Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Firmware Fuzzing to ISTG #16

Open
ryanchowww opened this issue Oct 25, 2024 · 0 comments
Open

Add Firmware Fuzzing to ISTG #16

ryanchowww opened this issue Oct 25, 2024 · 0 comments
Labels
enhancement New feature or request

Comments

@ryanchowww
Copy link

I would like to propose the addition of a section on firmware fuzzing to the OWASP IoT Security Testing Guide (STG). Firmware fuzzing is a critical technique for identifying vulnerabilities within IoT devices by subjecting their firmware to unexpected or malformed inputs, thereby uncovering potential security weaknesses that traditional testing methods might overlook.

Opening the discussion here for how to best incorporate fuzzing into ISTG. A few topic ideas:

  • Introduction to fuzzing
  • Overview of fuzzing techniques
  • Common tools and frameworks
  • Best practices, common pitfalls
  • How fuzzing integrates into overall testing process

Seeking feedback on how to best structure this in the guide, including:

  • Suggestions on additional topics or sub-sections
  • Recommendations for tools and resources to include
  • Insights from practitioners who have experience with firmware fuzzing
  • Any potential challenges or considerations we should address
@scriptingxss scriptingxss added the enhancement New feature or request label Oct 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@scriptingxss @ryanchowww