物联网安全漏洞研究框架

EXPLIoT - Pentest framework like Metasploit but specialized for IoT.
FACT -- Full-featured static analysis framework including extraction of firmware, analysis utilizing different plug-ins and comparison of different firmware versions.
FwAnalyzer - Analyze security of firmware based on customized rules. Intended as additional step in DevSecOps, similar to CI.
HAL – The Hardware Analyzer - A comprehensive reverse engineering and manipulation framework for gate-level netlists.
HomePWN - Swiss Army Knife for Pentesting of IoT Devices.
IoTSecFuzz - Framework for automatisation of IoT layers security analysis: hardware, software and communication.
Killerbee - Framework for Testing & Auditing ZigBee and IEEE 802.15.4 Networks.
PRET - Printer Exploitation Toolkit.
Routersploit - Framework dedicated to exploit embedded devices.
PENIOT - a penetration testing tool for Internet of Things (IoT) devices.Following protocols are currently supported:AMQP,BLE,CoAP,MQTT

Binwalk - Searches a binary for "interesting" stuff, as well as extracts arbitrary files.
emba - Analyze Linux-based firmware of embedded devices.
Embark - Embark is a framework that allows you to easily develop and deploy Decentralized Applications (DApps).
Firmadyne - Tries to emulate and pentest a firmware.
FirmA - FirmAE is a fully-automated framework that performs emulation and vulnerability analysis.
Firmwalker - Searches extracted firmware images for interesting files and information.
Firmware Slap - Discovering vulnerabilities in firmware through concolic analysis and function clustering.
Ghidra - Software Reverse Engineering suite; handles arbitrary binaries, if you provide CPU architecture and endianness of the binary.
Radare2 - Software Reverse Engineering framework, also handles popular formats and arbitrary binaries, has an extensive command line toolset.
Trommel - Searches extracted firmware images for interesting files and information.

FACT Extractor - Detects container format automatically and executes the corresponding extraction tool.
Firmware Mod Kit - Extraction tools for several container formats.
The SRecord package - Collection of tools for manipulating EPROM files (can convert lots of binary formats).

JTAGenum - Add JTAG capabilities to an Arduino.
OpenOCD - Free and Open On-Chip Debugging, In-System Programming and Boundary-Scan Testing.

Cotopaxi - Set of tools for security testing of Internet of Things devices using specific network IoT protocols.
dumpflash - Low-level NAND Flash dump and parsing utility.
flashrom - Tool for detecting, reading, writing, verifying and erasing flash chips.
Samsung Firmware Magic - Decrypt Samsung SSD firmware updates.

Hardware Tools

Bus Blaster - Detects and interacts with hardware debug ports like UART and JTAG.
Bus Pirate - Detects and interacts with hardware debug ports like UART and JTAG.
Shikra - Detects and interacts with hardware debug ports like UART and JTAG. Among other protocols.
JTAGULATOR - Detects JTAG Pinouts fast.
Saleae - Easy to use Logic Analyzer that support many protocols .
Ikalogic - Alternative to Saleae logic analyzers .
HydraBus - Open source multi-tool hardware similar to the BusPirate but with NFC capabilities.
ChipWhisperer - Detects Glitch/Side-channel attacks.
Glasgow - Tool for exploring and debugging different digital interfaces.
J-Link - J-Link offers USB powered JTAG debug probes for multiple different CPU cores .

UberTooth One - Open source 2.4 GHz wireless development platform suitable for Bluetooth experimentation.
Bluefruit LE Sniffer - Easy to use Bluetooth Low Energy sniffer.

ApiMote - ZigBee security research hardware for learning about and evaluating the security of IEEE 802.15.4/ZigBee systems. Killerbee compatible.
Atmel RZUSBstick - Discontinued product. Lucky if you have one! - Tool for development, debugging and demonstration of a wide range of low power wireless applications including IEEE 802.15.4, 6LoWPAN, and ZigBee networks. Killerbee compatible.
Freakduino - Low Cost Battery Operated Wireless Arduino Board that can be turned into a IEEE 802.15.4 protocol sniffer.

RTL-SDR - Cheapest SDR for beginners. It is a computer based radio scanner for receiving live radio signals frequencies from 500 kHz up to 1.75 GHz.
HackRF One - Software Defined Radio peripheral capable of transmission or reception of radio signals from 1 MHz to 6 GHz (half-duplex).
YardStick One - Half-duplex sub-1 GHz wireless transceiver.
LimeSDR - Software Defined Radio peripheral capable of transmission or reception of radio signals from 100 KHz to 3.8 GHz (full-duplex).
BladeRF 2.0 - Software Defined Radio peripheral capable of transmission or reception of radio signals from 47 MHz to 6 GHz (full-duplex).
USRP B Series - Software Defined Radio peripheral capable of transmission or reception of radio signals from 70 MHz to 6 GHz (full-duplex).

Proxmark 3 RDV4 - Powerful general purpose RFID tool. From Low Frequency (125kHz) to High Frequency (13.56MHz) tags.
ChamaleonMini - Programmable, portable tool for NFC security analysis.
HydraNFC - Powerful 13.56MHz RFID / NFC platform. Read / write / crack / sniff / emulate.