Explore IoT device pentesting techniques in this BSides Cleveland conference talk. Delve into the world of Internet of Things (IoT) security, covering website interactions, top 10 vulnerabilities, and security approaches. Learn about logical and hardware hacking through a pet project involving an Amazon Button. Discover the process of intercepting HTTP requests, handling private certificates and keys, and utilizing tools like OpenOCD for wireless flashing. Gain insights into the challenges and methodologies of IoT security testing, concluding with a Q&A session to address audience inquiries.
Overview
Syllabus
Intro
What is IoT
Website interaction
Top 10 vulnerabilities
Security approach
Pet project
Logical
Hardware Hacking
Amazon Button
Backstory
HTTP Request
Private Certificate Private Key
Hacking
OpenOCD
Wireless
Flash
Questions