The definitive guide to hacking the world of the Internet of Things (IoT) -- Internet connected
devices such as medical devices home assistants smart home appliances and more. Geared
towards security researchers IT teams and penetration testers application testers
developers and IT administrators this book teaches readers how to get started with hacking
Internet connected devices. Readers dig deep into technical (and related legal) issues as they
learn what kinds of devices to use as hacking tools and which make the best targets. The
authors all experts in the field cover the kinds of vulnerabilities found in IoT devices
explain how to exploit their network protocols and how to leverage security flaws and certain
hardware interfaces found in the physical devices themselves. The book begins with threat
modeling and a security testing methodology then covers how to attack hardware interfaces such
as UART IᄇC SPI JTAG SWD and IoT network protocols like UPnP WS-Discovery mDNS DNS-SD
RTSP RTCP RTP LoRa LoRaWAN Wi-Fi Wi-Fi Direct RFID NFC BLE MQTT CDP and DICOM.
Examples throughout offer custom code designed to demonstrate specific vulnerabilities and
tools to help readers reproduce the attacks. Practical IoT Hacking is full of practical
exercises and hands-on examples taken from the authors' own research that teach readers things
like how to bypass the authentication of an STM32F103 device (black pill) through SWD reverse
firmware exploit zero-configuration networking use low-cost equipment to capture LoRa network
traffic analyze IoT companion mobile apps take over and remotely control an Android based
treadmill jam wireless devices such as home alarm systems hijack Bluetooth Low Energy
connections and how to circumvent modern RFID and NFC enabled smart door locks.
