The embedded systems market has been given a real boost with the adoption of the Internet of Things (IoT) by consumers. Modern connected embedded devices are becoming more attractive and are widely deployed across many big corporations, Small and Home offices (SOHO), and Small and Medium sized Businesses (SMB) and are being directly utilized by global household consumers. As per www.statista.com, connected IoT devices have grown from 15.41 billion devices in 2016 to 23.14 billion devices in 2018; in the same way, threats have grown and the security of these devices has become the biggest area of concern to the manufacturers and consumers. A good example would be the Mirai botnet attack that left most of the US east coast without internet in 2016.

In this chapter, we will come to understand the basics of embedded systems and the role of peripherals, and explore the different tools and techniques that can be employed to perform a typical penetration test or product evaluation of a given device using Kali Linux. We will also set up Chameleon Mini to emulate an NFC card and replay the stored memory contents to bypass any physical access control during a red teaming exercise or physical penetration testing.

In this chapter, you will learn about the following:

• Embedded systems and hardware architecture
• UART serial buses
• Introduction of USBJTAG
• Unpacking firmware and common bootloaders
• RFID hacking using Chameleon Mini