Overview

Written by all-star security experts, Practical IoT Hacking is a quick-start conceptual guide to testing and exploiting IoT systems and devices. Written by all-star security experts, Practical IoT Hacking is a quick-start conceptual guide to testing and exploiting IoT systems and devices. Drawing from the real-life exploits of five highly regarded IoT security researchers, Practical IoT Hacking teaches you how to test IoT systems, devices, and protocols to mitigate risk. The book begins by walking you through common threats and a threat modeling framework. You'll develop a security testing methodology, discover the art of passive reconnaissance, and assess security on all layers of an IoT system. Next, you'll perform VLAN hopping, crack MQTT authentication, abuse UPnP, develop an mDNS poisoner, and craft WS-Discovery attacks. You'll tackle both hardware hacking and radio hacking, with in-depth coverage of attacks against embedded IoT devices and RFID systems. You'll also learn how to- Write a DICOM service scanner as an NSE module Hack a microcontroller through the UART and SWD interfaces Reverse engineer firmware and analyze mobile companion apps Develop an NFC fuzzer using Proxmark3 Hack a smart home by jamming wireless alarms, playing back IP camera feeds, and controlling a smart treadmill The tools and devices you'll use are affordable and readily available, so you can easily practice what you learn. Whether you're a security researcher, IT team member, or hacking hobbyist, you'll find Practical IoT Hacking indispensable in your efforts to hack all the things REQUIREMENTS- Basic knowledge of Linux command line, TCP/IP, and programming

Full Product Details

9781718500907

Table of Contents

Reviews

I recommend this book to anyone technical who manufactures IoT devices or anyone with IoT devices in their homes or enterprise. At a time when securing our systems and protecting our information has never been more important, this book hits the mark. --Dave Kennedy, founder of TrustedSec, Binary Defense This book is everything you would want to learn from the subject masters--it is an authoritative and a precious resource that both IoT security researchers and developers will want keep close by. I recommend this book for anyone interested in making IoT more secure. --John Moor, Managing Director, IoT Security Foundation The authors provide a simple, effective and structured approach to hacking IoT, covering the major attack surface of the ecosystem. --Aseem Jakhar, Author of EXPLIoT Framework and Co-Founder Payatu Practical IoT Hacking is an essential guide to get an understanding on how the world around you works. This is a must have book to add to your hardware hacking arsenal. --Craig Smith, author of the Car Hacker's Handbook Practical IoT Hacking gracefully takes on the herculean task of introducing an organized approach to IoT device security with an end to end, accessible and actionable set of guidance and tool recommendations. A wide range of stakeholders in IoT product development and manufacturing would benefit from applying this knowledge early and often. I would recommend this book as a required reference for anyone involved in IoT device design, or even for personal awareness of data privacy and security for technically oriented users. --J. Metzger, Director of Cybersecurity, implanted and wireless data medical device manufacturer What I really like about this book is that it is useful for a wide ranging audience: students interested in IT security, people who are interested in securing their home network, and professionals who want to learn how to hack and secure new IoT devices for their colleagues or customers. This book deserves a place on your (digital) bookshelf. --Stef van Dop, KPN REDteam I'm so thrilled to see this book available to people to take the high level 'IoT security is important' and turn it into a practical guide to hack these devices in an effort to expose the security issues we must address as a community. The authors are immediately credible on the topic, the content is superbly approachable, and it's obvious this book and its readers will have a meaningful positive impact on the topic. --Robert M. Lee, CEO and Co-Founder of Dragos, Inc. and Senior SANS Instructor This incredible resource provides comprehensive, hands-on information on everything from security nuances in IoT devices and ecosystems, to ethical disclosure of vulnerabilities, and even the application of anti-hacking laws. We may joke about the absurdity of Internet-connected toasters and dog dishes, but lack of IoT security can mean real physical consequences. For those who would test and secure the rising tide of digitally-enabled physical objects, this is the book for you. --Harley Geiger, Senior Director of Public Policy, Rapid 7 Practical IoT Hacking is an exciting book and a fantastic resource for anyone interested in hardware hacking--from amateur to professional. Chapter by chapter, the authors peel away layers of complexity and demonstrate the tools and techniques used to assess the security of IoT systems. Most importantly, the book introduces an IoT testing framework that walks readers through not only the technical 'how' but the context of 'what' and 'why' as well. --T. Miklas, Head of Penetration Testing at a global bank As attack surfaces go, IoT presents the most dynamic, rapid, and intimate expansion of the cyber domain into our daily and professional lives. This book recognizes the opportunities and risks of this expansion and delivers a comprehensive resource to address them. Practically laid out into progressive areas of exploration and focus, this book will be a learning blueprint for IoT security newcomers, a reference for those already working in it day-to-day, and a security roadmap for those working in IoT design and defense. Highly recommended! --Casey Ellis, Founder/Chairman/CTO, BugCrowd Wonderful depth and breadth in the book; I hope you all consider pre-ordering if you're keen on IoT security & research! --Mark Stanislav, Information Security Architect at Cisco

Practical IoT Hacking isn't just another security book: it's a philosophy on security testing and how we need to change our views on connected devices within our homes and enterprise to build a better model for protecting ourselves. . . . This book aims to change how we do security testing in most organizations and to help build a better understanding of our risks, including IoT testing as part of that process. I recommend this book to anyone technical who manufactures IoT devices or anyone with IoT devices in their homes or enterprise. At a time when securing our systems and protecting our information has never been more important, this book hits the mark. I'm truly excited for this book, seeing the work that was put into it, and I know it will help us design a more secure IoT infrastructure in the future. -Dave Kennedy, founder of TrustedSec, Binary Defense

I recommend this book to anyone technical who manufactures IoT devices or anyone with IoT devices in their homes or enterprise. At a time when securing our systems and protecting our information has never been more important, this book hits the mark. --Dave Kennedy, founder of TrustedSec, Binary Defense This book is everything you would want to learn from the subject masters--it is an authoritative and a precious resource that both IoT security researchers and developers will want keep close by. I recommend this book for anyone interested in making IoT more secure. --John Moor, Managing Director, IoT Security Foundation The authors provide a simple, effective and structured approach to hacking IoT, covering the major attack surface of the ecosystem. --Aseem Jakhar, Author of EXPLIoT Framework and Co-Founder Payatu Practical IoT Hacking is an essential guide to get an understanding on how the world around you works. This is a must have book to add to your hardware hacking arsenal. --Craig Smith, author of the Car Hacker's Handbook

Practical IoT Hacking isn't just another security book: it's a philosophy on security testing and how we need to change our views on connected devices within our homes and enterprise to build a better model for protecting ourselves. . . . This book aims to change how we do security testing in most organizations and to help build a better understanding of our risks, including IoT testing as part of that process. I recommend this book to anyone technical who manufactures IoT devices or anyone with IoT devices in their homes or enterprise. At a time when securing our systems and protecting our information has never been more important, this book hits the mark. I'm truly excited for this book, seeing the work that was put into it, and I know it will help us design a more secure IoT infrastructure in the future. --Dave Kennedy, founder of TrustedSec, Binary Defense

I recommend this book to anyone technical who manufactures IoT devices or anyone with IoT devices in their homes or enterprise. At a time when securing our systems and protecting our information has never been more important, this book hits the mark. -Dave Kennedy, founder of TrustedSec, Binary Defense This book is everything you would want to learn from the subject masters-it is an authoritative and a precious resource that both IoT security researchers and developers will want keep close by. I recommend this book for anyone interested in making IoT more secure. -John Moor, Managing Director, IoT Security Foundation The authors provide a simple, effective and structured approach to hacking IoT, covering the major attack surface of the ecosystem. -Aseem Jakhar, Author of EXPLIoT Framework and Co-Founder Payatu Practical IoT Hacking is an essential guide to get an understanding on how the world around you works. This is a must have book to add to your hardware hacking arsenal. -Craig Smith, author of the Car Hacker's Handbook Practical IoT Hacking gracefully takes on the herculean task of introducing an organized approach to IoT device security with an end to end, accessible and actionable set of guidance and tool recommendations. A wide range of stakeholders in IoT product development and manufacturing would benefit from applying this knowledge early and often. I would recommend this book as a required reference for anyone involved in IoT device design, or even for personal awareness of data privacy and security for technically oriented users. -J. Metzger, Director of Cybersecurity, implanted and wireless data medical device manufacturer What I really like about this book is that it is useful for a wide ranging audience: students interested in IT security, people who are interested in securing their home network, and professionals who want to learn how to hack and secure new IoT devices for their colleagues or customers. This book deserves a place on your (digital) bookshelf. -Stef van Dop, KPN REDteam I'm so thrilled to see this book available to people to take the high level 'IoT security is important' and turn it into a practical guide to hack these devices in an effort to expose the security issues we must address as a community. The authors are immediately credible on the topic, the content is superbly approachable, and it's obvious this book and its readers will have a meaningful positive impact on the topic. -Robert M. Lee, CEO and Co-Founder of Dragos, Inc. and Senior SANS Instructor This incredible resource provides comprehensive, hands-on information on everything from security nuances in IoT devices and ecosystems, to ethical disclosure of vulnerabilities, and even the application of anti-hacking laws. We may joke about the absurdity of Internet-connected toasters and dog dishes, but lack of IoT security can mean real physical consequences. For those who would test and secure the rising tide of digitally-enabled physical objects, this is the book for you. -Harley Geiger, Senior Director of Public Policy, Rapid 7 Practical IoT Hacking is an exciting book and a fantastic resource for anyone interested in hardware hacking-from amateur to professional. Chapter by chapter, the authors peel away layers of complexity and demonstrate the tools and techniques used to assess the security of IoT systems. Most importantly, the book introduces an IoT testing framework that walks readers through not only the technical 'how' but the context of 'what' and 'why' as well. -T. Miklas, Head of Penetration Testing at a global bank As attack surfaces go, IoT presents the most dynamic, rapid, and intimate expansion of the cyber domain into our daily and professional lives. This book recognizes the opportunities and risks of this expansion and delivers a comprehensive resource to address them. Practically laid out into progressive areas of exploration and focus, this book will be a learning blueprint for IoT security newcomers, a reference for those already working in it day-to-day, and a security roadmap for those working in IoT design and defense. Highly recommended! -Casey Ellis, Founder/Chairman/CTO, BugCrowd Wonderful depth and breadth in the book; I hope you all consider pre-ordering if you're keen on IoT security & research! -Mark Stanislav, Information Security Architect at Cisco Presented in a thorough and comprehensive fashion, this book is approachable by readers with a wide range of technical abilities. By shining much needed light on the wide attack surface and many technical aspects involved in hacking all connected things, the foundation of knowledge provided by this book should help in ensuring future devices are built to be secure by design. This book should be required reading for anyone interested in connected device security. -Marc Rogers, Security Researcher Whether you're deploying, defending or learning to attack IoT devices, this book provides valuable insight into the tactics and techniques attackers use to compromise these devices. -CEO, BRK Security An excellent book to get you started on IoT hacking . . . definitely a must-read. -Electronic Cats The best resource that is currently available to get you from zero knowledge to a competent IoT security researcher. . . . this is the most complete IoT hacking book to get someone with no knowledge of the domain or even a seasoned professional, and elevate them to level where they won't just feel comfortable performing IoT security research, but they'd also have all the required skills to do so. -Xorl I really recommend it, both for those who 'play' with IoT devices in their homes, and for those who must audit these devices as part of their work. -Jaime Andres Restrepo - CEO, DragonJAR.org It's a comprehensive book, and it's an important topic. . . . full of useful examples. -Robert Vamosi, The Hacker Mind Filled with tutorials and technical knowledge, this is a must-have resource for organizations who want to [improve] their IoT security readiness. -Daniel Hein, Solutions Review For someone who wants to take a breath of fresh air and do something interesting. -Cristi Vlad, YouTuber All of the authors contribute their considerable expertise in cybersecurity to this book, which helps you reconceptualize threats to the IoT. -Solutions Review

Author Information

Fotios (Fotis) Chantzis is laying the foundation for a safe and secure Artificial General Intelligence (AGI) at OpenAI. Previously, he worked as a principal information security engineer at Mayo Clinic, where he managed and conducted technical security assessments on medical devices, clinical support systems, and critical healthcare infrastructure. Ioannis Stais is a senior IT security researcher and head of red teaming at CENSUS S.A., a company that offers specialized cybersecurity services. He has participated in dozens of security assessment projects, including the assessment of communication protocols, web and mobile banking services, ATMs and point-of-sale systems, and critical medical appliances. Paulino Calderon is a published author and international speaker with over 12 years of experience in network and application security. When he isn't traveling to security conferences or consulting for Fortune 500 companies with Websec, a company he co-founded in 2011, he spends peaceful days enjoying the beach in Cozumel, Mexico. Evangelos Deirmentzoglou is an information security professional interested in solving security problems at scale. He led and structured the cybersecurity capability of the financial tech startup Revolut. A member of the open-source community since 2015, he has made multiple contributions to Nmap and Ncrack. Beau Woods is a cyber safety innovation fellow with the Atlantic Council and a leader with the I Am The Cavalry grassroots initiative. He is also the founder and CEO of Stratigos Security and sits on the board of several nonprofits. Beau is a published author and frequent public speaker.

Tab Content 6

Customer Reviews

Recent Reviews

Countries Available