Hardware hacking for software folks

Aggregated resources on hardware hacking/embedded device exploitation for software exploitation people.

Topics include:

• Hardware hacking.
• Firmware analysis.
• ARM | MIPS exploitation.

Feel free to add any resources that you think will fit in this list

Reading material

Blogs

http://www.devttys0.com/
http://hackaday.com
https://dontstuffbeansupyournose.com/

Books

• Android Hacker's Handbook (esp. hardware hacking chapter)
• Hacking the Xbox https://www.nostarch.com/xboxfree
• Car hacker's handbook(GPL 3.0) http://opengarages.org/handbook/

Electric/Electronic stuff

• EEVBlog https://www.youtube.com/user/EEVblog/videos

Free Courses

• Hardware reverse engineering by RPISEC http://security.cs.rpi.edu/courses/hwre-spring2014/

• Introduction to ARM architecture http://www.opensecuritytraining.info/IntroARM.html

Hardware

ARM Boards

• Raspberry
• Beagle Board
• ARMini
• CuBox
• Panda board
• Gumstix

Hacker gadgets

• Bus pirate (open source hardware) http://dangerousprototypes.com/docs/Bus_Pirate

• JTAGulator (open source hardware) http://www.grandideastudio.com/portfolio/jtagulator

Software

QEMU - For emulating ARM architecture on your X86 machines.

Interfacing software

• Minicom
• OpenOCD

Firmware analysis tools

• Firmwalker
• Firmware Modification Kit
• Angr binary analysis framework
• Binwalk firmware analysis tool
• Binary Analysis Tool
• Firmadyne
• Flashrom

Binary analysis & Reverse engineering tools

• IDA pro
• Radare 2
• Hopper

Conferences

• Chaos Communication Congress https://www.youtube.com/user/CCCen/videos

• Hardware.io http://hardwear.io/

Projects

• OWASP IoT project https://www.owasp.org/index.php/OWASP_Internet_of_Things_Project

• Damn Vulnerable Router Firmware https://github.com/praetorian-inc/DVRF

Paid courses

• SEx via HEx by xipiter http://www.sexviahex.com/

• IoT Firmware Exploitation https://www.tacnetsol.com/collections/2016-live-training/products/iot-firmware-exploitation

• Offensive IoT Exploitation http://nullcon.net/website/nullcon-bang-2016/training/offensive_iot_exploitation_training.php

• Pentester Academy: Offensive IoT exploitation https://www.pentesteracademy.com/course?id=27

• Pentester Academy - Make your own Hacker Gadget https://www.pentesteracademy.com/course?id=15

People

• Joe Grand, Grand Idea Studio
• Stephen Ridley, Xipiter
• Travis Goodspeed, twitter.com/travisgoodspeed
• Andrew "bunnie" Huang, bunniestudios.com
• Craig Smith
• Charlie Miller

Other links

http://jcjc-dev.com/2016/04/08/reversing-huawei-router-1-find-uart/