Learn about IoT Device Penetration Testing

A year ago, when I was fresher in the term of IoT security, I was very curious about the approaches for penetration testing on smart devices.  I remember the day when I started approaching a device very first time for penetration testing and resulting in getting the device into pieces. For any smart device, the […]

How to Start IoT device Firmware Reverse Engineering?

IoT device Firmware Reverse Engineering:  It is a process to understand the device architecture, functionality and vulnerabilities present in the device incorporating different methods. Firmware: Piece of code written for specific hardware to perform different operations and control the device In this blog, we will learn how to access the file system of a TP-Link […]

FB50 Smart Lock Vulnerability Disclosure (CVE-2019-13143)

Executive Summary Our security engineers found vulnerabilities in the FB50 smart lock mobile application. An information disclosure vulnerability chained together with poor token management lead to a complete transfer of ownership of the lock from the user to the attacker’s account. Product Description The lock-in question is the FB50 smart lock, manufactured by Shenzhen Dragon […]