols.

Hardware Tools / Bluetooth BLE Tools

• UberTooth One - Open source 2.4 GHz wireless development platform suitable for Bluetooth experimentation.

• Bluefruit LE Sniffer - Easy to use Bluetooth Low Energy sniffer.

Hardware Tools / ZigBee Tools

• ApiMote - ZigBee security research hardware for learning about and evaluating the security of IEEE 802.15.4/ZigBee systems. Killerbee compatible.

• Freakduino - Low Cost Battery Operated Wireless Arduino Board that can be turned into a IEEE 802.15.4 protocol sniffer.

Hardware Tools / SDR Tools

• YardStick One - Half-duplex sub-1 GHz wireless transceiver.

• LimeSDR - Software Defined Radio peripheral capable of transmission or reception of radio signals from 100 KHz to 3.8 GHz (full-duplex).

• BladeRF 2.0 - Software Defined Radio peripheral capable of transmission or reception of radio signals from 47 MHz to 6 GHz (full-duplex).

• USRP B Series - Software Defined Radio peripheral capable of transmission or reception of radio signals from 70 MHz to 6 GHz (full-duplex).

Hardware Tools / RFID NFC Tools

• ChamaleonMini - Programmable, portable tool for NFC security analysis.

• HydraNFC - Powerful 13.56MHz RFID / NFC platform. Read / write / crack / sniff / emulate.

Books / RFID NFC Tools

• 2020, Jasper van Woudenberg, Colin O'Flynn: The Hardware Hacking Handbook: Breaking Embedded Security with Hardware Attacks

• 2018, Mark Carney: Pentesting Hardware - A Practical Handbook (DRAFT) (⭐486)

Websites / Blogs

• Firmware Security

• PenTestPartners

• Attify

• Patayu

• GracefulSecurity - Hardware tag

• Black Hills - Hardware Hacking tag

Case Studies / RFID NFC Tools

• Dumping firmware from a device's SPI flash with a buspirate

Websites / Tutorials and Technical Background

• Azeria Lab - Miscellaneous ARM related Tutorials.

• JTAG Explained - A walkthrough covering UART and JTAG bypassing a protected login shell.

• Reverse Engineering Serial Ports - Detailed tutorial about how to spot debug pads on a PCB.

• UART explained - An in depth explanation of the UART protocol.

Websites / Blogs

• wrong baud

Research Papers / RFID NFC Tools

• 2015, Shoshitaishvili et al:Firmalice - Automatic Detection of Authentication Bypass Vulnerabilities in Binary Firmware

Case Studies / RFID NFC Tools

• Hacking the PS4 - Introduction to PS4's security.

Websites / RFID NFC Tools

• OWASP Embedded Application Security Project - Development best practices and list of hardware and software tools.

• Siliconpr0n - A Wiki/Archive of all things IC reversing.

Software Tools / Analysis Frameworks

• HAL – The Hardware Analyzer (⭐480) - A comprehensive reverse engineering and manipulation framework for gate-level netlists.

• IoTSecFuzz - Framework for automatisation of IoT layers security analysis: hardware, software and communication.

• Killerbee (⭐707) - Framework for Testing & Auditing ZigBee and IEEE 802.15.4 Networks.

• PRET (⭐3.6k) - Printer Exploitation Toolkit.

• Routersploit (⭐11k) - Framework dedicated to exploit embedded devices.

Software Tools / Analysis Tools

• Firmwalker (⭐942) - Searches extracted firmware images for interesting files and information.

Books / RFID NFC Tools

• 2017, Aditya Gupta, Aaron Guzman: IoT Penetration Testing Cookbook

Research Papers / RFID NFC Tools

• 2019, Almakhdhub et al: BenchIoT: A Security Benchmark for the Internet of Things

Case Studies / RFID NFC Tools

• Cracking Linksys “Encryption”

• Reversing Firmware With Radare

• Reversing the Huawei HG533

Free Training / RFID NFC Tools

• CSAW Embedded Security Challenge 2019 (⭐33) - CSAW 2019 Embedded Security Challenge (ESC).

• Embedded Security CTF - Microcorruption: Embedded Security CTF.

• Rhme-2016 (⭐286) - Riscure Hack me 2 is a low level hardware CTF challenge.

• Rhme-2017/2018 (⭐84) - Riscure Hack Me 3 embedded hardware CTF 2017-2018.

Websites / RFID NFC Tools

• Hacking Printers Wiki - All things printer.

• Router Passwords - Default login credential database sorted by manufacturer.

Websites / Blogs

• /dev/ttyS0's Embedded Device Hacking

• Exploiteers

• Hackaday

• jcjc's Hack The World

• Quarkslab

Hardware Tools / Misc Tools

• ChipWhisperer - Detects Glitch/Side-channel attacks.

Books / RFID NFC Tools

• 2019, Yago Hansen: The Hacker's Hardware Toolkit: The best collection of hardware gadgets for Red Team hackers, Pentesters and security researchers (⭐2k)

Research Papers / RFID NFC Tools

• 2016, Kammerstetter et al: Embedded Security Testing with Peripheral Device Caching and Runtime Program State Approximation

Software Tools / Analysis Frameworks

• FACT - The Firmware Analysis and Comparison Tool - Full-featured static analysis framework including extraction of firmware, analysis utilizing different plug-ins and comparison of different firmware versions.
  • Improving your firmware security analysis process with FACT - Conference talk about FACT 📺.

Research Papers / RFID NFC Tools

• 2019, Alrawi et al: SoK: Security Evaluation of Home-Based IoT Deployments

• 2019, Abbasi et al: Challenges in Designing Exploit Mitigations for Deeply Embedded Systems

• 2019, Song et al: PeriScope: An Effective Probing and Fuzzing Framework for the Hardware-OS Boundary

• 2014, Zaddach et al: Avatar: A Framework to Support Dynamic Security Analysis of Embedded Systems' Firmwares

Case Studies / RFID NFC Tools

• Deadly Sins Of Development - Conference talk presenting several real world examples on real bad implementations 📺.

Case Studies / RFID NFC Tools

• Binary Hardening in IoT products

Software Tools / Analysis Frameworks

• FwAnalyzer (⭐474) - Analyze security of firmware based on customized rules. Intended as additional step in DevSecOps, similar to CI.

Software Tools / Analysis Tools

• Firmware Slap (⭐462) - Discovering vulnerabilities in firmware through concolic analysis and function clustering.

• Radare2 (⭐19k) - Software Reverse Engineering framework, also handles popular formats and arbitrary binaries, has an extensive command line toolset.

Research Papers / RFID NFC Tools

• 2017, O'Meara et al: Embedded Device Vulnerability Analysis Case Study Using Trommel

Software Tools / Extraction Tools

• The SRecord package - Collection of tools for manipulating EPROM files (can convert lots of binary formats).

Software Tools / Support Tools

• JTAGenum (⭐625) - Add JTAG capabilities to an Arduino.

• OpenOCD - Free and Open On-Chip Debugging, In-System Programming and Boundary-Scan Testing.

Hardware Tools / Misc Tools

• Saleae - Easy to use Logic Analyzer that support many protocols 💶.

• Ikalogic - Alternative to Saleae logic analyzers 💶.

• J-Link - J-Link offers USB powered JTAG debug probes for multiple different CPU cores 💶.

Free Training / RFID NFC Tools

• Hardware Hacking 101 (⭐37) - Workshop @ BSides Munich 2019.

• IoTGoat (⭐177) - IoTGoat is a deliberately insecure firmware based on OpenWrt.

• Rhme-2015 (⭐105) - First riscure Hack me hardware CTF challenge.

Books / RFID NFC Tools

• 2018, Mark Swarup Tehranipoor: Hardware Security: A Hands-on Learning Approach

• 2017, Andrew Huang: The Hardware Hacker: Adventures in Making and Breaking Hardware

• 2016, Craig Smith: The Car Hacker's Handbook: A Guide for the Penetration Tester

• 2015, Nitesh Dhanjan: Abusing the Internet of Things: Blackouts, Freakouts, and Stakeouts

• 2014, Debdeep Mukhopadhyay: Hardware Security: Design, Threats, and Safeguards

• 2014, Jack Ganssle: The Firmware Handbook (Embedded Technology)

Software Tools / Analysis Tools

• Ghidra - Software Reverse Engineering suite; handles arbitrary binaries, if you provide CPU architecture and endianness of the binary.

Hardware Tools / Misc Tools

• Bus Blaster - Detects and interacts with hardware debug ports like UART and JTAG.

• JTAGULATOR - Detects JTAG Pinouts fast.

Books / RFID NFC Tools

• 2013, Andrew Huang: Hacking the XBOX

Case Studies / RFID NFC Tools

• Multiple vulnerabilities found in the D-link DWR-932B

Research Papers / RFID NFC Tools

• 2017, Jacob et al: How to Break Secure Boot on FPGA SoCs through Malicious Hardware

Software Tools / Analysis Frameworks

• EXPLIoT - Pentest framework like Metasploit but specialized for IoT.

Software Tools / Analysis Tools

• Firmadyne (⭐1.7k) - Tries to emulate and pentest a firmware.

• Trommel (⭐198) - Searches extracted firmware images for interesting files and information.

Software Tools / Extraction Tools

• FACT Extractor (⭐68) - Detects container format automatically and executes the corresponding extraction tool.

• Firmware Mod Kit (⭐726) - Extraction tools for several container formats.

Hardware Tools / Misc Tools

• Bus Pirate - Detects and interacts with hardware debug ports like UART and JTAG.

Books / RFID NFC Tools

• 2019, Aditya Gupta: The IoT Hacker's Handbook: A Practical Guide to Hacking the Internet of Things

Research Papers / RFID NFC Tools

• 2018, Muench et al: What You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices

• 2017, Costin et al: Towards Automated Classification of Firmware Images and Identification of Embedded Devices

• 2016, Chen et al: Towards Automated Dynamic Analysis for Linux-based Embedded Firmware

• 2016, Costin et al: Automated Dynamic Firmware Analysis at Scale: A Case Study on Embedded Web Interfaces

• 2015, Papp et al: Embedded Systems Security: Threats, Vulnerabilities, and Attack Taxonomy

• 2014, Alimi et al: Analysis of embedded applications by evolutionary fuzzing

• 2013, Davidson et al: FIE on Firmware: Finding Vulnerabilities in Embedded Systems using Symbolic Execution

Case Studies / RFID NFC Tools

• Hacking the DSP-W215, Again

• Pwning the Dlink 850L routers and abusing the MyDlink Cloud protocol

• PWN Xerox Printers (...again)