Resources

Field tools for IoT and embedded security

Open-source tools and mindmaps for practitioners working across firmware, hardware, wireless, and connected-device systems.

Tools & distributions

AttifyOS

Pre-configured Linux distribution for IoT and embedded security testing. Includes 40+ tools for firmware analysis, radio frequency testing, reverse engineering, and network assessment.

Highlights

  • Binwalk, GHIDRA, Firmware-Mod-Kit for firmware analysis
  • GNURadio, HackRF, RTL-SDR, Ubertooth for RF testing
  • radare2, JADX, Cutter for reverse engineering
  • KillerBee, RouterSploit, Qiling for specialized IoT work
View on GitHub →Used in OIX training →

Firmware Analysis Toolkit (FAT)

Automated firmware extraction and analysis toolkit. Simplifies the process of unpacking, extracting filesystem contents, and analyzing firmware images from IoT and embedded devices.

Highlights

  • Automated firmware extraction pipeline
  • Filesystem analysis and enumeration
  • Integration with common firmware analysis tools
View on GitHub →Learn firmware analysis in OIX →

Attify Badge

Open-source hardware tool for IoT security research. Provides UART, SPI, I2C, JTAG, and GPIO interfaces for communicating with embedded devices during security assessments.

Highlights

  • Multi-protocol hardware interface tool
  • UART, SPI, I2C, JTAG, and GPIO support
  • Open-source hardware design
View on GitHub →Hardware hacking in OIX →

CFSE

Formal methodology for systematic security analysis. A world-model and evidence framework built around concepts, interactions, flows, scenarios, explorations, findings, and patches.

Highlights

  • Structured framework for security epistemology
  • Concepts, flows, scenarios, explorations, and findings
  • Git-tracked, inspectable, and extensible
View on GitHub →Learn CFSE in OIE →

IoT Pentesting MindMap

A comprehensive visual reference for IoT security assessment. Covers attack surfaces, testing methodologies, tools, and techniques across hardware, firmware, wireless, protocol, and application layers.

Used by IoT security practitioners worldwide as a reference during assessments and training.

Covers

  • Hardware attack surfaces and interfaces
  • Firmware extraction and analysis paths
  • Wireless protocol assessment (BLE, Zigbee, SDR)
  • Network and protocol testing approaches
  • Application and cloud-connected surfaces
  • Cross-layer attack-path patterns

Available as an interactive online mindmap and downloadable reference.

Want to go deeper? Learn every layer in OIX training →

Go deeper with Attify training

These resources scratch the surface. Attify's guided training programs teach the methodology, hands-on techniques, and structured reasoning behind each domain.

Offensive IoT Exploitation training →Advanced Android & iOS exploitation training →Offensive Intelligence Engineering training →