Noureddine RAMDI / Mapping the full attack surface of connected devices with awesome-connected-things-sec

Created Mon, 04 May 2026 10:23:02 +0000 Modified Sat, 23 May 2026 20:41:27 +0000
920 Words
github-stars iot security hardware wireless embedded attack-surface

V33RU/awesome-connected-things-sec

The security challenges of connected devices go far beyond software vulnerabilities. They start at the hardware level — debug ports left enabled, physical interfaces exposed — and extend through complex wireless protocols often implemented with weak encryption. Understanding this full attack surface is crucial for anyone serious about IoT security or embedded device auditing.

The GitHub repository “awesome-connected-things-sec” delivers exactly that: a curated knowledge base of over 3,300 starred resources that map the entire attack surface of connected devices. It digs into hardware-level attacks like UART, JTAG, and side-channel fault injections, and also covers wireless protocol exploits such as Bluetooth Low Energy, Zigbee, and LoRaWAN. This repo isn’t a tool or framework but a structured reference that helps researchers and practitioners navigate the complex landscape of connected device security.

comprehensive mapping of hardware and wireless attack surfaces

At its core, awesome-connected-things-sec is a giant annotated bibliography meticulously organized around the real-world attack vectors of connected devices. It covers hardware interfaces commonly used for debugging and firmware extraction — UART, JTAG, SWD, SPI, I2C, TPM — each linked to tutorials, research papers, vulnerability reports, and tooling.

Beyond physical interfaces, it dives deep into side-channel attacks and fault injection methods, such as voltage glitching or electromagnetic fault injection, techniques that can extract secrets or bypass security on chips like STM32 microcontrollers.

The wireless side is equally detailed, with sections dedicated to Bluetooth and BLE weaknesses, Zigbee and Z-Wave protocol exploitations, and LoRa/LoRaWAN vulnerabilities. The repo links to relay attacks on smart locks via BLE, replay attacks on Zigbee networks, and protocol fuzzing tools.

The architecture is essentially a categorized knowledge graph rather than code. It’s language-agnostic and contains no executable components — just links and references. This makes it lightweight but means it serves as a library for research and learning rather than something you deploy.

detailed coverage that balances breadth and depth

What distinguishes this repo is its scope and curation quality. It’s not just a generic list of IoT security links; it’s carefully segmented by attack surface layer and technology.

The tradeoff here is between being a comprehensive knowledge source and the lack of an integrated toolset. You won’t find scripts or exploits ready to run, but you get a map of where those exploits live and how they work.

The code quality question doesn’t apply in the traditional sense since there’s no codebase. Instead, the value is in the organization and the quality of references. Each section provides up-to-date, peer-reviewed papers, detailed tutorials, and links to tooling that are battle-tested by the community.

For hardware hackers, this means a go-to place when facing an unknown debug interface or wanting to understand side-channel fault injections. For wireless security researchers, it’s a library of protocol-specific vulnerabilities and attack methods.

Because it’s a curated list, the repo depends on community contributions and can lag on the latest zero-days or emerging protocols. Also, as a static collection, it requires manual navigation and interpretation, which puts a premium on the user’s domain expertise.

explore the project

The project is organized as a set of markdown files grouped by attack surface and technology. The README provides a detailed table of contents linking to each category.

Key directories and files to check out:

  • hardware/ — covers physical interfaces like UART, JTAG, SPI, I2C, and side-channel attacks.
  • wireless/ — sections on Bluetooth, Zigbee, Z-Wave, and LoRa, with links to protocol analysis and exploits.
  • tools/ — curated lists of open-source tools for hardware hacking and wireless protocol exploitation.

The README’s table of contents is your map, guiding you through the complex terrain. There’s a “Lab Setup” section mentioning the Webthings Gateway Raspberry Pi, which hints at practical experimentation environments.

Since there’s no installation or executable code, the best way to use this repo is to dive into the sections relevant to the device or protocol you’re analyzing, follow the external links, and build your own tooling or tests from there.

who should use this resource and what to expect

This repo is a solid starting point for hardware hackers, embedded security researchers, and auditors looking to understand the full attack surface beyond software bugs. It collects decades of academic research, vulnerability disclosures, and practical tutorials into one place.

However, it’s not a beginner’s guide. The content assumes familiarity with hardware debugging, embedded protocols, and security concepts. It also requires patience and domain knowledge to navigate and apply the resources effectively.

The limitation is clear: it does not replace hands-on tools, nor does it provide ready-made exploits. But for anyone building a threat model around connected devices or preparing for penetration testing, this is a valuable knowledge base.

If you’re working in IoT security, understanding physical and wireless attack vectors is non-negotiable. This repo aggregates that understanding neatly, making it easier to stay informed and find detailed material on specific attack techniques.

The tradeoff is the manual effort needed to explore and synthesize the information, but that’s the nature of security research at this level. No single tool can cover the diverse attack surfaces of connected devices, but a well-maintained knowledge base like this one is an essential foundation for any serious practitioner.

→ GitHub Repo: V33RU/awesome-connected-things-sec ⭐ 3,305