You're reading from Practical Hardware Pentesting A guide to attacking embedded systems and protecting them against the most common hardware attacks

Product type Paperback

Published in Apr 2021

Publisher Packt

ISBN-13 9781789619133

Length 382 pages

Edition 1st Edition

Tools

Embedded Systems

Concepts

Embedded Systems

Author (1):

Jean-Georges Valle

Preface

1. Section 1: Getting to Know the Hardware

2. Chapter 1: Setting Up Your Pentesting Lab and Ensuring Lab Safety FREE CHAPTER

3. Chapter 2: Understanding Your Target

4. Chapter 3: Identifying the Components of Your Target

5. Chapter 4: Approaching and Planning the Test

6. Section 2: Attacking the Hardware

7. Chapter 5: Our Main Attack Platform

8. Chapter 6: Sniffing and Attacking the Most Common Protocols

9. Chapter 7: Extracting and Manipulating Onboard Storage

10. Chapter 8: Attacking Wi-Fi, Bluetooth, and BLE

11. Chapter 9: Software-Defined Radio Attacks

12. Section 3: Attacking the Software

13. Chapter 10: Accessing the Debug Interfaces

14. Chapter 11: Static Reverse Engineering and Analysis

15. Chapter 12: Dynamic Reverse Engineering

16. Chapter 13: Scoring and Reporting Your Vulnerabilities

17. Chapter 14: Wrapping It Up – Mitigations and Good Practices

18. Assessments

19. Other Books You May Enjoy

Chapter 13

This is an example of a matrix (the company is accepting a much higher overall risk level):
1 is considered as irrelevant, 2-3 low, 4-5 medium, 6-7 high, and 8, 9, and 10 as critical.
This is an example of a matrix where we reflect the possibility of a more refined attacker by reducing the impact of complexity on the reduction of the final risk (that is, the attacker is more skilled and can pull off more complex attacks easily):
This is to avoid the client artificially changing the scales in order to lower the scoring of vulnerabilities that they consider annoying to fix or remediate.
In order for you to have an internal party at the client that is acting as a neutral party (that is, compliance has no conflict of interest with the technical implementation team when it comes to do things properly) and usually have a much stricter approach to regulation compliance than the business.