Uncover vulnerabilities in your Smart Devices and fix them quickly
Internet connected devices can expose entire infrastructure to external and internal cyber threats.
Secure them now.
Our Methodology
Krypteia’s approach to IoT, Smart Devices pentest includes Hardware, Software and Server assessment
Firmware Reverse Engineering
Reverse engineering firmware binaries.
Binary exploitation.
Encryption analysis.
Bypass obfuscation techniques in use.
Debugging binaries to gain sensitive info.
Application Pentesting
Android, Cloud and Web vulnerability testing
Input Validation: SQL Injection, Malicious Input acceptance, Command Injection
Buffer Overflow, File Upload, Business logic validations, Error handling/ Info Leakage, Session management, Log tampering
Data storage vulnerabilities
Serverside Testing
Identify potential for denial of service (DOS) attacks.
Vulnerabilities specific to web servers: Directory Traversal, Command injection, Remote code execution, SQL injection, Sensitive file exposure, Web server miss configuration exploitation.
API/Webservices testing: authorization, IDOR, Injections and exploits, API business logic bypas like skipping payments, API missconfigurations.
Radio communication reversing for proprietary protocols .
Hardware based exploitation
Exfiltration of Sensitive data from memory: applications store username, tokens, passwords, encryption keys, unscripted sensitive data.
UART, JTAG, SWD ports exploitation.
Flash memory chips to detect a possibility to dump firmware.
Logic bugs sniffing and bus tampering.
External peripheral devices: headphones, antennas etc.
Industries that we cover
- Industry 4.0
- Industrial Control Systems
- Smart Home Automation
- Medical / Healthcare
- Automotive
- Enterprise IoT
Contact Us today so we can talk about your Cybersecurity and IT solution needs for your organization!