Some IoT Pentesting hints -- keep on update
A. Collect the information about the device i.data sheets ii.product features iii.installation guide and user manual download from the vendor website or use google dorks to get the data B. as per device name and model number or hardware information check for publicly available exploits -exploit db , or exploit search engines u seful search engines for the exploits https://sploitus.com/ https://vulmon.com/ http://www.exploitsearch.com/ https://www.nmmapper.com/searchindex/s/ There are special search engines for IoT which helps us to find the more insecure devices which is publicly available i. shodan ii. censys iii.zoomeye iv. onphye C. Making a detailed list i. Write all...