MiraiSecurity

Mirai

https://www.cdxy.me/?p=746

http://www.freebuf.com/articles/network/119403.html

https://pastebin.com/svH8tvd9

http://www.freebuf.com/sectool/130091.html

http://www.tuicool.com/articles/qM7rMnb

https://h4ckth4tsh1t.com/index.php?u=/topic/18/ggsetup-a-mirai-botnet

https://github.com/rootblack45/Mirai-Source-Modded

https://github.com/Screamfox/-Mirai-Iot-BotNet

https://github.com/geniosa/qbot

https://github.com/DavidOfficiel/botnet

https://superkieran.github.io/WooyunDrops/#!/drops/1165.WireShark%E9%BB%91%E5%AE%A2%E5%8F%91%E7%8E%B0%E4%B9%8B%E6%97%85%EF%BC%888%EF%BC%89%E2%80%94%E9%92%88%E5%AF%B9%E8%B7%AF%E7%94%B1%E5%99%A8%E7%9A%84Linux%E6%9C%A8%E9%A9%AC

https://superkieran.github.io/WooyunDrops/#!/drops/1138.Remaiten-%E4%B8%80%E4%B8%AA%E4%BB%A5%E8%B7%AF%E7%94%B1%E5%99%A8%E5%92%8CIoT%E8%AE%BE%E5%A4%87%E4%B8%BA%E7%9B%AE%E6%A0%87%E7%9A%84Linux%20bot

https://www.pnfsoftware.com/blog/automatic-identification-of-mirai-original-code/

New IoT/Linux Malware Targets DVRs, Forms Botnet
https://researchcenter.paloaltonetworks.com/2017/04/unit42-new-iotlinux-malware-targets-dvrs-forms-botnet/

http://blog.exploitlab.net/2018/01/dvar-damn-vulnerable-arm-router.html

DNS Server 配置学习

http://www.imooc.com/learn/634

http://blog.csdn.net/bluecy/article/details/44907215
https://www.youtube.com/watch?v=riGz7gBXCKc
https://www.youtube.com/watch?v=pAJNB1d3DzE
https://www.youtube.com/watch?v=DuVNclBfykw

物联网创业公司

http://www.freebuf.com/news/119139.html

Honeypot

www.nothink.org

http://www.iexplo1t.com/2016/05/Honeypot.html

https://github.com/paralax/awesome-honeypots

https://check-host.net

ARM Exploit Development

https://azeria-labs.com/writing-arm-shellcode/
https://azeria-labs.com/process-memory-and-memory-corruption/
https://azeria-labs.com/part-3-stack-overflow-challenges/

虚拟机安装

https://app.vagrantup.com/boxes/search

交叉编译虚拟机

http://kozos.jp/vmimage/burning-asm.html

固件分析相关文章

安防IP Camera固件分析 http://www.bugsec.org/3749.html

事件跟踪：贝尔金路由器（Belkin router）0day溢出漏洞分析 http://www.bugsec.org/6983.html

Part 1: Hacking HI3518 based IP camera https://felipe.astroza.cl/hacking-hi3518-based-ip-camera/?utm_source=tuicool&utm_medium=referral

Pwning CCTV cameras https://www.pentestpartners.com/security-blog/pwning-cctv-cameras/

说说无线路由器后门的那些事儿（1）-Dlink篇 http://www.freebuf.com/articles/wireless/18810.html

REVERSING AND EXPLOITING BLE 4.0 COMMUNICATION http://payatu.com/reversing-exploiting-ble-4-0-communication/

IoT设备程序开发及编译环境搭建初体验 http://www.freebuf.com/sectool/130091.html

DLink路由器固件的一次分析记录 http://bbs.pediy.com/thread-209773.htm

黑入Virgin Media Super Hub http://bobao.360.cn/learning/detail/4048.html

海康威视网络摄像机远程访问发现XXE漏洞 http://www.2cto.com/article/201610/553158.html

An easy way to pwn most of the vivotek network cameras https://blog.cal1.cn/post/An%20easy%20way%20to%20pwn%20most%20of%20the%20vivotek%20network%20cameras

TP-Link WR841N路由器任意代码执行漏洞分析 http://bobao.360.cn/learning/detail/4008.html

如何攻击 IP 摄像头并搭建分析环境？ http://www.tuicool.com/articles/qM7rMnb

【技术分享】物联网设备安全分析之网络摄像头篇 http://bobao.360.cn/learning/detail/3269.html

【技术分享】智能家居设备安全分析手记 http://bobao.360.cn/learning/detail/3270.html

Collection of modifications for the XiaoFang WiFi Camera https://github.com/samtap/fang-hacks

分析感染华硕路由器的P2P僵尸网络程序TheMoon http://www.freebuf.com/articles/terminal/117437.html

解密“智魁”攻击行动——针对路由器蠕虫攻击事件分析报告 https://security.alibaba.com/blog/blog.htm?spm=0.0.0.0.mO6T6P&id=26

国外黑客发现的海康威视远程系统XXE漏洞分析 http://www.freebuf.com/vuls/116613.html

大量浙江大华监控设备弱口令漏洞
http://bbs.pediy.com/thread-201337.htm

大华摄像机存在安全漏洞：黑客可远程监控你的摄像头 http://bobao.360.cn/news/detail/1388.html

黑客的日常：Hacking网络摄像头（Part1） http://www.freebuf.com/articles/wireless/81985.html

Burglar and Hacker – When Physical Security Is Compromised by IoT Vulnerabilities
http://dojo.bullguard.com/blog/burglar-hacker-when-a-physical-security-is-compromised-by-iot-vulnerabilities/

Exploit Cameras https://www.lynahex.com/index.php/archives/exploit-cameras.html

某CCTV摄像头漏洞分析
https://superkieran.github.io/WooyunDrops/#!/drops/1042.%E6%9F%90CCTV%E6%91%84%E5%83%8F%E5%A4%B4%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90

Hacking Smartwatches - the TomTom Runner, part 1 http://grangeia.io/2015/11/09/hacking-tomtom-runner-pt1/

IP Camera固件分析
https://superkieran.github.io/WooyunDrops/#!/drops/329.%E5%AE%89%E9%98%B2IP%20Camera%E5%9B%BA%E4%BB%B6%E5%88%86%E6%9E%90

Devil's Ivy: The Technical Details http://blog.senr.io/devilsivy.html

Hacking the D-Link DIR-890L
http://www.devttys0.com/2015/04/hacking-the-d-link-dir-890l/

Samsung SmartCam​ https://www.exploitee.rs/index.php/Samsung_SmartCam%E2%80%8B

Exploiting IoT enabled BLE smart bulb security
https://www.peerlyst.com/posts/exploiting-iot-enabled-ble-smart-bulb-security-aditya-gupta

使用Zoomeye渗透网络摄像头
http://simeon.blog.51cto.com/18680/1744228

REVERSE ENGINEERING A BLE SERVICE TO CONTROL A LIGHT BULB https://iayanpahwa.github.io/Reverse-Engineering-IoT-Devices/

利用Hackrf进行GPS劫持实验流程攻略 http://www.freebuf.com/articles/terminal/144296.html

Multiple vulnerabilities found in Wireless IP Camera (P2P) WIFICAM cameras and vulnerabilities in custom http server
https://pierrekim.github.io/blog/2017-03-08-camera-goahead-0day.html

逆向工程家庭安全系统：解码固件更新 https://markclayton.github.io/reverse-engineering-my-home-security-system-decompiling-firmware-updates.html

FIRMWARE EXPLOITATION WITH JEB: PART 1
https://www.pnfsoftware.com/blog/firmware-exploitation-with-jeb-part-1/

FIRMWARE EXPLOITATION WITH JEB: PART 2 https://www.pnfsoftware.com/blog/firmware-exploitation-with-jeb-part-2/

Getting Started with Damn Vulnerable Router Firmware (DVRF) v0.1
https://p16.praetorian.com/blog/getting-started-with-damn-vulnerable-router-firmware-dvrf-v0.1
https://github.com/praetorian-inc/DVRF

重温SOHO路由器攻击（针对多款路由器的漏洞挖掘）
http://www.sicherheitsforschung-magdeburg.de/uploads/journal/MJS_054_Rueda_SOHORouter.pdf

D-Link-Dir-850L-远程命令执行漏洞
https://xianzhi.aliyun.com/forum/read/2010.html

TEW-654TR路由器漏洞分析和挖掘
http://www.freebuf.com/vuls/126766.html

从内网弱口令到公网智能路由器
http://www.freebuf.com/vuls/125271.html

对某路由器进行的渗透测试
http://www.freebuf.com/articles/terminal/124069.html

D-Link路由器固件后门，导致内网域名劫持
http://www.freebuf.com/articles/terminal/113487.html

极客Hacking：手把手教你Root谷歌OnHub路由器
http://www.freebuf.com/news/topnews/82147.html

RouterSploit：路由器漏洞检测及利用框架
http://www.freebuf.com/sectool/101441.html

工具推荐：Scanner Routerhunter，路由器漏洞扫描器
http://www.freebuf.com/sectool/101180.html

技术分享：逆向破解华为路由器
http://www.freebuf.com/news/topnews/101852.html
http://www.freebuf.com/geek/103551.html
http://www.freebuf.com/geek/105617.html

路由器固件安全分析技术
https://www.vulbox.com/knowledge/detail/?id=35
https://www.vulbox.com/knowledge/detail/?id=42

必虎路由器大量高危漏洞分析
http://www.freebuf.com/news/112626.html

逆向路由器固件之解包 Part1
http://www.freebuf.com/sectool/75915.html

逆向路由器固件之敏感信息泄露 Part2
http://www.freebuf.com/articles/terminal/76481.html

逆向路由器固件之SQL注入（Part3）
http://www.freebuf.com/vuls/76755.html

路由器驱动组件NetUSB（CVE-2015-3036 ）远程代码执行exp
http://www.freebuf.com/vuls/81773.html

华为Wimax路由器被爆存在多个漏洞
http://www.freebuf.com/articles/terminal/87957.html

针对路由器的MIPS架构Linux木马详解
http://www.freebuf.com/articles/network/88798.html

中兴路由器（SOHO Router）暗藏后门
http://www.freebuf.com/news/58137.html

TP-link TL-WR840N系列路由器存在CSRF漏洞，可修改任意配置（含POC测试过程）
http://www.freebuf.com/vuls/56526.html

华硕路由器曝远程命令执行漏洞
http://www.freebuf.com/news/56074.html

国外路由器密码扫描工具
http://www.freebuf.com/sectool/31680.html#

说说无线路由器后门的那些事儿（1）-Dlink篇
http://www.freebuf.com/articles/wireless/18810.html

NetGear路由器可以通过命令注入获取ROOT权限[附EXP]
http://www.freebuf.com/articles/wireless/15641.html

我是如何反编译D-Link路由器固件程序并发现它的后门的
http://www.freebuf.com/articles/wireless/14964.html

知道工具之硬件路由相关
https://mp.weixin.qq.com/s/QdiI66ZDsHj7MaMB6c88Ug

专门收集各大信息安全会议资料的网站
https://infocon.org/cons/

Reverse Engineering & Exploitation of a “Connected Alarm Clock”
https://courk.fr/index.php/2017/09/10/reverse-engineering-exploitation-connected-clock/

我是怎么打开车库门的：ASKOOK手动解码及重放
http://www.freebuf.com/articles/wireless/146781.html

IOT SECURITY – PART 1 (101 – IOT INTRODUCTION AND ARCHITECTURE)
http://payatu.com/iot-security-part-1-101-iot-introduction-architecture/
http://payatu.com/iot-security-part-2-101-iot-attack-surface/

ARM exploitation for IoT – Episode 1
https://quequero.org/2017/07/arm-exploitation-iot-episode-1/
ARM exploitation for IoT – Episode 2
https://quequero.org/2017/09/arm-exploitation-iot-episode-2/

Reverse Engineering the OBi200 Google Voice Appliance
https://randywestergren.com/reverse-engineering-obi200-google-voice-appliance-part-1/
https://randywestergren.com/reverse-engineering-obi200-google-voice-appliance-part-2/

Enlarge your botnet with: top D-Link routers (DIR8xx D-Link routers cruisin' for a bruisin') https://embedi.com/blog/enlarge-your-botnet-top-d-link-routers-dir8xx-d-link-routers-cruisin-bruisin

Exploiting Embedded Systems – Part 1
http://www.devttys0.com/2011/09/exploiting-embedded-systems-part-1/

针对联网智能灯泡的安全性分析
https://www.contextis.com/blog/hacking-into-internet-connected-light-bulbs

看我如何一步一步发现TP-Link路由器的远程代码执行(CVE-2017-13772)
https://www.fidusinfosec.com/tp-link-remote-code-execution-cve-2017-13772/

ZTE ZXR10 路由器多个安全漏洞披露
https://blogs.securiteam.com/index.php/archives/3495

技术分享】智能门锁也会得“癌症”？如何通过手机搞定蓝牙门锁
http://bobao.360.cn/learning/detail/4614.html

ARM exploits https://quequero.org/2017/07/arm-exploitation-iot-episode-1/

NBotLoader: Netgear Bug Weaponized as a Dangerous Exploit
https://blog.newskysecurity.com/nbotloader-netgear-bug-weaponized-as-a-dangerous-exploit-ea7869217e89

如何利用Shodan API和Python自动扫描高危设备
http://www.4hou.com/web/8803.html

通过CVE-2017-17215学习路由器漏洞分析，从入坑到放弃
http://www.freebuf.com/vuls/160040.html

hack ble https://smartlockpicking.com/hackmelock/