Practical IoT Hacking: The Definitive Guide to Attacking the Internet of Things

Front Cover
No Starch Press, Mar 23, 2021 - Computers - 464 pages
The definitive guide to hacking the world of the Internet of Things (IoT) -- Internet connected devices such as medical devices, home assistants, smart home appliances and more.

Drawing from the real-life exploits of five highly regarded IoT security researchers, Practical IoT Hacking teaches you how to test IoT systems, devices, and protocols to mitigate risk.

The book begins by walking you through common threats and a threat modeling framework. You’ll develop a security testing methodology, discover the art of passive reconnaissance, and assess security on all layers of an IoT system. Next, you’ll perform VLAN hopping, crack MQTT authentication, abuse UPnP, develop an mDNS poisoner, and craft WS-Discovery attacks.

You’ll tackle both hardware hacking and radio hacking, with in-depth coverage of attacks against embedded IoT devices and RFID systems.

You’ll also learn how to:

• Write a DICOM service scanner as an NSE module
• Hack a microcontroller through the UART and SWD interfaces
• Reverse engineer firmware and analyze mobile companion apps
• Develop an NFC fuzzer using Proxmark3
• Hack a smart home by jamming wireless alarms, playing back IP camera feeds, and controlling a smart treadmill
The tools and devices you’ll use are affordable and readily available, so you can easily practice what you learn. Whether you’re a security researcher, IT team member, or hacking hobbyist, you’ll find Practical IoT Hacking indispensable in your efforts to hack all the things

REQUIREMENTS: Basic knowledge of Linux command line, TCP/IP, and programming
 

Selected pages

Contents

Network Hacking
57
Hardware Hacking
155
Radio Hacking
237
Targeting the IoT Ecosystem
333
Tools for IoT Hacking
401
Index
415
Copyright

Other editions - View all

Practical IoT Hacking: The Definitive Guide to Attacking the Internet of Things
Fotios Chantzis,Ioannis Stais,Paulino Calderon,Evangelos Deirmentzoglou,Beau Woods
Limited preview - 2021
Practical IoT Hacking: The Definitive Guide to Attacking the Internet of Things
Fotios Chantzis,Ioannis Stais,Paulino Calderon,Evangelos Deirmentzoglou,Beau Woods
No preview available - 2021

Common terms and phrases

analyze Android application Arduino attack authentication binary black pill bytes camera Chapter client clone components configuration connect control server create credentials debugging default device’s DICOM dissector emulator encryption Endian example exploit extract FIRMADYNE firmware following command function GATTTool hacking hardware header Heltec host identify infusion pump install interface IoT devices IoT security IoT systems IP address JTAG layer Linux LoRa LoRaWAN MAC address man-in-the-middle attacks mDNS memory microcontroller MIFARE module MQTT Ncrack Nmap node open source OpenWrt operating system option output packet parameter password payload perform pins port Probe protocol Proxmark3 radio request RFID RFID tag router scan script serial specific strcmp target threat tool traffic UART update UPnP username UUID VLAN vulnerabilities Wi-Fi wireless Wireshark WS-Discovery

About the author (2021)

Fotios (Fotis) Chantzis is laying the foundation for a safe and secure Artificial General Intelligence (AGI) at OpenAI. Previously, he worked as a principal information security engineer at Mayo Clinic, where he managed and conducted technical security assessments on medical devices, clinical support systems, and critical healthcare infrastructure.

Ioannis Stais is a senior IT security researcher and head of red teaming at CENSUS S.A., a company that offers specialized cybersecurity services. He has participated in dozens of security assessment projects, including the assessment of communication protocols, web and mobile banking services, ATMs and point-of-sale systems, and critical medical appliances.

Paulino Calderon is a published author and international speaker with over 12 years of experience in network and application security. When he isn't traveling to security conferences or consulting for Fortune 500 companies with Websec, a company he co-founded in 2011, he spends peaceful days enjoying the beach in Cozumel, Mexico.


Evangelos Deirmentzoglou is an information security professional interested in solving security problems at scale. He led and structured the cybersecurity capability of the financial tech startup Revolut. A member of the open-source community since 2015, he has made multiple contributions to Nmap and Ncrack.

Beau Woods is a cyber safety innovation fellow with the Atlantic Council and a leader with the I Am The Cavalry grassroots initiative. He is also the founder and CEO of Stratigos Security and sits on the board of several nonprofits. Beau is a published author and frequent public speaker.

Bibliographic information

TitlePractical IoT Hacking: The Definitive Guide to Attacking the Internet of Things
AuthorsFotios Chantzis, Ioannis Stais, Paulino Calderon, Evangelos Deirmentzoglou, Beau Woods
PublisherNo Starch Press, 2021
ISBN1718500912, 9781718500914
Length464 pages
Subjects ›  › 

Computers / Internet of Things (IoT)
Computers / Security / General
Computers / Security / Network Security
  
Export CitationBiBTeX EndNote RefMan