IoTSecurityMaterials

List of materials on which to learn IoT/IIoT Security.

Before learning (and especially teaching) hacking or security in general I recommend to watch How To Learn (And Teach) Hacking - Ruben Gonzalez. Please also keep in mind that you don't just "learn IoT security", IoT applications has a lots of components radio/hardware/software/mobile/web and you won't be able to learn them all at once, so choose what you are interested in and start with it.

Mics

This material may help you regardless of what you want to learn

Resource	Description
Encodings And Character Sets	Understanding ASCII, Unicode, UTF-8, UTF-16, and UTF-32. Do you know encodings or think that you know them?
The Security We Need: Designing Usable IoT Security - Damilare D. Fagbemi	Not a hacking video. This should be viewed by Architects or Testers that also may report security usability issues. This talk underlines that IoT devices have different settings both secure and unsecure, users strive for simplicity so they usually use unsecure because it is easier to config. Suggestions are given on how to design security features configuration to be more user-friendly.
[russian] Security of Embedded Linux	Nice overview article in Russian on different security mechanisms in embedded systems.

IIoT

Materials on Industrial IoT

Resource	Description
ICS Basics https://www.youtube.com/c/JustinSearle/playlists https://www.youtube.com/c/controlthings	(IIoT) Large YouTube Playlist of Basic ICS Concepts and other playlists by Justin Searle (https://twitter.com/meeas). Before securing IIoT solutions it is nice to understand what are they.
https://github.com/hslatman/awesome-industrial-control-system-security	(IIoT) A curated list of resources related to Industrial Control System (ICS) security: Tools, Literature, Trainings, etc.
https://www.controlthings.io/	IIoT pentest distributive, do not forget to check out Trainings: https://www.controlthings.io/training . Distributive also contains a lots of samples and documentation that can get you started on ICS.

Radio

Materials on SDR/Radio hacking. For specific protocols see next section.

Resource	Description
https://xakep.ru/2019/06/05/sdr-interception/	[russian] Intro to SDR with list of frequencies and its purposes.
Radio Hacking: Cars, Hardware, and more! - Samy Kamkar - AppSec California 2016	Another video about radio. But this one gives great approach on brute-force of codes, so must watch.
http://websdr.org/	If you don't have SDR, this is the way to play with signals.

Wireless

Materials on Bluetooth, WiFi, etc.

Resource	Description
Bluetooth Hacking: Tools And Techniques \| Mike Ryan \| hardwear.io USA 2019	Nice intro to Bluetooth Hacking.

Microcontrollers/Hardware attacks

Resource	Description
https://xakep.ru/2020/07/15/howto-mcu/	[russian] How to on microcontrollers. General on what are most common. And when you know what are usually used, you can try to buy and play with them (reverse binaries or try to develop).
Hacker's Guide to UART Root Shells	Intro to UART.

Webinars or trainings

List of resources where you can find a trainings or webinars.

Resource	Description
hardwear.io	Webinars + Conferences + Trainings, recordings of old are available.
https://nullcon.net/website/	Also good source of trainings.
https://www.inguardians.com/resources/	Different resources from an information security consulting company.

Other Awesome materials

If this guide is kind of small for you - do not forget to check out other Awesome materials. https://github.com/V33RU/IoTSecurity101 https://github.com/to0thl3ss/IoTLinks

mvaibhavm09 / iotsecuritymaterials Goto Github PK