Previously, we reviewed The Ghidra Book: The Definitive Guide because several of us were working with Ghidra, and it was a topic that made sense. Similarly, we spend a lot of time thinking and talking about Internet of Things (IoT) Security. Whether it is Craig Young winning the first-ever SOHOpelessly Broken contest at DEF CON or the team running the IoT Hack Lab at SecTor for multiple years, IoT is a popular subject within the team. So, it only made sense that we would take a look at Practical IoT Hacking: The Definitive Guide to Attacking the Internet of Things.

One of the aspects of the book that I appreciated was the layout. I’m often overwhelmed with a new book, especially if I don’t plan on reading it cover to cover. With tech books, I often aim to skip topics I’m familiar with or read sections related to projects I’m currently working on. In this case, having two tables of contents – Brief Contents, which came with the parts of the book and chapter titles, and the Contents in Detail, which came with both of those as well as a detailed breakdown – was excellent. The index shares a similar level of breakdown that at times seemed excessive or perhaps inaccurate. This may make more sense with an example.

Given that this is an IoT hacking book, I decided to take a look at their references to binwalk. There are five pages in total referenced in the index. Three of those pages are next to ‘binwalk,’ and the other two are next to ‘binwalk Nmap command.’ There is no binwalk Nmap command, so I was curious to know what those two pages were. The pages are part of the Network Assessments chapter in a section titled, “Identifying IoT Devices (Read more...)