Practical Hardware Pentesting - Jean-Georges Valle

Practical Hardware Pentesting

A guide to attacking embedded systems and protecting them against the most common hardware attacks
Buch | Softcover
382 Seiten
2021
Packt Publishing Limited (Verlag)
978-1-78961-913-3 (ISBN)
49,85 inkl. MwSt
Hardware security has become a major concern in recent times making it crucial for companies and end users to focus on protecting hardware. If you’re a security practitioner who is more familiar with software and binary hacking or someone looking to repurpose devices, this book will demonstrate how to approach hardware hacking of embedded devices.
Learn how to pentest your hardware with the most common attract techniques and patterns

Key Features

Explore various pentesting tools and techniques to secure your hardware infrastructure
Protect your hardware by finding potential entry points like glitches
Find the best practices for securely designing your products

Book DescriptionIf you’re looking for hands-on introduction to pentesting that delivers, then Practical Hardware Pentesting is for you. This book will help you plan attacks, hack your embedded devices, and secure the hardware infrastructure.

Throughout the book, you will see how a specific device works, explore the functional and security aspects, and learn how a system senses and communicates with the outside world. You’ll set up a lab from scratch and then gradually work towards an advanced hardware lab—but you’ll still be able to follow along with a basic setup. As you progress, you’ll get to grips with the global architecture of an embedded system and sniff on-board traffic, learn how to identify and formalize threats to the embedded system, and understand its relationship with its ecosystem. You’ll discover how to analyze your hardware and locate its possible system vulnerabilities before going on to explore firmware dumping, analysis, and exploitation. The reverse engineering chapter will get you thinking from an attacker point of view; you’ll understand how devices are attacked, how they are compromised, and how you can harden a device against the most common hardware attack vectors. By the end of this book, you will be well-versed with security best practices and understand how they can be implemented to secure your hardware.

What you will learn

Perform an embedded system test and identify security critical functionalities
Locate critical security components and buses and learn how to attack them Discover how to dump and modify stored information
Understand and exploit the relationship between the firmware and hardware
Identify and attack the security functions supported by the functional blocks of the device
Develop an attack lab to support advanced device analysis and attacks

Who this book is forIf you’re a researcher or a security professional who wants a comprehensive introduction into hardware security assessment, then this book is for you. Electrical engineers who want to understand the vulnerabilities of their devices and design them with security in mind will also find this book useful. You won’t need any prior knowledge with hardware pentensting before you get started; everything you need is in the chapters.

Jean-Georges Valle is a hardware penetration tester based in Belgium. His background was in software security, with hardware being a hobby, and he then started to look into the security aspects of hardware. He has spent the last decade testing various systems, from industrial logic controllers to city-scale IoT, and from media distribution to power metering. He has learned to attack embedded systems and to leverage them against cloudscale infrastructure. He is the lead hardware technical expert in an offensive security team of a big four company. Jean-Georges holds a master's degree in information security and focuses on security at the point of intersection with hardware and software, hardware and software interaction, exploit development in embedded systems, and open source hardware.

Table of Contents

Setting Up Your Pentesting Lab and Ensuring Lab Safety
Understanding Your Target
Identifying the Components of Your Target
Approaching and Planning the Test
Our Main Attack Platform
Sniffing and Attacking the Most Common Protocols
Extracting and Manipulating Onboard Storage
Attacking Wi-Fi, Bluetooth, and BLE
Software-Defined Radio Attacks
Accessing the Debug Interfaces
Static Reverse Engineering and Analysis
Dynamic Reverse Engineering
Scoring and Reporting Your Vulnerabilities
Wrapping It Up – Mitigations and Good Practices

Erscheinungsdatum
Verlagsort Birmingham
Sprache englisch
Maße 75 x 93 mm
Themenwelt Informatik Netzwerke Sicherheit / Firewall
Mathematik / Informatik Informatik Web / Internet
Informatik Weitere Themen Hardware
ISBN-10 1-78961-913-0 / 1789619130
ISBN-13 978-1-78961-913-3 / 9781789619133
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich