Hardware reverse engineering path

First steps on IoT/HW:

• Arduino/Raspberry PI + Modules/Hats.

• Learn the internals of Embedded devices/IoT by making one! online simulator: https://www.tinkercad.com/

• (Beginner) Ψηφιακή Σχεδίαση: https://www.csd.uoc.gr/~hy120/

• (Intermediate) Οργάνωση Υπολογιστων: https://www.csd.uoc.gr/~hy225/

Arduino & Raspberry Pi

Serial Communication Protocols Microcontrollers/Microprocessors Arduino side channel attacks (ex: timing attack in strcmp() function)

Understand the Physical Tools needed for hardware RE

Microcontrollers

• Arduino

• Teensy

• ATtiny

• FPGA

• CPLD

• Raspberry pi

• Beagle Bone Black

• IPhone(jailbroken)

• Android

RF tranceivers

• CC11xx(sub-GHz), nRF24L01+ (2.4GHz GFSK)

• Logic Analyzer(Salae)

• Oscilloscope(Rigol)

• any USB microscope

Software tools

• https://sigrok.org/wiki/PulseView

• Logic

• https://github.com/jopohl/urh

Buy a Starters pack

• Arduino/Teensy

• Raspberry pi

• RTL-SDR

Arduino modules for extra functionality:

• HM10

• nRF24L01

• HC12

• MCP2515

Intermediate pack - optionnal

starters pack + Logic analyzer HackRF/BladeRF

Pro pack - optionnal

Intermediate pack + FPGA Oscilloscope

Elite pack - optionnal

Pro pack + CPLD

Twitter Accounts to follow for IoT/HW:

• IoTvillage

• CarHackVillage

• hardwear_io

• Riscure

• SecureAerospace

• AviationVillage

• SignalCapture

• ICS_Village

• hack_a_sat

• SamyKamkar

Youtube channels (general purpose) for Embedded devices/HW

• GreatScott!: https://www.youtube.com/channel/UC6mIxFTvXkWQVEHPsEdflzQ

• Electronoobs: https://www.youtube.com/channel/UCjiVhIvGmRZixSzupD0sS9Q

• Ben Eater: https://www.youtube.com/user/eaterbc

• https://www.youtube.com/user/MicrochipTechnology/videos

• https://www.youtube.com/channel/UC6mIxFTvXkWQVEHPsEdflzQ

• https://www.youtube.com/channel/UCjiVhIvGmRZixSzupD0sS9Q

• https://www.youtube.com/user/MicrochipTechnology/videos

• https://www.youtube.com/channel/UCnv0gfLQFNGPJ5MHSGuIAkw

• https://www.youtube.com/watch?v=u_U6F2Kkbb0&list=PLhixgUqwRTjwNaT40TqIIagv3b4_bfB7M

• Exposing a Chip on Board (COB) https://m.youtube.com/watch?v=hQ5hXEK35WI

Learning to Decapsulate Integrated Circuits using Acid Deposition https://jcjc-dev.com/2020/10/20/learning-to-decap-ics/

 

Memory corruption

https://microcorruption.com/login

channel attacks

Communications/Signals

Websites

https://hackaday.com/ to site tous https://samy.pl/ https://www.hackster.io/videos

Books

• Hardware Security: A Hands-on Learning Approach

• general purpose books for arduino/PI

• The hardware hacker

• Hardware Hacking Have Fun While Voiding Your Warranty

Online Labs:

https://www.hackthebox.eu/home/challenges/Hardware https://know.bishopfox.com/blog/how-to-set-up-your-hardware-lab

Awesome Embedded and IoT Security:

https://github.com/fkie-cad/awesome-embedded-and-iot-security https://github.com/nebgnahz/awesome-iot-hacks

Car Hacking

Repos

Awesome vehicle security https://github.com/jaredthecoder/awesome-vehicle-security

Books

The car hackers handbook

Game console Hacking

• Hacking the xbox

• Game Console Hacking Xbox, PlayStation, Nintendo, Game Boy, Atari, & Sega

• Hacking x360 for dummies

Wireless

https://github.com/cn0xroot/RFSec-ToolKit

Common wireless protocols

Bluethooth/Low energy (BLE) (hcitool, gatttool) Wi-Fi (aircrack-ng)

Used in many IoT devices:

Zwave Zigbee (HW tool: killerbee) 6LoWPAN GSM/LTE NFC/RFID (HW tool: MFRC-522)

Also GNURadio is an awesome software tool for signal and wireless protocol analysis