|
Threat description |
Attacker could add users for sharing cameras without authorization |
|
Threat target |
Mobile apps. |
|
Attack techniques |
An attacker creates a CSRF request that is sent to victims to auto-add a user for sharing. |
|
Countermeasures |
Use anti-CSRF tokens. |
- Preface
- IoT Penetration Testing
- Introduction
- Defining the IoT ecosystem and penetration testing life cycle
- Firmware 101
- Web applications in IoT
- Mobile applications in IoT
- Device basics
- Introduction to IoT's wireless communications
- Setting up an IoT pen testing lab
- Software tool requirements
- Firmware software tools
- Web application software tools
- Mobile application software tools
- Radio analysis tool requirements
- Radio analysis hardware
- Radio analysis software
- IoT Threat Modeling
- Analyzing and Exploiting Firmware
- Exploitation of Embedded Web Applications
- Exploiting IoT Mobile Applications
- IoT Device Hacking
- Radio Hacking
- Firmware Security Best Practices
- Mobile Security Best Practices
- Securing Hardware
- Advanced IoT Exploitation and Security Automation
- Software tool requirements
Threat #3
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.