Practical IoT Hacking
The Definitive Guide to Attacking the Internet of Things
Five-author guide to IoT pentesting covering hardware probing, radio (BLE / Zigbee / LoRa), embedded firmware, and the protocols that connect cheap devices to vulnerable backends.
As an Amazon Associate we earn from qualifying purchases. The link above is sponsored.
- Published
- 2021
- Publisher
- No Starch Press
- Pages
- 464
- Language
- English
Read this if
Pentesters branching into hardware and embedded targets. The book's coverage spans hardware probing (UART, JTAG, SWD), radio (BLE, Zigbee, LoRa), firmware analysis, and the protocols cheap devices speak to vulnerable backends. The most current general IoT book in print.
Skip this if
Pure software pentesters who don't want a hardware bench. Several chapters require oscilloscope, logic analyzer, or SDR access to follow.
Key takeaways
- IoT is a stack: hardware, firmware, protocols, cloud. The book's strength is teaching all four as one continuous attack surface.
- Radio attacks (BLE, Zigbee, LoRa) are now mainstream pentest territory; the chapters introducing SDR-based analysis are the practical entry point.
- Firmware extraction-then-analysis is the core skill; the book's hardware chapters cover the extraction half, then hand off to standard binary-analysis tooling for the rest.
Notes
Pair with The Car Hacker's Handbook (Smith) for the automotive specialisation and with The Hardware Hacker (Huang) for the systems-level mindset. The book's authors are practitioners at Censys and Keysight; their conference talks (DEF CON, Hardwear.io) are the natural follow-ups. IoT moves fast; check current vendor-specific writeups alongside.
What to read before
What to read before Practical IoT Hacking →Beginner · 2018
Click Here to Kill Everybody
Bruce Schneier's policy-level argument that as everything becomes a computer (cars, medical devices, infrastructure, voting), the security failures that used to merely cost us money will start costing lives — and the regulatory shape of that future is being decided now.
Intermediate · 2003
Hacking the Xbox
Andrew "bunnie" Huang on the original Xbox: hardware modding as the entry path into reverse engineering, plus a frank account of the legal fight that followed.
Intermediate · 2016
The Car Hacker's Handbook
Craig Smith's guide to automotive bus systems (CAN, LIN, FlexRay), ECUs, infotainment surfaces, and how to fuzz, trace and exploit modern vehicles.
What to read next
What to read after Practical IoT Hacking →Advanced · 2021
The Hardware Hacking Handbook
Jasper van Woudenberg and Colin O'Flynn (NewAE / ChipWhisperer) on real hardware attacks: bus sniffing, fault injection, side-channel power analysis, and the lab work that turns a black box into a known target.
Intermediate · 2003
Hacking the Xbox
Andrew "bunnie" Huang on the original Xbox: hardware modding as the entry path into reverse engineering, plus a frank account of the legal fight that followed.
Intermediate · 2016
The Car Hacker's Handbook
Craig Smith's guide to automotive bus systems (CAN, LIN, FlexRay), ECUs, infotainment surfaces, and how to fuzz, trace and exploit modern vehicles.
Explore similar books
Alternatives to Practical IoT Hacking →Advanced · 2021
The Hardware Hacking Handbook
Jasper van Woudenberg and Colin O'Flynn (NewAE / ChipWhisperer) on real hardware attacks: bus sniffing, fault injection, side-channel power analysis, and the lab work that turns a black box into a known target.
Intermediate · 2016
The Car Hacker's Handbook
Craig Smith's guide to automotive bus systems (CAN, LIN, FlexRay), ECUs, infotainment surfaces, and how to fuzz, trace and exploit modern vehicles.
Intermediate · 2003
Hacking the Xbox
Andrew "bunnie" Huang on the original Xbox: hardware modding as the entry path into reverse engineering, plus a frank account of the legal fight that followed.