Iot Penetration Testing Cookbook

Aaron Guzman, Aditya Gupta

買這商品的人也買了...

商品描述

Over 80 recipes to master IoT security techniques. About This Book * Identify vulnerabilities in IoT device architectures and firmware using software and hardware pentesting techniques * Understand radio communication analysis with concepts such as sniffing the air and capturing radio signals * A recipe based guide that will teach you to pentest new and unique set of IoT devices. Who This Book Is For This book targets IoT developers, IoT enthusiasts, pentesters, and security professionals who are interested in learning about IoT security. Prior knowledge of basic pentesting would be beneficial. What You Will Learn * Set up an IoT pentesting lab * Explore various threat modeling concepts * Exhibit the ability to analyze and exploit firmware vulnerabilities * Demonstrate the automation of application binary analysis for iOS and Android using MobSF * Set up a Burp Suite and use it for web app testing * Identify UART and JTAG pinouts, solder headers, and hardware debugging * Get solutions to common wireless protocols * Explore the mobile security and firmware best practices * Master various advanced IoT exploitation techniques and security automation In Detail IoT is an upcoming trend in the IT industry today; there are a lot of IoT devices on the market, but there is a minimal understanding of how to safeguard them. If you are a security enthusiast or pentester, this book will help you understand how to exploit and secure IoT devices. This book follows a recipe-based approach, giving you practical experience in securing upcoming smart devices. It starts with practical recipes on how to analyze IoT device architectures and identify vulnerabilities. Then, it focuses on enhancing your pentesting skill set, teaching you how to exploit a vulnerable IoT device, along with identifying vulnerabilities in IoT device firmware. Next, this book teaches you how to secure embedded devices and exploit smart devices with hardware techniques. Moving forward, this book reveals advanced hardware pentesting techniques, along with software-defined, radio-based IoT pentesting with Zigbee and Z-Wave. Finally, this book also covers how to use new and unique pentesting techniques for different IoT devices, along with smart devices connected to the cloud. By the end of this book, you will have a fair understanding of how to use different pentesting techniques to exploit and secure various IoT devices. Style and approach This recipe-based book will teach you how to use advanced IoT exploitation and security automation.

商品描述(中文翻譯)

超過80個食譜,以掌握物聯網安全技術。關於本書: * 使用軟體和硬體滲透測試技術,識別物聯網設備架構和韌體中的漏洞 * 了解無線通訊分析,如嗅探空氣和捕獲無線電信號 * 一本以食譜為基礎的指南,將教您滲透測試新型和獨特的物聯網設備。本書適合對物聯網安全感興趣的物聯網開發人員、愛好者、滲透測試人員和安全專業人員。具備基本滲透測試知識將有所助益。您將學到什麼: * 建立物聯網滲透測試實驗室 * 探索各種威脅建模概念 * 展示分析和利用韌體漏洞的能力 * 示範使用MobSF進行iOS和Android應用程式二進制分析的自動化 * 建立Burp Suite並用於網頁應用程式測試 * 識別UART和JTAG引腳配置、焊接標頭和硬體調試 * 獲取常見無線協議的解決方案 * 探索移動安全和韌體最佳實踐 * 掌握各種高級物聯網滲透測試技術和安全自動化詳細內容: 物聯網是當今IT行業的一個新興趨勢;市場上有很多物聯網設備,但對如何保護它們的理解很少。如果您是安全愛好者或滲透測試人員,本書將幫助您了解如何利用和保護物聯網設備。本書採用食譜式的方法,讓您在保護即將推出的智能設備方面獲得實際經驗。它從實際的食譜開始,教您如何分析物聯網設備架構並識別漏洞。然後,它專注於提升您的滲透測試技能,教您如何利用易受攻擊的物聯網設備,以及識別物聯網設備韌體中的漏洞。接下來,本書教您如何使用硬體技術保護嵌入式設備並利用智能設備。隨著內容的進展,本書揭示了高級硬體滲透測試技術,以及使用Zigbee和Z-Wave進行基於軟體定義無線電的物聯網滲透測試。最後,本書還介紹了如何使用不同的滲透測試技術來利用和保護不同的物聯網設備,以及連接到雲端的智能設備。通過閱讀本書,您將對如何使用不同的滲透測試技術來利用和保護各種物聯網設備有一個相對了解。風格和方法: 本書以食譜式的方式教您如何使用高級物聯網滲透測試和安全自動化技術。