DEFCON 29 IoT Village - Tim Jensen EapolSniper - IoT Testing Crash Course

n this IoT 101 level talk I provide practical instruction to security focused individuals who want to test IoT devices for critical vulnerabilities. Included will be basic network pentesting of the device, web app or other UI testing, extracting/downloading firmware, and using binwalk. This will also include reviewing binaries for potential backdoors, looking for hardcoded credentials, and whitebox code review of the UI interface to look for backdoors or other vulnerabilities. All testing will be done against publicly downloadable binaries.