We are cybersecurity researchers who wrote a book teaching people how to hack the Internet of Things, called Practical IoT Hacking. Ask us anything!
Hello, Reddit! We are cybersecurity researchers who wrote a book called Practical IoT Hacking that teaches readers how to hack Internet of Things devices safely and lawfully, with practical hands on examples and proven methodologies. You can buy physical and Kindle copies through Amazon or get the physical copy and DRM-free digital copy through the publisher No Starch Press.
We have spent our careers addressing critical issues in IoT devices that could lead to loss of life or privacy breaches. Our work has influenced people around the world, including manufacturers, hospitals, and public policymakers. We believe that enabling more people to find unforeseen risks in a safe manner and report them in good faith can inoculate against accidents and adversaries causing harm. So we wrote a book to teach others who want to be a part of the solution.
We believe that societal dependence on connected technology is growing faster than our ability to secure it. As we adopt technology stacks in the works around us, we inadvertently import cybersecurity risks that can impact human life, public safety, and national security.
By understanding the threat and vulnerability components of these risks, we can defend against them. Mature manufacturers seek to learn from cybersecurity researchers and take reports of flaws they discover - so they can eliminate them in current and future products.
Ask us anything about some of our past work:
- Hack medical devices to save patient lives
- Contribute to founding I Am The Cavalry, a global grassroots initiative at the intersection of cybersecurity and public safety
- Write a Hippocratic Oath for Connected Medical Devices
- Organize hands on educational events on IoT security, such as those for Healthcare, Industrial Controls Systems (ICS), Aerospace, and Maritime
- Host members of Congress at DEF CON, the world’s largest hacker conference
- Inspire an IoT security law
- Develop and maintain the nmap ncrack tool
- Led a Google Summer of Code project to develop the OWASP IoT Goat
- Wrote three books on the nmap network scanning tool
- Helped develop coordinated vulnerability disclosure frameworks to allow security researchers to report security issues in good faith
- Past presentations on IoT devices hacking (https://census-labs.com/news/2019/05/31/hitting-the-gym-the-anatomy-of-a-killer-workout-troopers-2019/)