Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds
Practical Hardware Pentesting
Practical Hardware Pentesting

Practical Hardware Pentesting: A guide to attacking embedded systems and protecting them against the most common hardware attacks

Arrow left icon
Profile Icon Jean-Georges Valle
Arrow right icon
€18.99 per month
Full star icon Full star icon Full star icon Full star icon Half star icon 4.8 (5 Ratings)
Paperback Apr 2021 382 pages 1st Edition
eBook
€8.99 €32.99
Paperback
€41.99
Subscription
Free Trial
Renews at €18.99p/m
Arrow left icon
Profile Icon Jean-Georges Valle
Arrow right icon
€18.99 per month
Full star icon Full star icon Full star icon Full star icon Half star icon 4.8 (5 Ratings)
Paperback Apr 2021 382 pages 1st Edition
eBook
€8.99 €32.99
Paperback
€41.99
Subscription
Free Trial
Renews at €18.99p/m
eBook
€8.99 €32.99
Paperback
€41.99
Subscription
Free Trial
Renews at €18.99p/m

What do you get with a Packt Subscription?

Free for first 7 days. $19.99 p/m after that. Cancel any time!
Product feature icon Unlimited ad-free access to the largest independent learning library in tech. Access this title and thousands more!
Product feature icon 50+ new titles added per month, including many first-to-market concepts and exclusive early access to books as they are being written.
Product feature icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Product feature icon Thousands of reference materials covering every tech concept you need to stay up to date.
Subscribe now
View plans & pricing
Table of content icon View table of contents Preview book icon Preview Book

Practical Hardware Pentesting

Left arrow icon Right arrow icon
Download code icon Download Code

Key benefits

  • Explore various pentesting tools and techniques to secure your hardware infrastructure
  • Protect your hardware by finding potential entry points like glitches
  • Find the best practices for securely designing your products

Description

If you’re looking for hands-on introduction to pentesting that delivers, then Practical Hardware Pentesting is for you. This book will help you plan attacks, hack your embedded devices, and secure the hardware infrastructure. Throughout the book, you will see how a specific device works, explore the functional and security aspects, and learn how a system senses and communicates with the outside world. You’ll set up a lab from scratch and then gradually work towards an advanced hardware lab—but you’ll still be able to follow along with a basic setup. As you progress, you’ll get to grips with the global architecture of an embedded system and sniff on-board traffic, learn how to identify and formalize threats to the embedded system, and understand its relationship with its ecosystem. You’ll discover how to analyze your hardware and locate its possible system vulnerabilities before going on to explore firmware dumping, analysis, and exploitation. The reverse engineering chapter will get you thinking from an attacker point of view; you’ll understand how devices are attacked, how they are compromised, and how you can harden a device against the most common hardware attack vectors. By the end of this book, you will be well-versed with security best practices and understand how they can be implemented to secure your hardware.

Who is this book for?

If you’re a researcher or a security professional who wants a comprehensive introduction into hardware security assessment, then this book is for you. Electrical engineers who want to understand the vulnerabilities of their devices and design them with security in mind will also find this book useful. You won’t need any prior knowledge with hardware pentensting before you get started; everything you need is in the chapters.

What you will learn

  • Perform an embedded system test and identify security critical functionalities
  • Locate critical security components and buses and learn how to attack them Discover how to dump and modify stored information
  • Understand and exploit the relationship between the firmware and hardware
  • Identify and attack the security functions supported by the functional blocks of the device
  • Develop an attack lab to support advanced device analysis and attacks

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : Apr 01, 2021
Length: 382 pages
Edition : 1st
Language : English
ISBN-13 : 9781789619133
Category :

What do you get with a Packt Subscription?

Free for first 7 days. $19.99 p/m after that. Cancel any time!
Product feature icon Unlimited ad-free access to the largest independent learning library in tech. Access this title and thousands more!
Product feature icon 50+ new titles added per month, including many first-to-market concepts and exclusive early access to books as they are being written.
Product feature icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Product feature icon Thousands of reference materials covering every tech concept you need to stay up to date.
Subscribe now
View plans & pricing

Product Details

Publication date : Apr 01, 2021
Length: 382 pages
Edition : 1st
Language : English
ISBN-13 : 9781789619133
Category :

Packt Subscriptions

See our plans and pricing
Modal Close icon
€18.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
€189.99 billed annually
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just €5 each
Feature tick icon Exclusive print discounts
€264.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just €5 each
Feature tick icon Exclusive print discounts

Frequently bought together


Stars icon
Total 125.97
Practical Hardware Pentesting
€41.99
Malware Analysis Techniques
€41.99
Privilege Escalation Techniques
€41.99
Total 125.97 Stars icon
Banner background image

Table of Contents

19 Chapters
Section 1: Getting to Know the Hardware Chevron down icon Chevron up icon
Chapter 1: Setting Up Your Pentesting Lab and Ensuring Lab Safety Chevron down icon Chevron up icon
Chapter 2: Understanding Your Target Chevron down icon Chevron up icon
Chapter 3: Identifying the Components of Your Target Chevron down icon Chevron up icon
Chapter 4: Approaching and Planning the Test Chevron down icon Chevron up icon
Section 2: Attacking the Hardware Chevron down icon Chevron up icon
Chapter 5: Our Main Attack Platform Chevron down icon Chevron up icon
Chapter 6: Sniffing and Attacking the Most Common Protocols Chevron down icon Chevron up icon
Chapter 7: Extracting and Manipulating Onboard Storage Chevron down icon Chevron up icon
Chapter 8: Attacking Wi-Fi, Bluetooth, and BLE Chevron down icon Chevron up icon
Chapter 9: Software-Defined Radio Attacks Chevron down icon Chevron up icon
Section 3: Attacking the Software Chevron down icon Chevron up icon
Chapter 10: Accessing the Debug Interfaces Chevron down icon Chevron up icon
Chapter 11: Static Reverse Engineering and Analysis Chevron down icon Chevron up icon
Chapter 12: Dynamic Reverse Engineering Chevron down icon Chevron up icon
Chapter 13: Scoring and Reporting Your Vulnerabilities Chevron down icon Chevron up icon
Chapter 14: Wrapping It Up – Mitigations and Good Practices Chevron down icon Chevron up icon
Assessments Chevron down icon Chevron up icon
Other Books You May Enjoy Chevron down icon Chevron up icon

Customer reviews

Rating distribution
Full star icon Full star icon Full star icon Full star icon Half star icon 4.8
(5 Ratings)
5 star 80%
4 star 20%
3 star 0%
2 star 0%
1 star 0%
Neeraj Apr 16, 2021
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Writing the review after goning through the book in detail and also done a technical review while the book was being written. With my experience in the hadware pentest focus area, I believe this book is unique and one of it's kind for pentesters, professionals and students who are intrested in learnign and advancing their skills in the area of hardware security. Most of the market leaders/OEMs/Asset Owners are now asking for hardware pentest for their embedded/IoT products and this book covers great length and breadth of any hardware device such as thier architecture, protocols used, attack surface, pentest tools and techniques to be used, etc. The author has worked hard and given very detailed information around setting up the hardware pentesting lab and how to choose right pentest tools and attack techniques for vulnerability exploitation. This title also covers variety of practical aspects and use cases of real time hardware pentesting such as UART/JTAG exploitation, BLE/SDR exploitation, Static and Dynamic Reverse Engineering, etc. Overall the book justifies it's title "practical" with tons of practical scenarios, labs and exercises and definently recommend to folks interested in learning/advancing their hadrware security skills.
Amazon Verified review Amazon
Ryan S. Jun 28, 2021
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Practical Hardware Pentesting is written very well for those getting started with hardware hacking. Jean-Georges Valle takes a good step by step approach to helping hackers get setup and experimenting with various aspects of hardware. Throughout the book are good suggestions for tools and approaches.
Amazon Verified review Amazon
Tiny Aug 29, 2022
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Normally, I’m a strictly software guy, I know how the hardware works but don’t spend all that much time on it. However, “Practical Hardware Pentesting” Packt, by Jean-Georges Valle is a great reference and introduction to this complicated area. If once the cover comes off, you are lost, this will rebuild your basic references, tell you where to find additional information, and guide you all the way through reengineering a design for your home lab. The first section deals with setup and practical tips, the second suggests networking and interface techniques to break the hardware, and the final section links that to other tools to finish the exploitation. The first section provides a valuable refresher in what the various parts of the hardware do, if you were a little behind, and then building an appropriate setup to dive into solutions. Valle suggests all the appropriate tools, buying at different price ranges for the amateur beginner, and professional, and then suggests the pros and cons for different brands of devices. As a former intelligence professional for the Air Force, the sections on planning for the target were as good as gospel. If you haven’t done a lot of pentesting, knowing the basics of target exploitation goes a long way towards achieving a successful pen test. Almost as entertaining is the choice to use a Furby for the penetration test example subject. The middle section also is filled with gold in conducting a pen test. Each type of approach for networking, as well as the tools are covered in exhaustive detail. The code segments to drive the hardware, the interaction of the machinery, and the expected results appear at every step. The section covers how to find the memory, how to extract the memory and then the challenges associated with converting it to a usable format to find vulnerabilities. I love the references back to Wireshark, which I have used extensively with multiple tasks. He rounds this out by building on common networking interfaces and then expanding to cover Software Defined Radio interfaces. Finally, the last section covers the software interactions to hardware as well as building an effective report for your customer. Building a report seems small, but if you can’t communicate where the vulnerabilities are, what they effect, and potential fixes than you are leaving your customer in the dark. The sections on static versus dynamic analysis are invaluable from a security perspective as well as pen testing for discovering how the vulnerabilities are being executed, and their interaction with the overall system. If there was one area that was lacking, it was some of the build process for breadboarding. There are multiple diagrams and suggestions included, and architectural diagrams but my own skills in this area are lacking which probably made it more difficult for me. If I had spent a little more time with wiring and soldering tools, I probably would have been fine. Still, a chapter on the various breadboard approaches would have been useful for me. Overall, a truly excellent work. The reference sections are solid, the pen testing approaches valuable, and the whole book exceptional. Valle also recommends cheap practice by going to local flea markets and buying technological devices to crack. One of those last wishes for me would have been taking a class much earlier in my career just based on this approach to break into various devices. I’d recommend this for anyone either doing current pen testing, or hoping to break into that areas.
Amazon Verified review Amazon
Daniel May 11, 2021
Full star icon Full star icon Full star icon Full star icon Full star icon 5
The art of hardware hacking is about getting from hardware to software as quickly as possible. Unlike other aspects of computer security, such as software-based assessments, with hardware, you end up feeling overwhelmed with the sheer vastness of available components and implementations. This book takes the reader through setting up a lab that will not cost the earth and more importantly, introduces a methodology one can take to not be overwhelmed with the task at hand.Well recommended to anyone new to hardware hacking
Amazon Verified review Amazon
Cassadee Aug 30, 2021
Full star icon Full star icon Full star icon Full star icon Empty star icon 4
Practical Hardware Pentesting by Jean-Georges Valle provides a thorough introduction to understanding and hacking common electronic devices and the associated protocols that run on those devices. Its target audience is mainly security researchers who want to learn how to get started with hardware security assessments, electrical engineers who create electronic devices, and hardware hobbyists. The book is divided into three sections: Getting to Know the Hardware, Attacking the Hardware, and Attacking the Software. You’ll get a hands-on approach to hardware hacking as you’ll use specific hardware devices to perform the lab exercises, even for three of the chapters in the software section.Section 1 includes a good overview of all of the tools one needs to set up their own pen testing lab. *Spoiler Alert* A lab is estimated to cost anywhere between <500€ for a beginner lab to ~8,000€ for a professional lab. Fortunately, to perform most of the exercises in the book, you won’t need a dedicated lab.Section 1 also gives a basic overview of all of the components that make up an embedded system and how to identify and analyze those components. The author uses a Furby as an example for identifying and diagramming system components. Note, for those who are on a budget, the Furbies I found listed on eBay and Amazon cost over $100 each. Lastly, Section 1 discusses how to approach a hardware pentest; it reviews the various types of pentests, the goals of a hardware pentest, and one test methodology.Section 2 is the heart of the book that delivers what I would expect from a book about hardware pentesting. This section begins with an overview to the STM32 bluepill board, which will be used in several exercises throughout the book. It also gives a brief review of the C programming language before delving into discussions of several common hardware chips, including the protocols that run on those chips, and the various logical and physical layers within those chips. While I think these discussions are a good primer into understanding any of these chips, the author assumes that the reader already has some knowledge of the common pieces that make up these chips, such as how a chip’s clock works, or how signals work on these devices. Regardless, there are many detailed walkthroughs on how to connect and hack these devices. There are also very good supplemental materials provided on the book’s GitHub repo and YouTube page that help guide the reader through completing the exercises. Section 2 also demonstrates how to sniff and attack wireless protocols such as bluetooth, WiFi, and radio signals. For the enthusiastic reader, there are even links provided that instruct on how to build your own radio.Section 3 teaches the reader how to perform static and dynamic reverse engineering on some of the chips that were used in previous exercises in the book. It also contains a nice introduction to Ghidra, and has several examples for reversing binaries found on embedded systems. This section concludes with how to rate vulnerabilities you found during a pentest and how to discuss and report those vulnerabilities to a client.I only gave this book a four star review instead of five because of the multiple Furby examples, where a more current or “cheaper” children’s toy could have been used. Furthermore, the preface of the book states you only need a Linux OS, a bluepill board (STM32F103), Ghidra 9.2+, GCC 9+, and OpenOCD 9+. However, this is not true as to follow along with the exercises in Chapters 6 through 12, you’ll need several chips, boards, and other peripherals. I spent a bit over $100 just to complete the exercises in Chapter 6 alone. The book does not provide much guidance on where to find some of these components either (beyond “auction,” or “second-hand” sites). I understand that they don’t want to give free advertising or endorsements for non-affiliated sites, but a few of these pieces were not easy to find (as Google, eBay, and Amazon searches were not always helpful) without talking to someone who had prior knowledge of where to purchase the components.In conclusion, I enjoyed this book and learned a lot from it. The exercises were interesting and informative and the author presented the material in a straightforward manner with even a small bit of humor scattered within the book. All of the software required to complete the exercises in the book is open source and free, which is much appreciated. Practical Hardware Pentesting is a great introduction to hardware hacking and reverse engineering, and also serves as a wonderful reference to these topics.
Amazon Verified review Amazon
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

What is included in a Packt subscription? Chevron down icon Chevron up icon

A subscription provides you with full access to view all Packt and licnesed content online, this includes exclusive access to Early Access titles. Depending on the tier chosen you can also earn credits and discounts to use for owning content

How can I cancel my subscription? Chevron down icon Chevron up icon

To cancel your subscription with us simply go to the account page - found in the top right of the page or at https://subscription.packtpub.com/my-account/subscription - From here you will see the ‘cancel subscription’ button in the grey box with your subscription information in.

What are credits? Chevron down icon Chevron up icon

Credits can be earned from reading 40 section of any title within the payment cycle - a month starting from the day of subscription payment. You also earn a Credit every month if you subscribe to our annual or 18 month plans. Credits can be used to buy books DRM free, the same way that you would pay for a book. Your credits can be found in the subscription homepage - subscription.packtpub.com - clicking on ‘the my’ library dropdown and selecting ‘credits’.

What happens if an Early Access Course is cancelled? Chevron down icon Chevron up icon

Projects are rarely cancelled, but sometimes it's unavoidable. If an Early Access course is cancelled or excessively delayed, you can exchange your purchase for another course. For further details, please contact us here.

Where can I send feedback about an Early Access title? Chevron down icon Chevron up icon

If you have any feedback about the product you're reading, or Early Access in general, then please fill out a contact form here and we'll make sure the feedback gets to the right team. 

Can I download the code files for Early Access titles? Chevron down icon Chevron up icon

We try to ensure that all books in Early Access have code available to use, download, and fork on GitHub. This helps us be more agile in the development of the book, and helps keep the often changing code base of new versions and new technologies as up to date as possible. Unfortunately, however, there will be rare cases when it is not possible for us to have downloadable code samples available until publication.

When we publish the book, the code files will also be available to download from the Packt website.

How accurate is the publication date? Chevron down icon Chevron up icon

The publication date is as accurate as we can be at any point in the project. Unfortunately, delays can happen. Often those delays are out of our control, such as changes to the technology code base or delays in the tech release. We do our best to give you an accurate estimate of the publication date at any given time, and as more chapters are delivered, the more accurate the delivery date will become.

How will I know when new chapters are ready? Chevron down icon Chevron up icon

We'll let you know every time there has been an update to a course that you've bought in Early Access. You'll get an email to let you know there has been a new chapter, or a change to a previous chapter. The new chapters are automatically added to your account, so you can also check back there any time you're ready and download or read them online.

I am a Packt subscriber, do I get Early Access? Chevron down icon Chevron up icon

Yes, all Early Access content is fully available through your subscription. You will need to have a paid for or active trial subscription in order to access all titles.

How is Early Access delivered? Chevron down icon Chevron up icon

Early Access is currently only available as a PDF or through our online reader. As we make changes or add new chapters, the files in your Packt account will be updated so you can download them again or view them online immediately.

How do I buy Early Access content? Chevron down icon Chevron up icon

Early Access is a way of us getting our content to you quicker, but the method of buying the Early Access course is still the same. Just find the course you want to buy, go through the check-out steps, and you’ll get a confirmation email from us with information and a link to the relevant Early Access courses.

What is Early Access? Chevron down icon Chevron up icon

Keeping up to date with the latest technology is difficult; new versions, new frameworks, new techniques. This feature gives you a head-start to our content, as it's being created. With Early Access you'll receive each chapter as it's written, and get regular updates throughout the product's development, as well as the final course as soon as it's ready.We created Early Access as a means of giving you the information you need, as soon as it's available. As we go through the process of developing a course, 99% of it can be ready but we can't publish until that last 1% falls in to place. Early Access helps to unlock the potential of our content early, to help you start your learning when you need it most. You not only get access to every chapter as it's delivered, edited, and updated, but you'll also get the finalized, DRM-free product to download in any format you want when it's published. As a member of Packt, you'll also be eligible for our exclusive offers, including a free course every day, and discounts on new and popular titles.