Embedded and IoT Security


Awesome Embedded and IoT Security Awesome

A curated list of awesome resources about embedded and IoT security. The list contains software and hardware tools, books, research papers and more.

Botnets like Mirai have proven that there is a need for more security in embedded and IoT devices. This list shall help beginners and experts to find helpful resources on the topic.
If you are a beginner, you should have a look at the Books and Case Studies sections.
If you want to start right away with your own analysis, you should give the Analysis Frameworks a try. They are easy to use and you do not need to be an expert to get first meaningful results.

Items marked with 💶 are comercial products.

Software Tools

Software tools for analyzing embedded/IoT firmware.

Analysis Frameworks

Analysis Tools

  • Binwalk - Searches a binary for "interesting" stuff.
  • Firmadyne - Tries to emulate and pentest a firmware.
  • firmwalker - Searches extracted firmware images for interesting files and information.
  • Firmware Slap - Discovering vulnerabilities in firmware through concolic analysis and function clustering.
  • Ghidra - Software Reverse Engineering suite; handles arbitrary binaries, if you provide CPU architecture and endianness of the binary.
  • Radare2 - Software Reverse Engineering framework, also handles popular formats and arbitrary binaries, has an extensive command line toolset.
  • Trommel - Searches extracted firmware images for interesting files and information.

Extraction Tools

  • Binwalk - Extracts arbitrary files utilizing a carving approach.
  • FACT Extractor - Detects container format automatically and executes the corresponding extraction tool.
  • Firmware Mod Kit - Extraction tools for several container formats.
  • The SRecord package - Collection of tools for manipulating EPROM files (can convert lots of binary formats).

Support Tools

  • JTAGenum - Add JTAG capabilities to an Arduino.
  • OpenOCD - Free and Open On-Chip Debugging, In-System Programming and Boundary-Scan Testing.

Hardware Tools

  • Bus Blaster - Detects and interacts with hardware debug ports like UART and JTAG.
  • Bus Pirate - Detects and interacts with hardware debug ports like UART and JTAG.
  • JTAGULATOR - Detects JTAG Pinouts fast.
  • Saleae - Easy to use Logic Analyzer that support many protocols 💶.
  • Ikalogic - Alternative to Saleae logic analyzers 💶.
  • HydraBus - Open source multi-tool hardware similar to the BusPirate but with NFC capabilities.
  • ChipWhisperer - Detects Glitch/Side-channel attacks.
  • Glasgow - Tool for exploring and debugging different digital interfaces.
  • J-Link - J-Link offers USB powered JTAG debug probes for multiple different CPU cores 💶.


Research Papers

- 2019, Alrawi et al: SoK: Security Evaluation of Home-Based IoT Deployments - 2019, Abbasi et al: Challenges in Designing Exploit Mitigations for Deeply Embedded Systems - 2019, Song et al: PeriScope: An Effective Probing and Fuzzing Framework for the Hardware-OS Boundary - 2018, Muench et al: What You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices - 2017, O'Meara et al: Embedded Device Vulnerability Analysis Case Study Using Trommel - 2017, Jacob et al: How to Break Secure Boot on FPGA SoCs through Malicious Hardware - 2017, Costin et al: Towards Automated Classification of Firmware Images and Identification of Embedded Devices - 2016, Kammerstetter et al: Embedded Security Testing with Peripheral Device Caching and Runtime Program State Approximation - 2016, Chen et al: Towards Automated Dynamic Analysis for Linux-based Embedded Firmware - 2016, Costin et al: Automated Dynamic Firmware Analysis at Scale: A Case Study on Embedded Web Interfaces - 2015, Shoshitaishvili et al:Firmalice - Automatic Detection of Authentication Bypass Vulnerabilities in Binary Firmware - 2015, Papp et al: Embedded Systems Security: Threats, Vulnerabilities, and Attack Taxonomy - 2014, Zaddach et al: Avatar: A Framework to Support Dynamic Security Analysis of Embedded Systems' Firmwares - 2014, Alimi et al: Analysis of embedded applications by evolutionary fuzzing - 2014, Costin et al: A Large-Scale Analysis of the Security of Embedded Firmware s - 2013, Davidson et al: FIE on Firmware: Finding Vulnerabilities in Embedded Systems using Symbolic Execution

Case Studies

- Binary Hardening in IoT products - Deadly Sins Of Development - Conference talk presenting several real world examples on real bad implementations 📺. - Hacking the DSP-W215, Again - Multiple vulnerabilities found in the D-link DWR-932B - Pwning the Dlink 850L routers and abusing the MyDlink Cloud protocol - PWN Xerox Printers (...again)

Free Training



Conferences focused on embedded and/or IoT security.


Contributions welcome! Read the contribution guidelines first.



To the extent possible under law, Fraunhofer FKIE has waived all copyright and related or neighboring rights to this work.