Elementary Secondary Higher Ed Common Reads
0 0
Download high-resolution image

Practical IoT Hacking

The Definitive Guide to Attacking the Internet of Things

Author Fotios Chantzis, Ioannis Stais, Paulino Calderon, Evangelos Deirmentzoglou, Beau Woods
Ebook
No Starch | No Starch Press
On sale Mar 23, 2021 | 464 Pages | 9781718500914
Add to cart Add to list Exam Copies

See Additional Formats
The definitive guide to hacking the world of the Internet of Things (IoT) -- Internet connected devices such as medical devices, home assistants, smart home appliances and more.

Drawing from the real-life exploits of five highly regarded IoT security researchers, Practical IoT Hacking teaches you how to test IoT systems, devices, and protocols to mitigate risk.
 
The book begins by walking you through common threats and a threat modeling framework. You’ll develop a security testing methodology, discover the art of passive reconnaissance, and assess security on all layers of an IoT system. Next, you’ll perform VLAN hopping, crack MQTT authentication, abuse UPnP, develop an mDNS poisoner, and craft WS-Discovery attacks.
 
You’ll tackle both hardware hacking and radio hacking, with in-depth coverage of attacks against embedded IoT devices and RFID systems.
 
You’ll also learn how to:

   • Write a DICOM service scanner as an NSE module
   • Hack a microcontroller through the UART and SWD interfaces
   • Reverse engineer firmware and analyze mobile companion apps
   • Develop an NFC fuzzer using Proxmark3
   • Hack a smart home by jamming wireless alarms, playing back IP camera feeds, and controlling a smart treadmill 
The tools and devices you’ll use are affordable and readily available, so you can easily practice what you learn. Whether you’re a security researcher, IT team member, or hacking hobbyist, you’ll find Practical IoT Hacking indispensable in your efforts to hack all the things
 
REQUIREMENTS: Basic knowledge of Linux command line, TCP/IP, and programming
 
Preface

Foreword

Part One: The IoT Threat Landscape
Chapter 1: The IoT Security World
Chapter 2: Threat Modeling
Chapter 3: A Security Testing Methodology

Part Two: Network Hacking
Chapter 4: Network Assessments
Chapter 5: Analyzing Network Protocols
Chapter 6: Exploiting Zero-configuration Networking

Part Three: Hardware Hacking
Chapter 7: UART, JTAG, and SWD Exploitation
Chapter 8: Hacking SPI and I2C
Chapter 9: Firmware Hacking

Part Four: Radio Hacking
Chapter 10: Abusing RFID
Chapter 11: Exploiting Bluetooth Low Energy
Chapter 12: Wi-Fi Hacking
Chapter 13: Exploiting LPWAN

Part Five: Targeting the IoT Ecosystem
Chapter 14: Attacking Mobile Applications
Chapter 15: Hacking the “Smart” Home

Appendix A: Tools for IoT Hacking
Fotios (Fotis) Chantzis is laying the foundation for a safe and secure Artificial General Intelligence (AGI) at OpenAI. Previously, he worked as a principal information security engineer at Mayo Clinic, where he managed and conducted technical security assessments on medical devices, clinical support systems, and critical healthcare infrastructure.

Ioannis Stais is a senior IT security researcher and head of red teaming at CENSUS S.A., a company that offers specialized cybersecurity services. He has participated in dozens of security assessment projects, including the assessment of communication protocols, web and mobile banking services, ATMs and point-of-sale systems, and critical medical appliances.

Paulino Calderon is a published author and international speaker with over 12 years of experience in network and application security. When he isn't traveling to security conferences or consulting for Fortune 500 companies with Websec, a company he co-founded in 2011, he spends peaceful days enjoying the beach in Cozumel, Mexico.


Evangelos Deirmentzoglou is an information security professional interested in solving security problems at scale. He led and structured the cybersecurity capability of the financial tech startup Revolut. A member of the open-source community since 2015, he has made multiple contributions to Nmap and Ncrack.

Beau Woods is a cyber safety innovation fellow with the Atlantic Council and a leader with the I Am The Cavalry grassroots initiative. He is also the founder and CEO of Stratigos Security and sits on the board of several nonprofits. Beau is a published author and frequent public speaker.
Fotios Chantzis View titles by Fotios Chantzis
Ioannis Stais View titles by Ioannis Stais
Paulino Calderon View titles by Paulino Calderon
Evangelos Deirmentzoglou View titles by Evangelos Deirmentzoglou
Beau Woods View titles by Beau Woods

About

The definitive guide to hacking the world of the Internet of Things (IoT) -- Internet connected devices such as medical devices, home assistants, smart home appliances and more.

Drawing from the real-life exploits of five highly regarded IoT security researchers, Practical IoT Hacking teaches you how to test IoT systems, devices, and protocols to mitigate risk.
 
The book begins by walking you through common threats and a threat modeling framework. You’ll develop a security testing methodology, discover the art of passive reconnaissance, and assess security on all layers of an IoT system. Next, you’ll perform VLAN hopping, crack MQTT authentication, abuse UPnP, develop an mDNS poisoner, and craft WS-Discovery attacks.
 
You’ll tackle both hardware hacking and radio hacking, with in-depth coverage of attacks against embedded IoT devices and RFID systems.
 
You’ll also learn how to:

   • Write a DICOM service scanner as an NSE module
   • Hack a microcontroller through the UART and SWD interfaces
   • Reverse engineer firmware and analyze mobile companion apps
   • Develop an NFC fuzzer using Proxmark3
   • Hack a smart home by jamming wireless alarms, playing back IP camera feeds, and controlling a smart treadmill 
The tools and devices you’ll use are affordable and readily available, so you can easily practice what you learn. Whether you’re a security researcher, IT team member, or hacking hobbyist, you’ll find Practical IoT Hacking indispensable in your efforts to hack all the things
 
REQUIREMENTS: Basic knowledge of Linux command line, TCP/IP, and programming
 

Table of Contents

Preface

Foreword

Part One: The IoT Threat Landscape
Chapter 1: The IoT Security World
Chapter 2: Threat Modeling
Chapter 3: A Security Testing Methodology

Part Two: Network Hacking
Chapter 4: Network Assessments
Chapter 5: Analyzing Network Protocols
Chapter 6: Exploiting Zero-configuration Networking

Part Three: Hardware Hacking
Chapter 7: UART, JTAG, and SWD Exploitation
Chapter 8: Hacking SPI and I2C
Chapter 9: Firmware Hacking

Part Four: Radio Hacking
Chapter 10: Abusing RFID
Chapter 11: Exploiting Bluetooth Low Energy
Chapter 12: Wi-Fi Hacking
Chapter 13: Exploiting LPWAN

Part Five: Targeting the IoT Ecosystem
Chapter 14: Attacking Mobile Applications
Chapter 15: Hacking the “Smart” Home

Appendix A: Tools for IoT Hacking

Author

Fotios (Fotis) Chantzis is laying the foundation for a safe and secure Artificial General Intelligence (AGI) at OpenAI. Previously, he worked as a principal information security engineer at Mayo Clinic, where he managed and conducted technical security assessments on medical devices, clinical support systems, and critical healthcare infrastructure.

Ioannis Stais is a senior IT security researcher and head of red teaming at CENSUS S.A., a company that offers specialized cybersecurity services. He has participated in dozens of security assessment projects, including the assessment of communication protocols, web and mobile banking services, ATMs and point-of-sale systems, and critical medical appliances.

Paulino Calderon is a published author and international speaker with over 12 years of experience in network and application security. When he isn't traveling to security conferences or consulting for Fortune 500 companies with Websec, a company he co-founded in 2011, he spends peaceful days enjoying the beach in Cozumel, Mexico.


Evangelos Deirmentzoglou is an information security professional interested in solving security problems at scale. He led and structured the cybersecurity capability of the financial tech startup Revolut. A member of the open-source community since 2015, he has made multiple contributions to Nmap and Ncrack.

Beau Woods is a cyber safety innovation fellow with the Atlantic Council and a leader with the I Am The Cavalry grassroots initiative. He is also the founder and CEO of Stratigos Security and sits on the board of several nonprofits. Beau is a published author and frequent public speaker.
Fotios Chantzis View titles by Fotios Chantzis
Ioannis Stais View titles by Ioannis Stais
Paulino Calderon View titles by Paulino Calderon
Evangelos Deirmentzoglou View titles by Evangelos Deirmentzoglou
Beau Woods View titles by Beau Woods

Additional formats

Related Articles

Books for National Depression Education and Awareness Month
Psychology

Books for National Depression Education and Awareness Month

For National Depression Education and Awareness Month in October, we are sharing a collection of titles that educates and informs on depression, including personal stories from those who have experienced depression and topics that range from causes and symptoms of depression to how to develop coping mechanisms to battle depression.

Read more

Books for National Depression Education and Awareness Month

Psychology
Literature

Horror Titles for the Halloween Season

In celebration of the Halloween season, we are sharing horror books that are aligned with the themes of the holiday: the sometimes unknown and scary creatures and witches. From classic ghost stories and popular novels that are celebrated today, in literature courses and beyond, to contemporary stories about the monsters that hide in the dark, our list

Read more

Horror Titles for the Halloween Season

Literature
Gender and Sexuality Studies History

Books for LGBTQIA+ History Month

For LGBTQIA+ History Month in October, we’re celebrating the shared history of individuals within the community and the importance of the activists who have fought for their rights and the rights of others. We acknowledge the varying and diverse experiences within the LGBTQIA+ community that have shaped history and have led the way for those

Read more

Books for LGBTQIA+ History Month

Gender and Sexuality Studies History
Subscribe

Penguin Random House Higher Education

© 2025 Penguin Random House

Back to Top
0
    • 0
    Wish List (0)