In a network, endpoints are the devices that are connected to the internet at large - each offering a point of entry to bad actors, exposing the network to outside risks. Since IoT devices are connected to the internet, they can be hacked just like any other internet-enabled device.

The attack surface of a IoT network consists of all the possible places where it can be attacked, and it expands with every new internet-connected device.

To sufficiently protect your network, it’s essential to understand the security vulnerabilities of IoT devices. Infected IOT devices can be used as Botnets (such as Mirai) to bring down the network, servers or computers.

Proactive approach to IoT security brings numerous benefits to the organization

• Lowest customer effort


• Possible with nearly all systems


• Simulatest the real world


• Heterogeneous nature of IoT systems due to mixing of various hardware and software components complicates the security. A planned and step by step approach to risk assessment brings homogeneity.


• IoT data flows across geographies and needs to follow respective law and regulation. Security assessment helps to adhere to various standards and regulations.


• Save the fines and losses which may be caused due to data & privacy breaches.


• Integrity & safety of the systems is paramount to any industry. Security risks assessments help secure the critical infrastructure.

A typical IoT penetration test (Attacker Simulated Exploitation) would involve the following components.

1. Scoping: Once we receive the initial order, we identify the organizations IoT devices that are to be tested.


2. Attack Surface Mapping: We will perform in-depth attack surface mapping and prepare detailed architecture diagram to identify all possible entry points.


3. Firmware reverse engineering and binary exploitation: We then perform reverse engineering firmware binaries and debugging the binaries to gain sensitive information.


4. Hardware based exploitation: We assess hardware communication protocols and sniff the communication to get sensitive data or to perform Men in the Middle attack.


5. Web, Mobile and Cloud vulnerabilities: We will perform manual identification of vulnerabilities in the web dashboard such as application input point, SQL, command, XPath, LDAP, XXE, XSS etc.


6. Radio security analysis: We assess radio communication protocols and sniff the communication to get sensitive data or to perform Men in the Middle attack.


7. PII data security analysis (optional) : We ensure that customers data are kept with highest security standards to ensure that no PII information is being leaked through any channels - web, mobile, hardware or radio.


8. Report preparation: After gathering all the assessment data, we analyse the data and provide you with a complete easy to understand report containing criticality level, risk, technical and business impact. In addition, we provide a detailed remediation strategy for each discovered vulnerability.


9. Quality Assurance: All assessments go through a number of technical and editorial quality assurance phase.


10. Presentation: The final phase in IoT penetration testing will be a presentation of all documentation to you. We will walk you through the information provided, make any updates needed, and address questions regarding the assessment output. Following this activity, we’ll schedule any formal retesting, if applicable.


11. Our expertise covers all aspect of security and perform it in accordance to the most updated security frameworks like OWASP, NIST SP 800 115, OSSTMM, PTES, WASC and ZCTF.
12. Our approach is based on the advanced manual test to ensure no false positives.

Our security report includes the following:

• Analysis of each embedded system or IoT device


• Customized vulnerability remediation roadmap and strategic recommendations and the findings are compiled in an easy to understand format and rated based on their criticality level


• Risk, Technical Impact and Business impact shall be determined based on the vulnerabilities detected


• Implications of the findings will be explained in detail


• All the findings are supported with the relevant screenshots and Video Evidences (wherever applicable)