IoT Pentesting Approach Part-1

Hello everyone ,

Many Of you having a question how to start pentesting the IoT’s ,

With My experience I’m writing an approach Pentesting IoT’s

Pentesting Surfaces:

  1. Network
  2. Application Web, iOS, Android
  3. wireless communication
  4. Firmware
  5. Hardware

Network: An IoT environment runs on and is updated over a network, such as the Internet, MQTT, 802.11.15.4, etc others.

Applications: IoT applications manage device- Web App, Mobile App,, and they can be web apps, mobile apps, or APIs (SOAP, REST – Web services).

Wireless communication: BLE, 4G, LTE, Zigbee, LoRA, WiFi

Firmware: This is the device’s software and operating system.

Hardware: This is the IoT device hardware (Chip, such as a chip set, Storage, JTAG, UART, Spi And I2C ports, Sensors, Camera etc.

Testing Approach:

Network:

  1. Open Ports
  2. Checking the Versions off running services
  3. insecure communications

Applications:

  1. front-end web
  2. back-end web
  3. iOS app
  4. Android App
  5. Web services

Wireless Communication:

  1. PenTesting BLE (Bluetooth Low Energy)
  2. PenTesting Zigbee
  3. PenTesting Zwave
  4. PenTesting WiFi (Wireless Fidelity)
  5. PenTesting Lo-Ra
  6. PenTesting 4G

Firmware:

  1. checking hard coded data
  2. pull out file system and analyzing
  3. sensitive data identification
  4. checking encryption
  5. backdoor
  6. API tokens & End Points
  7. reverse engineering

Hardware:

  1. Identifying the pins like JTAG, Spi, UART, I2C
  2. Pulling firmware from the hardware
  3. shell access with open pins
  4. dechipping attack
  5. USB Attacking
*****
When solving problems dig @ roots, instead of just hacking at the leaves.
made with ☕ and 🛠️