awesome-embedded-and-iot-security
APTnotes
awesome-embedded-and-iot-security | APTnotes | |
---|---|---|
6 | 5 | |
1,599 | 3,412 | |
2.9% | - | |
4.0 | 3.1 | |
7 months ago | 5 months ago | |
Creative Commons Zero v1.0 Universal | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
awesome-embedded-and-iot-security
- A list of embedded and IoT security resources
-
Embedded System Security
All the people saying embedded systems is too broad of a field to give you a straight answer are annoying as shit lol. Here are some generic resources that should guide you in a solid direction toward whatever you have planned: https://github.com/fkie-cad/awesome-embedded-and-iot-security The Hardware Hacking Handbook: Breaking Embedded Security with Hardware Attacks https://azeria-labs.com/
-
Is taking the Security+ Exam useful for going into embedded security?
It looks like it could help, especially in the context of IoT and embedded Linux. You’ll still have a lot of blanks to fill in with respect to operational technology, hardware-based cybersecurity, distributed systems, etc. but any cyber-specific certification is better than none. Check out the Awesome Embedded Cybersecurity github for links and Azeria Labs for some good embedded cybersec content.
-
Cybersecurity Repositories
Embedded and IoT Security
-
How do I get into hardware hacking?
Finally, this is very heavily biased towards security-research and IoT hacking, but there's a great list of books, tools, papers, etc here: https://github.com/fkie-cad/awesome-embedded-and-iot-security
-
IoT Linux Endpoint Solutions
https://github.com/fkie-cad/awesome-embedded-and-iot-security https://github.com/nebgnahz/awesome-iot-hacks https://phodal.github.io/awesome-iot/
APTnotes
-
Ask HN: What Happened with the Grugq Article?
>with case studies and getting as niche on specific things as possible.
Then definitely you can touch on APT marketplace, unlike the usual zeroday ones, those are -as the name implies, advanced, and mostly are state sponsored, you can find some of these in this sheet [1], or other sources [2] or older ones [3]. Now, for other zero day exploits, you can dig into your typical threat intelligence feeds to have an idea, some of these are daily updated [4] [5] [6] among a lot more of other resources, there are also underground databases for zero day and even APT updated as of yesterday, and also online marketplaces for those where you can buy/sell compromised RDP servers / webmail / cPanels / etc., or even services like smtp-sms for phishing among others, unfortunately, I can’t and won’t list any of these in here for obvious reasons, however, if you dig a little deeper definitely you will find something, just don’t use the usual search engines and normal channels, and get the usual security precautions like sandbox/vpns/etc. when access any of these sites, preferably in an isolated OS too.
And thanks, not expert enough for sure!
[1] https://docs.google.com/spreadsheets/u/1/d/1H9_xaxQHpWaa4O_S...
[2] https://gist.github.com/Neo23x0/c4f40629342769ad0a8f3980942e...
[3] https://github.com/kbandla/APTnotes
[4] https://bazaar.abuse.ch/browse/
[5] https://www.exploitalert.com/browse-exploit.html
[6] https://threatfox.abuse.ch/browse/
-
Seeking Datasets on Malware
I trained up this repo in my privateGPT - https://github.com/kbandla/APTnotes
- Le Burkina Faso
-
Cybersecurity Repositories
APT Notes
- Les ressortissants russes en France reçoivent en ce moment sur leurs numéros de téléphone russe des demandes pour l'enrôlement dans l'armée en vue de la guerre avec l'Ukraine
What are some alternatives?
attifyos - Attify OS - Distro for pentesting IoT devices
data - APTnotes data
asuswrt-merlin.ng - Extends the support of Merlin firmware to more ASUS routers
ThreatHunter-Playbook - A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
Elegoo-Neptune-Firmware
awesome-ctf - A curated list of CTF frameworks, libraries, resources and softwares
oekofen-json-documentation - The community-driven missing documentation for the JSON interface of Oekofen heating systems
osx-and-ios-security-awesome - OSX and iOS related security tools
Firmware - FETtec ESC Firmware repository
awesome-adversarial-machine-learning - A curated list of awesome adversarial machine learning resources
README - All Huawei modifications README, compilation instructions, etc
awesome-iocs - A collection of sources of indicators of compromise.