Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
IoT Penetration Testing Cookbook
IoT Penetration Testing Cookbook

IoT Penetration Testing Cookbook: Identify vulnerabilities and secure your smart devices

eBook
AU$14.99 AU$48.99
Paperback
AU$60.99
Subscription
Free Trial
Renews at AU$24.99p/m

What do you get with a Packt Subscription?

Free for first 7 days. $24.99 p/m after that. Cancel any time!
Product feature icon Unlimited ad-free access to the largest independent learning library in tech. Access this title and thousands more!
Product feature icon 50+ new titles added per month, including many first-to-market concepts and exclusive early access to books as they are being written.
Product feature icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Product feature icon Thousands of reference materials covering every tech concept you need to stay up to date.
Subscribe now
View plans & pricing
Table of content icon View table of contents Preview book icon Preview Book

IoT Penetration Testing Cookbook

IoT Threat Modeling

In this chapter, we will cover the following recipes:

  • Getting familiar with thread modeling concepts
  • Anatomy of threat modeling a device
  • Threat modeling firmware
  • Threat modeling an IoT web application
  • Threat modeling an IoT mobile application
  • Threat modeling IoT device hardware
  • Threat modeling IoT radio communication

Introduction

Whether you have a software development background or system and networking background, you may be familiar with attack surfaces or vectors within each respective area. Attack surfaces refer to the many ways in which a device can be compromised via a source of input. This source of input may be via hardware, software, or wirelessly. Generally speaking, the more attack surfaces a device contains, the higher the likelihood of compromise. Attack surfaces are entry points into the IoT device. Sometimes, these entry points are inherently trusted by the IoT device or application. Each attack surface discovered will have an associated risk, likelihood, and impact. In essence, attack surfaces are threats which have the potential to negatively affect a device to perform unintended actions. In order to discover each attack surface, theoretical use cases will need to be thought...

Getting familiar with threat modeling concepts

Threat modeling is more or less associated with software development as an exercise that occurs after the software design phase but prior to software deployment. These exercises are known to take place in software development, system, network, and security teams upon major software releases by either drawing a full end-to-end data flow diagram or a data flow and network diagram to determine how to employ security controls and countermeasures. These drawings can be physically on a white board or via software tools such as Microsoft's free Threat Modeling Tool and web applications such as https://draw.io which have a number of template diagrams that can be used for a variety of purposes. The idea is to map out all of the device's functionalities and features to their associated technical dependencies. It is up to the company...

Anatomy of threat modeling an IoT device

In 2016, we witnessed mass exploitation of IoT devices that consisted of IP cameras and digital video recorders (DVRs) that contributed to the world's largest distributed denial of service (DDoS) ever recorded. This DDoS was possible due to vendor negligence that could have been prevented by basic threat model exercises. Considering the prevalence of these types of devices on the internet and the risk they pose to the internet, we will conduct a threat modeling exercise and walk through the threat modeling process for a connected DVR IP camera security system. These connected security systems can be purchased by consumers or small/medium size businesses via e-commerce sites as well as through a number of electronic stores for a fairly low price. Connected DVRs are a good example of an IoT system because they contain a number of entry...

Threat modeling firmware

In the previous recipe, we conducted a threat model of a DVR system and rated a threat case that would help with prioritizing vulnerabilities to test. In this recipe, we will go through threat modeling firmware for the same DVR system.

Getting ready

In this exercise, we will use the free https://draw.io online diagram software to help with demonstrating relationships in diagrams within firmware. This tool is a Chrome app and ties to third-party services for storage such as Google Drive or GitHub. We can draw relationships and processes that overlap, which is not possible in the Microsoft tool. Any tool that can effectively draw the architecture with their respective relationships of the target device...

Threat modeling of an IoT web application

Continuing our threat modeling exercises for our DVR, we will work on breaking down its web applications. Our DVR contains two types of web applications. One web application is embedded, running off of the DVR itself. The second web application is a SaaS application provided by the vendor for remote access to the DVR and its camera feeds.

The SaaS application accesses the embedded DVR within the LAN. We have a better sense of what runs on the embedded web application locally on the DVR rather than the vendor SaaS application. Earlier in the chapter, we did mention some technologies utilized for the vendor web application but no additional information is known at this time. We will start by drawing out the architecture of the embedded web application and touch on the vendor SaaS application in the threats section rather than drawing its...

Threat modeling an IoT mobile application

For our next threat modeling exercise, we will examine IoT mobile applications for our DVR system. This DVR system (like many others in IoT) has several mobile applications available developed by resellers and different OEMs. For demonstration purposes, we will only threat model one Android and one iOS application.

How to do it...

Since we have the majority of our data flow diagrams created from previous recipes, we will continue to use the same Microsoft Threat Modeling Tool for this recipe.

Step 1: Creating an architecture overview and decomposition

...

Introduction


Whether you have a software development background or system and networking background, you may be familiar with attack surfaces or vectors within each respective area. Attack surfaces refer to the many ways in which a device can be compromised via a source of input. This source of input may be via hardware, software, or wirelessly. Generally speaking, the more attack surfaces a device contains, the higher the likelihood of compromise. Attack surfaces are entry points into the IoT device. Sometimes, these entry points are inherently trusted by the IoT device or application. Each attack surface discovered will have an associated risk, likelihood, and impact. In essence, attack surfaces are threats which have the potential to negatively affect a device to perform unintended actions. In order to discover each attack surface, theoretical use cases will need to be thought of before testing has taken place, or before software is written. This exercise is known as threat modeling.

This...

Getting familiar with threat modeling concepts


Threat modeling is more or less associated with software development as an exercise that occurs after the software design phase but prior to software deployment. These exercises are known to take place in software development, system, network, and security teams upon major software releases by either drawing a full end-to-end data flow diagram or a data flow and network diagram to determine how to employ security controls and countermeasures. These drawings can be physically on a white board or via software tools such as Microsoft's free Threat Modeling Tool and web applications such as https://draw.io which have a number of template diagrams that can be used for a variety of purposes. The idea is to map out all of the device's functionalities and features to their associated technical dependencies. It is up to the company or individual how threat model formats are drawn out. Keep in mind that threat models can get really granular when breaking...

Left arrow icon Right arrow icon
Download code icon Download Code

Key benefits

  • Identify vulnerabilities in IoT device architectures and firmware using software and hardware pentesting techniques
  • Understand radio communication analysis with concepts such as sniffing the air and capturing radio signals
  • A recipe based guide that will teach you to pentest new and unique set of IoT devices.

Description

IoT is an upcoming trend in the IT industry today; there are a lot of IoT devices on the market, but there is a minimal understanding of how to safeguard them. If you are a security enthusiast or pentester, this book will help you understand how to exploit and secure IoT devices. This book follows a recipe-based approach, giving you practical experience in securing upcoming smart devices. It starts with practical recipes on how to analyze IoT device architectures and identify vulnerabilities. Then, it focuses on enhancing your pentesting skill set, teaching you how to exploit a vulnerable IoT device, along with identifying vulnerabilities in IoT device firmware. Next, this book teaches you how to secure embedded devices and exploit smart devices with hardware techniques. Moving forward, this book reveals advanced hardware pentesting techniques, along with software-defined, radio-based IoT pentesting with Zigbee and Z-Wave. Finally, this book also covers how to use new and unique pentesting techniques for different IoT devices, along with smart devices connected to the cloud. By the end of this book, you will have a fair understanding of how to use different pentesting techniques to exploit and secure various IoT devices.

Who is this book for?

This book targets IoT developers, IoT enthusiasts, pentesters, and security professionals who are interested in learning about IoT security. Prior knowledge of basic pentesting would be beneficial.

What you will learn

  • Set up an IoT pentesting lab
  • Explore various threat modeling concepts
  • Exhibit the ability to analyze and exploit firmware vulnerabilities
  • Demonstrate the automation of application binary analysis for iOS and Android using MobSF
  • Set up a Burp Suite and use it for web app testing
  • Identify UART and JTAG pinouts, solder headers, and hardware debugging
  • Get solutions to common wireless protocols
  • Explore the mobile security and firmware best practices
  • Master various advanced IoT exploitation techniques and security automation

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : Nov 29, 2017
Length: 452 pages
Edition : 1st
Language : English
ISBN-13 : 9781787280571
Category :
Languages :
Tools :

What do you get with a Packt Subscription?

Free for first 7 days. $24.99 p/m after that. Cancel any time!
Product feature icon Unlimited ad-free access to the largest independent learning library in tech. Access this title and thousands more!
Product feature icon 50+ new titles added per month, including many first-to-market concepts and exclusive early access to books as they are being written.
Product feature icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Product feature icon Thousands of reference materials covering every tech concept you need to stay up to date.
Subscribe now
View plans & pricing

Product Details

Publication date : Nov 29, 2017
Length: 452 pages
Edition : 1st
Language : English
ISBN-13 : 9781787280571
Category :
Languages :
Tools :

Packt Subscriptions

See our plans and pricing
Modal Close icon
AU$24.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
AU$249.99 billed annually
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just AU$5 each
Feature tick icon Exclusive print discounts
AU$349.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just AU$5 each
Feature tick icon Exclusive print discounts

Frequently bought together


Stars icon
Total AU$ 201.97
IoT Penetration Testing Cookbook
AU$60.99
Python Penetration Testing Cookbook
AU$53.99
Industrial Cybersecurity
AU$86.99
Total AU$ 201.97 Stars icon
Banner background image

Table of Contents

11 Chapters
IoT Penetration Testing Chevron down icon Chevron up icon
IoT Threat Modeling Chevron down icon Chevron up icon
Analyzing and Exploiting Firmware Chevron down icon Chevron up icon
Exploitation of Embedded Web Applications Chevron down icon Chevron up icon
Exploiting IoT Mobile Applications Chevron down icon Chevron up icon
IoT Device Hacking Chevron down icon Chevron up icon
Radio Hacking Chevron down icon Chevron up icon
Firmware Security Best Practices Chevron down icon Chevron up icon
Mobile Security Best Practices Chevron down icon Chevron up icon
Securing Hardware Chevron down icon Chevron up icon
Advanced IoT Exploitation and Security Automation Chevron down icon Chevron up icon

Customer reviews

Rating distribution
Full star icon Full star icon Full star icon Half star icon Empty star icon 3.4
(5 Ratings)
5 star 40%
4 star 0%
3 star 40%
2 star 0%
1 star 20%
Amazon Customer Jan 12, 2018
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Awesome book that is full of practical examples for penetration testing of IoT devices and applications.
Amazon Verified review Amazon
Amazon Customer Dec 26, 2017
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Great content.
Amazon Verified review Amazon
Amazon Customer Apr 14, 2018
Full star icon Full star icon Full star icon Empty star icon Empty star icon 3
good read, something's work, but works better if you buy their products to do some of the test. kind of defeats the purpose if you plan on doing PEN test. but good knowledge, would recommend.
Amazon Verified review Amazon
0xFF7 Jun 19, 2018
Full star icon Full star icon Full star icon Empty star icon Empty star icon 3
The information is good however I wish there was a bit more about the hardware side of things and less on mobile as there's tons of books on mobile app exploitation yet not many on hardware hacking. My only real complaint is the picture quality. As you can see in the picture I provided they're very dark and with pictures like this one you can't even read the writing or make out any of the details rendering the picture pretty useless.
Amazon Verified review Amazon
prince Apr 05, 2018
Full star icon Empty star icon Empty star icon Empty star icon Empty star icon 1
Again another horrible book written by the author. Really all the material out in the book is available for free out there. All the book teaches is soldering a couple of things from hardware perspective which you can learn from a large number of youtibe tutorials as well as sniffing wireless communications which is also out there in form of tutorials on youtbe, security tube, etc. Reall, I feel duped buying books of this author. I ended up finally returning both the books from the author.
Amazon Verified review Amazon
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

What is included in a Packt subscription? Chevron down icon Chevron up icon

A subscription provides you with full access to view all Packt and licnesed content online, this includes exclusive access to Early Access titles. Depending on the tier chosen you can also earn credits and discounts to use for owning content

How can I cancel my subscription? Chevron down icon Chevron up icon

To cancel your subscription with us simply go to the account page - found in the top right of the page or at https://subscription.packtpub.com/my-account/subscription - From here you will see the ‘cancel subscription’ button in the grey box with your subscription information in.

What are credits? Chevron down icon Chevron up icon

Credits can be earned from reading 40 section of any title within the payment cycle - a month starting from the day of subscription payment. You also earn a Credit every month if you subscribe to our annual or 18 month plans. Credits can be used to buy books DRM free, the same way that you would pay for a book. Your credits can be found in the subscription homepage - subscription.packtpub.com - clicking on ‘the my’ library dropdown and selecting ‘credits’.

What happens if an Early Access Course is cancelled? Chevron down icon Chevron up icon

Projects are rarely cancelled, but sometimes it's unavoidable. If an Early Access course is cancelled or excessively delayed, you can exchange your purchase for another course. For further details, please contact us here.

Where can I send feedback about an Early Access title? Chevron down icon Chevron up icon

If you have any feedback about the product you're reading, or Early Access in general, then please fill out a contact form here and we'll make sure the feedback gets to the right team. 

Can I download the code files for Early Access titles? Chevron down icon Chevron up icon

We try to ensure that all books in Early Access have code available to use, download, and fork on GitHub. This helps us be more agile in the development of the book, and helps keep the often changing code base of new versions and new technologies as up to date as possible. Unfortunately, however, there will be rare cases when it is not possible for us to have downloadable code samples available until publication.

When we publish the book, the code files will also be available to download from the Packt website.

How accurate is the publication date? Chevron down icon Chevron up icon

The publication date is as accurate as we can be at any point in the project. Unfortunately, delays can happen. Often those delays are out of our control, such as changes to the technology code base or delays in the tech release. We do our best to give you an accurate estimate of the publication date at any given time, and as more chapters are delivered, the more accurate the delivery date will become.

How will I know when new chapters are ready? Chevron down icon Chevron up icon

We'll let you know every time there has been an update to a course that you've bought in Early Access. You'll get an email to let you know there has been a new chapter, or a change to a previous chapter. The new chapters are automatically added to your account, so you can also check back there any time you're ready and download or read them online.

I am a Packt subscriber, do I get Early Access? Chevron down icon Chevron up icon

Yes, all Early Access content is fully available through your subscription. You will need to have a paid for or active trial subscription in order to access all titles.

How is Early Access delivered? Chevron down icon Chevron up icon

Early Access is currently only available as a PDF or through our online reader. As we make changes or add new chapters, the files in your Packt account will be updated so you can download them again or view them online immediately.

How do I buy Early Access content? Chevron down icon Chevron up icon

Early Access is a way of us getting our content to you quicker, but the method of buying the Early Access course is still the same. Just find the course you want to buy, go through the check-out steps, and you’ll get a confirmation email from us with information and a link to the relevant Early Access courses.

What is Early Access? Chevron down icon Chevron up icon

Keeping up to date with the latest technology is difficult; new versions, new frameworks, new techniques. This feature gives you a head-start to our content, as it's being created. With Early Access you'll receive each chapter as it's written, and get regular updates throughout the product's development, as well as the final course as soon as it's ready.We created Early Access as a means of giving you the information you need, as soon as it's available. As we go through the process of developing a course, 99% of it can be ready but we can't publish until that last 1% falls in to place. Early Access helps to unlock the potential of our content early, to help you start your learning when you need it most. You not only get access to every chapter as it's delivered, edited, and updated, but you'll also get the finalized, DRM-free product to download in any format you want when it's published. As a member of Packt, you'll also be eligible for our exclusive offers, including a free course every day, and discounts on new and popular titles.