{"id":70,"date":"2026-02-02T23:27:12","date_gmt":"2026-02-02T20:27:12","guid":{"rendered":"https:\/\/iotsecurity.tr\/?p=70"},"modified":"2026-02-02T23:59:11","modified_gmt":"2026-02-02T20:59:11","slug":"iot-pentest-checklist","status":"publish","type":"post","link":"https:\/\/iotsecurity.tr\/tr\/iot-pentest-checklist\/","title":{"rendered":"IoT Pentest Checklist"},"content":{"rendered":"\n

<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n
\n

IoT pentest, IT pentest’te yap\u0131lan web\/api, mobil uygulama ve a\u011f servis testlerine ek olarak cihaz\u0131n fiziksel bile\u015fenlerine ve yayd\u0131\u011f\u0131 radyo frekans dalgalar\u0131na kadar olan t\u00fcm ekosistemi hedef alan bir g\u00fcvenlik de\u011ferlendirmesidir.<\/p>\n\n\n\n

Her cihaz kendi \u00f6zelinde de\u011ferlendirilerek sald\u0131r\u0131 y\u00fczeyleri tespit edilir ve buna uygun olarak s\u0131zma testi \u00e7al\u0131\u015fmas\u0131 ger\u00e7ekle\u015ftirilir. Bu yaz\u0131n\u0131n konusu olan IoT Pentest Checklist genel olarak \u00e7o\u011fu cihazda bulunan bile\u015fenleri hedef alarak haz\u0131rlanm\u0131\u015ft\u0131r. Cihazlarda her zaman bilinen protokoller kullan\u0131lmayabilir.<\/p>\n\n\n\n

IoT pentestin a\u015famalar\u0131n\u0131 5 ba\u015fl\u0131k alt\u0131nda toparlayabiliriz; haz\u0131rl\u0131k ve bilgi toplama, donan\u0131m analizi, firmware analizi, a\u011f ve protokol analizi ve uygulama katman\u0131 analizi.<\/p>\n\n\n\n

Her bir a\u015famada yap\u0131lmas\u0131 gerekenler, bir g\u00f6rev veya bir ad\u0131m gibi sorula\u015ft\u0131rarak kontrol listesi halinde haz\u0131rlanm\u0131\u015ft\u0131r.<\/p>\n<\/div>\n\n\n\n

<\/p>\n\n\n\n

Haz\u0131rl\u0131k ve Bilgi toplama yap\u0131ld\u0131 m\u0131?<\/h2>\n\n\n\n
\n
Envanter belirleme ger\u00e7ekle\u015ftirildi mi?<\/div>\n<\/div><\/div>\n\n\n
\n
Cihaz ekosistemindeki t\u00fcm bile\u015fenlerin kapsaml\u0131 listesinin olu\u015fturuldu mu?<\/div>\n<\/div>
\n
Cihaz\u0131n model ve yaz\u0131l\u0131m s\u00fcr\u00fcmlerinin dok\u00fcmante edildi mi?<\/div>\n<\/div>
\n
Cihaz\u0131n y\u00f6netilebildi\u011fi mobil uygulama belirlendi mi?<\/div>\n<\/div>
\n
Bulut hizmetleri ve API altyap\u0131s\u0131 tespit edildi mi?<\/div>\n<\/div><\/div><\/div>\n\n\n
\n
Fiziksel \u0130nceleme tamamland\u0131 m\u0131?<\/div>\n<\/div><\/div>\n\n\n
\n
Cihaz \u00fczerindeki etiket ve i\u015faretler kontrol edildi mi?<\/div>\n<\/div>
\n
Cihaz \u00fczerindeki eri\u015filebilir portlar belirlendi mi?<\/div>\n<\/div><\/div><\/div>\n\n\n
\n
OSINT yap\u0131ld\u0131 m\u0131?<\/div>\n<\/div><\/div>\n\n\n
\n
FCC ID veri taban\u0131ndan sorgulama yap\u0131larak cihaz\u0131n PCB foto\u011fraflar\u0131, RF mod\u00fclleri bulunuyor mu?<\/div>\n<\/div>
\n
Cihaz\u0131n \u00fcretici belgeleri internet \u00fczerinde bulunuyor mu?<\/div>\n<\/div>
\n
Cihaz\u0131n datasheet’i ve teknik dok\u00fcman\u0131 incelendi mi?<\/div>\n<\/div>
\n
Cihaz\u0131n bilinen zafiyetleri ara\u015ft\u0131r\u0131ld\u0131 m\u0131?<\/div>\n<\/div><\/div><\/div>\n<\/div>\n\n\n\n

Donan\u0131m Analizi yap\u0131ld\u0131 m\u0131?<\/h2>\n\n\n\n
\n
PCB analizi ger\u00e7ekle\u015ftirildi mi?<\/div>\n<\/div>
\n
Debug Portlardan ba\u011flant\u0131 sa\u011fland\u0131 m\u0131?<\/div>\n<\/div><\/div>\n\n\n
\n
UART portu test edildi mi?<\/div>\n<\/div><\/div>\n\n\n
\n
UART ba\u011flant\u0131s\u0131 yap\u0131labiliyor mu?<\/div>\n<\/div><\/div>\n\n\n
\n
TX, RX ve GND pinleri tespit edildi mi?<\/div>\n<\/div>
\n
Baud rate belirlendi mi?<\/div>\n<\/div>
\n
Boot loglar\u0131 yakalanabiliyor mu?<\/div>\n<\/div><\/div><\/div>\n\n\n
\n
Shell’e yetkili eri\u015fim elde edildi mi?<\/div>\n<\/div><\/div>\n\n\n
\n
Elde edilen shell yetkisi root haklar\u0131nda \u00e7al\u0131\u015ft\u0131r\u0131l\u0131yor mu?<\/div>\n<\/div>
\n
Yetki y\u00fckseltme sald\u0131r\u0131lar\u0131 ger\u00e7ekle\u015ftirildi mi?<\/div>\n<\/div><\/div><\/div>\n\n\n
\n
Shell’e eri\u015fimde kullan\u0131c\u0131 hesab\u0131 ve parolas\u0131 soruluyor mu?<\/div>\n<\/div><\/div>\n\n\n
\n
Kaba kuvvet sald\u0131r\u0131s\u0131 yap\u0131ld\u0131 m\u0131?<\/div>\n<\/div>
\n
Hesap bilgileri yaz\u0131l\u0131m i\u00e7inde mevcut mu?<\/div>\n<\/div>
\n
Bootloader atlat\u0131larak shell’e eri\u015fim elde edildi mi?<\/div>\n<\/div><\/div><\/div>\n<\/div>\n\n\n
\n
JTAG ba\u011flant\u0131s\u0131 yap\u0131labiliyor mu?<\/div>\n<\/div><\/div>\n\n\n
\n
JTAG pinleri JTAGulator arac\u0131 ile tespit edildi mi?<\/div>\n<\/div>
\n
Register inspection and live debugging yap\u0131labiliyor mu?<\/div>\n<\/div>
\n
Bellek okuma eri\u015fimi mevcut mu?<\/div>\n<\/div>
\n
Cihaz yaz\u0131l\u0131m\u0131 ele ge\u00e7irildi mi?<\/div>\n<\/div><\/div><\/div>\n<\/div>\n\n\n
\n
Haberle\u015fme veri yolu tespit edildi mi?<\/div>\n<\/div><\/div>\n\n\n
\n
SPI \u00fczerindeki veriler izlenebilir mi?<\/div>\n<\/div>
\n
I2C \u00fczerindeki verileri izlenebilir mi?<\/div>\n<\/div><\/div><\/div>\n\n\n
\n
Bellek d\u00f6k\u00fcm\u00fc ele ge\u00e7irilebilir mi?<\/div>\n<\/div><\/div>\n\n\n
\n
JTAG\/SWD ile bellek d\u00f6k\u00fcm ele ge\u00e7irebilir mi?<\/div>\n<\/div>
\n
Shell ba\u011flant\u0131s\u0131 ile cihazdan bellek d\u00f6k\u00fcm\u00fc ele ge\u00e7irilebilir mi?<\/div>\n<\/div><\/div><\/div>\n\n\n
\n
Geli\u015fmi\u015f donan\u0131m sald\u0131r\u0131lar\u0131 yap\u0131labiliyor mu?<\/div>\n<\/div><\/div>\n\n\n
\n
Glitching sald\u0131r\u0131s\u0131 yap\u0131labiliyor mu?<\/div>\n<\/div>
\n
Yan Kanal sald\u0131r\u0131s\u0131 yap\u0131labiliyor mu?<\/div>\n<\/div><\/div><\/div>\n<\/div>\n\n\n\n

Yaz\u0131l\u0131m analizi ger\u00e7ekle\u015ftirildi mi?<\/h2>\n\n\n\n
\n
Yaz\u0131l\u0131m elde edilebiliyor mu?<\/div>\n<\/div><\/div>\n\n\n
\n
SOIC clip y\u00f6ntemiyle \u00e7ipe ba\u011flan\u0131larak yaz\u0131l\u0131m ele ge\u00e7irilebilir mi?<\/div>\n<\/div>
\n
OTA g\u00fcncelleme paketleri yoluyla yaz\u0131l\u0131m ele ge\u00e7irilebilir mi?<\/div>\n<\/div>
\n
\u00dcreticinin internet \u00fczerinden yay\u0131nlad\u0131\u011f\u0131 kaynaklarla yaz\u0131l\u0131m ele ge\u00e7irilebilir mi?<\/div>\n<\/div>
\n
Mobil uygulama \u00fczerinden cihaz yaz\u0131l\u0131m\u0131 ele ge\u00e7irilebilir mi?<\/div>\n<\/div>
\n
Debug portlar\u0131 \u00fczerinden ba\u011flant\u0131 sa\u011flanarak yaz\u0131l\u0131m ele ge\u00e7irilebilir mi?<\/div>\n<\/div>
\n
Flash \u00e7ip s\u00f6k\u00fclerek yaz\u0131l\u0131m ele ge\u00e7irilebilir mi?<\/div>\n<\/div><\/div><\/div>\n\n\n
\n
Yaz\u0131l\u0131m paketi a\u00e7\u0131labiliyor mu?<\/div>\n<\/div><\/div>\n\n\n
\n
Otomatik \u00e7\u0131karma ara\u00e7lar\u0131yla yaz\u0131l\u0131m paketi \u00e7\u0131kar\u0131labilir mi?<\/div>\n<\/div><\/div>\n\n\n
\n
Binwalk ile otomatik \u00e7\u0131karma yap\u0131ld\u0131 m\u0131?<\/div>\n<\/div>
\n
Binwalk ile recursive tarama yap\u0131ld\u0131 m\u0131?<\/div>\n<\/div>
\n
Binwalk ile a\u00e7\u0131lan yaz\u0131l\u0131m paketine ham data analizi yap\u0131ld\u0131 m\u0131?<\/div>\n<\/div><\/div>\n\n\n
\n
Strings arac\u0131 ile yaz\u0131l\u0131m paketinden \u00e7\u0131kar\u0131lan dosyalardan veri okunabildi mi?<\/div>\n<\/div>
\n
Hexdump ile yaz\u0131l\u0131m paketinden \u00e7\u0131kar\u0131lan dosyalar analiz edilebilir mi?<\/div>\n<\/div><\/div><\/div>\n<\/div>\n\n\n
\n
Manuel \u00e7\u0131karma y\u00f6ntemleriyle yaz\u0131l\u0131m paketi \u00e7\u0131kar\u0131labilir mi?<\/div>\n<\/div><\/div>\n\n\n
\n
dd arac\u0131yla manuel olarak yaz\u0131l\u0131m paketinin \u00e7\u0131kart\u0131ld\u0131 m\u0131?<\/div>\n<\/div>
\n
Dosya sistemi yap\u0131s\u0131na \u00f6zel ara\u00e7larla yaz\u0131l\u0131m \u00e7\u0131kartma i\u015flemi yap\u0131ld\u0131 m\u0131?<\/div>\n<\/div><\/div>\n\n\n
\n
SquashFS arac\u0131yla yaz\u0131l\u0131m \u00e7\u0131kartma yap\u0131labilir mi?<\/div>\n<\/div>
\n
Sasquatch arac\u0131yla yaz\u0131l\u0131m \u00e7\u0131kartma yap\u0131labilir mi?<\/div>\n<\/div>
\n
YAFFS2 arac\u0131yla yaz\u0131l\u0131m \u00e7\u0131kartma yap\u0131labilir mi?<\/div>\n<\/div><\/div><\/div>\n<\/div>\n\n\n
\n
Binary format\u0131ndaki firmware, ELF format\u0131na d\u00f6n\u00fc\u015ft\u00fcr\u00fclerek tersine m\u00fchendislik analizine uygun hale getirilebilir mi?<\/div>\n<\/div><\/div>\n\n\n
\n
Bare-metal firmware yaln\u0131zca \u00e7al\u0131\u015ft\u0131r\u0131labilir ham koddan m\u0131 olu\u015fuyor?<\/div>\n<\/div>
\n
Ham firmware binary\u2019si ELF format\u0131na d\u00f6n\u00fc\u015ft\u00fcr\u00fcld\u00fc m\u00fc?<\/div>\n<\/div><\/div>\n\n\n
\n
Binary \u2192 ELF d\u00f6n\u00fc\u015f\u00fcm\u00fc i\u00e7in uygun ara\u00e7lar (\u00f6rn. esp-bin2elf) kullan\u0131ld\u0131 m\u0131?<\/div>\n<\/div><\/div><\/div>\n\n\n
\n
ELF\u2019e d\u00f6n\u00fc\u015ft\u00fcr\u00fclen firmware, tersine m\u00fchendislik ara\u00e7lar\u0131yla uyumlu hale getirildi mi?<\/div>\n<\/div><\/div>\n\n\n
\n
D\u00f6n\u00fc\u015ft\u00fcr\u00fclen ELF dosyas\u0131 Ghidra veya IDA Pro \u00fczerinde analiz edildi mi?<\/div>\n<\/div>
\n
Fonksiyon s\u0131n\u0131rlar\u0131 ve \u00e7a\u011fr\u0131lar\u0131 ELF format\u0131 ile analiz edildi mi?<\/div>\n<\/div><\/div><\/div>\n<\/div>\n\n\n
\n
Yaz\u0131l\u0131m paketi \u00fczerinde entropy analizi yap\u0131ld\u0131 m\u0131?<\/div>\n<\/div><\/div>\n\n\n
\n
Y\u00fcksek ve uniform entropy g\u00f6zlemleniyor mu? (evet ise y\u00fcksek ihtimalle firmware \u015fifrelidir)<\/div>\n<\/div>
\n
Yaz\u0131l\u0131m paketinin \u015fifreleme anahtar\u0131 ele ge\u00e7irilebilir mi?<\/div>\n<\/div><\/div>\n\n\n
\n
Donan\u0131msal debug aray\u00fczleri (JTAG \/ SWD vb.) kullan\u0131larak \u015fifreleme anahtar\u0131 elde edildi mi?<\/div>\n<\/div>
\n
Bootloader analizi yap\u0131larak \u015fifreleme anahtar\u0131 veya ilgili bilgiler elde edildi mi?<\/div>\n<\/div>
\n
Mobil uygulamada tersine m\u00fchendislik yap\u0131larak anahtar ele ge\u00e7irilebildi mi?<\/div>\n<\/div><\/div><\/div>\n<\/div>\n\n\n
\n
Statik analiz yap\u0131ld\u0131 m\u0131?<\/div>\n<\/div><\/div>\n\n\n
\n
Firmware \u00fczerinde hassas bilgi ve gizli anahtar\/token taramas\u0131 yap\u0131ld\u0131 m\u0131?<\/div>\n<\/div><\/div>\n\n\n
\n
Strings analizi yap\u0131ld\u0131 m\u0131?<\/div>\n<\/div><\/div>\n\n\n
\n
Firmware i\u00e7erisinde hardcoded parolalar tespit edildi mi?<\/div>\n<\/div>
\n
API anahtarlar\u0131 ve access token\u2019lar string analiziyle \u00e7\u0131kar\u0131ld\u0131 m\u0131?<\/div>\n<\/div>
\n
URL\u2019ler, IP adresleri ve endpoint\u2019ler tespit edildi mi?<\/div>\n<\/div>
\n
G\u00f6m\u00fcl\u00fc sertifikalar tespit edildi mi?<\/div>\n<\/div><\/div><\/div>\n\n\n
\n
Otomatik secret tarama ara\u00e7lar\u0131 \u00e7al\u0131\u015ft\u0131r\u0131ld\u0131 m\u0131?<\/div>\n<\/div><\/div>\n\n\n
\n
Firmwalker arac\u0131 \u00e7al\u0131\u015ft\u0131r\u0131ld\u0131 m\u0131?<\/div>\n<\/div>
\n
ByteSweep arac\u0131 \u00e7al\u0131\u015ft\u0131r\u0131ld\u0131 m\u0131?<\/div>\n<\/div><\/div><\/div>\n\n\n
\n
Regex bazl\u0131 secret aramas\u0131 yap\u0131ld\u0131 m\u0131?<\/div>\n<\/div><\/div>\n\n\n
\n
Regex tabanl\u0131 aramalar ile JWT token\u2019lar tespit edildi mi?<\/div>\n<\/div>
\n
Regex tabanl\u0131 aramalar ile AWS anahtarlar\u0131 tespit edildi mi?<\/div>\n<\/div>
\n
Regex tabanl\u0131 aramalar ile parola hash’leri (MD5, SHA varyantlar\u0131) tespit edildi mi?<\/div>\n<\/div><\/div><\/div>\n<\/div>\n\n\n
\n
Hassas dosya taramas\u0131 ger\u00e7ekle\u015ftirildi mi?<\/div>\n<\/div><\/div>\n\n\n
\n
Web server konfig\u00fcrasyon dosyalar\u0131 kontrol edildi mi?<\/div>\n<\/div>
\n
\/etc\/passwd ve \/etc\/shadow vb dosyalar kontrol edildi mi?<\/div>\n<\/div>
\n
Ba\u015flang\u0131\u00e7 scriptleri incelendi mi?<\/div>\n<\/div>
\n
A\u011f ve servis konfig\u00fcrasyon dosyalar\u0131 incelendi mi?<\/div>\n<\/div><\/div><\/div>\n\n\n
\n
Binary Analizi & Tersine M\u00fchendislik yap\u0131ld\u0131 m\u0131?<\/div>\n<\/div><\/div>\n\n\n
\n
Binary dosyalar\u0131 incelendi mi?<\/div>\n<\/div><\/div>\n\n\n
\n
\u00c7al\u0131\u015ft\u0131r\u0131labilir dosyalar ve payla\u015f\u0131ml\u0131 k\u00fct\u00fcphaneler tespit edilebilir mi?<\/div>\n<\/div>
\n
CPU mimarisi ve endian bilgisi belirlenebilir mi?<\/div>\n<\/div><\/div><\/div>\n\n\n
\n
Binary dosyalar\u0131 Ghidra ve IDA Pro ile analiz edildi mi?<\/div>\n<\/div>
\n
Kimlik do\u011frulama ve mant\u0131ksal i\u015flemler analiz edildi mi?<\/div>\n<\/div><\/div>\n\n\n
\n
Kimlik do\u011frulama ve yetkilendirme i\u015flemleri analiz edildi mi?<\/div>\n<\/div>
\n
Yaz\u0131l\u0131m paketi g\u00fcncelleme mant\u0131\u011f\u0131 analiz edildi mi?<\/div>\n<\/div>
\n
Kriptografik implementasyonlar incelendi mi?<\/div>\n<\/div><\/div><\/div>\n\n\n
\n
Tehlikeli fonksiyon analizi yap\u0131ld\u0131 m\u0131?<\/div>\n<\/div><\/div>\n\n\n
\n
Tehlikeli fonksiyonlar (`strcpy`, `strcat`, `sprintf`) kullan\u0131l\u0131yor mu?<\/div>\n<\/div>
\n
`system()` \u00e7a\u011fr\u0131lar\u0131 mevcut mu?<\/div>\n<\/div>
\n
Komut \u00e7al\u0131\u015ft\u0131rmaya imkan tan\u0131yan yap\u0131lar bulunuyor mu?<\/div>\n<\/div>
\n
Buffer overflow\u2019a yol a\u00e7an kod par\u00e7alar\u0131 mevcut mu?<\/div>\n<\/div><\/div><\/div>\n\n\n
\n
Mant\u0131ksal ak\u0131\u015flar tespit edildi mi?<\/div>\n<\/div><\/div>\n\n\n
\n
Hardcoded backdoor’lar\u0131n olup olmad\u0131\u011f\u0131 kontrol edildi mi?<\/div>\n<\/div>
\n
Gizli debug fonksiyonlar\u0131n\u0131n olup olmad\u0131\u011f\u0131 kontrol edildi mi?<\/div>\n<\/div>
\n
Yetkilendirmeyi atlatmaya yarayan fonksiyon ve ko\u015fullar\u0131n olup olmad\u0131\u011f\u0131 kontrol edildi mi?<\/div>\n<\/div><\/div><\/div>\n<\/div>\n\n\n
\n
\u00dc\u00e7\u00fcnc\u00fc parti bile\u015fen ve CVE analizi<\/div>\n<\/div><\/div>\n\n\n
\n
\u00dc\u00e7\u00fcnc\u00fc parti bile\u015fenlerin tespiti yap\u0131ld\u0131 m\u0131?<\/div>\n<\/div>
\n
Yaz\u0131l\u0131m paketinin kullan\u0131lan s\u00fcr\u00fcm\u00fc i\u00e7in daha \u00f6nce yay\u0131nlanm\u0131\u015f CVE ve zafiyet olup olmad\u0131\u011f\u0131 kontrol edilidi mi?<\/div>\n<\/div><\/div><\/div>\n\n\n
\n
Dinamik analizi ger\u00e7ekle\u015ftirildi mi?<\/div>\n<\/div><\/div>\n\n\n
\n
Yaz\u0131l\u0131m paketi “QEMU” veya “Firmdyne” ara\u00e7lar\u0131 ile em\u00fcle edildi mi?<\/div>\n<\/div>
\n
Yaz\u0131l\u0131m paketi dinamik olarak \u00e7al\u0131\u015ft\u0131r\u0131l\u0131rken davran\u0131\u015f\u0131, \u00e7al\u0131\u015fan servisler, log \u00e7\u0131kt\u0131lar\u0131 ve debug mesajlar\u0131 analiz edildi mi?<\/div>\n<\/div><\/div><\/div>\n<\/div>\n\n\n\n

IoT Protokol analizi ger\u00e7ekle\u015ftirildi mi?<\/h2>\n\n\n\n
\n
Ke\u015fif ve Servis Tespiti yap\u0131ld\u0131 m\u0131?<\/div>\n<\/div><\/div>\n\n\n
\n
A\u00e7\u0131k portlar ve d\u0131\u015fa a\u00e7\u0131k servisler tespit edildi mi?<\/div>\n<\/div>
\n
Yayg\u0131n kullan\u0131lan IoT port ve servisler tespit edildi mi?<\/div>\n<\/div><\/div>\n\n\n
\n
MQTT portlar\u0131 (1883 \/ 8883) a\u00e7\u0131k m\u0131?<\/div>\n<\/div>
\n
CoAP portlar\u0131 (5683 \/ 5684) a\u00e7\u0131k m\u0131?<\/div>\n<\/div>
\n
\u00d6zel TCP \/ UDP servisleri mevcut mu?<\/div>\n<\/div><\/div><\/div>\n\n\n
\n
Spesifik protokol tespiti yap\u0131ld\u0131 m\u0131?<\/div>\n<\/div><\/div>\n\n\n
\n
CoAP tespiti yap\u0131ld\u0131 m\u0131?<\/div>\n<\/div><\/div>\n\n\n
\n
`\/.well-known\/core` endpoint\u2019i olup olmad\u0131\u011f\u0131 kontrol edildi mi?<\/div>\n<\/div>
\n
A\u00e7\u0131kta olan CoAP kaynaklar\u0131 ve metodlar listelenebilir mi?<\/div>\n<\/div><\/div><\/div>\n\n\n
\n
Bluetooth Low Energy (BLE) tespiti yap\u0131ld\u0131 m\u0131?<\/div>\n<\/div><\/div>\n\n\n
\n
BLE servisleri ve karakteristikleri enumerate edilebilir mi?<\/div>\n<\/div>
\n
UUID\u2019ler ve eri\u015fim izinleri tespit edilebilir mi?<\/div>\n<\/div>
\n
BLE analiz ara\u00e7lar\u0131 kullan\u0131ld\u0131 m\u0131?<\/div>\n<\/div><\/div>\n\n\n
\n
Bettercap<\/div>\n<\/div>
\n
nRF Connect<\/div>\n<\/div><\/div><\/div>\n<\/div>\n\n\n
\n
MQTT tespiti yap\u0131ld\u0131 m\u0131?<\/div>\n<\/div><\/div>\n\n\n
\n
Wildcard kullan\u0131larak topic ke\u015ffi yap\u0131ld\u0131 m\u0131?<\/div>\n<\/div><\/div>\n\n\n
\n
#<\/div>\n<\/div>
\n
+<\/div>\n<\/div><\/div><\/div>\n\n\n
\n
Publish \/ subscribe yetkileri tespit edildi mi?<\/div>\n<\/div><\/div><\/div>\n<\/div>\n<\/div>\n<\/div>\n\n\n
\n
Trafik izleme yap\u0131ld\u0131 m\u0131?<\/div>\n<\/div><\/div>\n\n\n
\n
A\u011f trafi\u011fi izlenebilmesi m\u00fcmk\u00fcn m\u00fc?<\/div>\n<\/div><\/div>\n\n\n
\n
Trafik Wireshark veya tcpdump ile yakalanabilir mi?<\/div>\n<\/div>
\n
MITM sald\u0131r\u0131s\u0131 uygulanabilir mi?<\/div>\n<\/div><\/div>\n\n\n
\n
ARP poisoning yap\u0131ld\u0131 m\u0131?<\/div>\n<\/div>
\n
Transparent proxying yap\u0131ld\u0131 m\u0131?<\/div>\n<\/div><\/div><\/div>\n\n\n
\n
Kullan\u0131lan \u015fifreleme mekanizmalar\u0131 analiz edildi mi?<\/div>\n<\/div><\/div><\/div>\n\n\n
\n
Bluetooth trafi\u011fi izlenmesi m\u00fcmk\u00fcn m\u00fc?<\/div>\n<\/div><\/div>\n\n\n
\n
Bluetooth trafi\u011fi yakaland\u0131 m\u0131?<\/div>\n<\/div>
\n
Android Bluetooth HCI Snoop Log kullan\u0131ld\u0131 m\u0131?<\/div>\n<\/div>
\n
\u015eifreleme \u00f6ncesi BLE trafi\u011fi yakaland\u0131 m\u0131?<\/div>\n<\/div>
\n
Protokol tersine m\u00fchendisli\u011fine uygun veri elde edildi mi?<\/div>\n<\/div><\/div><\/div>\n\n\n
\n
ZigBee \/ RF trafi\u011finin izlenmesi m\u00fcmk\u00fcn m\u00fc?<\/div>\n<\/div><\/div>\n\n\n
\n
Over-the-air RF sinyalleri yakaland\u0131 m\u0131?<\/div>\n<\/div>
\n
KillerBee framework veya RTL-SDR kullan\u0131ld\u0131 m\u0131?<\/div>\n<\/div>
\n
\u015eifrelenmemi\u015f veya zay\u0131f korunan RF trafi\u011fi analiz edildi mi?<\/div>\n<\/div><\/div><\/div>\n<\/div>\n\n\n
\n
Kimlik do\u011frulama ve yetkilendirme testleri yap\u0131ld\u0131 m\u0131?<\/div>\n<\/div><\/div>\n\n\n
\n
Zay\u0131f e\u015fle\u015fme mekanizmalar\u0131 test edildi mi?<\/div>\n<\/div><\/div>\n\n\n
\n
BLE pairing mekanizmas\u0131 analiz edildi mi?<\/div>\n<\/div>
\n
“Just Works” pairing kullan\u0131l\u0131yor mu?<\/div>\n<\/div>
\n
MITM korumas\u0131 var m\u0131?<\/div>\n<\/div>
\n
Anahtar \u00e7\u0131kar\u0131m\u0131 m\u00fcmk\u00fcn m\u00fc?<\/div>\n<\/div><\/div>\n\n\n
\n
Crackle (TK \/ LTK recovery)<\/div>\n<\/div><\/div><\/div>\n<\/div>\n\n\n
\n
Kaba kuvvet sald\u0131r\u0131s\u0131 ger\u00e7ekle\u015ftirildi mi?<\/div>\n<\/div><\/div>\n\n\n
\n
MQTT i\u00e7in zay\u0131f parola i\u00e7in kaba kuvvet sald\u0131r\u0131lar\u0131 ger\u00e7ekle\u015ftirildi mi?<\/div>\n<\/div>
\n
MQTT i\u00e7in varsay\u0131lan parola i\u00e7in kaba kuvvet sald\u0131r\u0131lar\u0131 ger\u00e7ekle\u015ftirildi mi?<\/div>\n<\/div><\/div><\/div>\n\n\n
\n
Yetkilendirme atlatma testleri ger\u00e7ekle\u015ftirildi mi?<\/div>\n<\/div><\/div>\n\n\n
\n
Kimlik do\u011frulama flag\u2019leri manip\u00fcle edilebilir mi?<\/div>\n<\/div>
\n
K\u0131s\u0131tl\u0131 endpoint\u2019lere do\u011frudan eri\u015fim m\u00fcmk\u00fcn m\u00fc?<\/div>\n<\/div>
\n
Protokol\u00fcn yanl\u0131\u015f kullan\u0131m\u0131yla yetki y\u00fckseltme yap\u0131labilir mi?<\/div>\n<\/div><\/div><\/div>\n<\/div>\n\n\n
\n
Paket manip\u00fclasyonu ve tekrarlama sald\u0131r\u0131lar\u0131 ger\u00e7ekle\u015ftirildi mi?<\/div>\n<\/div><\/div>\n\n\n
\n
Tekrarlama sald\u0131r\u0131lar\u0131 ger\u00e7ekle\u015ftirildi mi?<\/div>\n<\/div><\/div>\n\n\n
\n
Ge\u00e7erli kontrol komutlar\u0131 yakalanabilir mi?<\/div>\n<\/div><\/div>\n\n\n
\n
Unlock<\/div>\n<\/div>
\n
Power on\/off<\/div>\n<\/div><\/div><\/div>\n\n\n
\n
Rolling-code veya nonce korumalar\u0131 mevcut mu?<\/div>\n<\/div><\/div><\/div>\n<\/div>\n\n\n
\n
Paket manip\u00fclasyon sald\u0131r\u0131lar\u0131 ger\u00e7ekle\u015ftirebilmek m\u00fcmk\u00fcn m\u00fc?<\/div>\n<\/div><\/div>\n\n\n
\n
Paket alanlar\u0131 ve hex de\u011ferleri de\u011fi\u015ftirilebilir mi? (`0x01 \/ 0x00`)<\/div>\n<\/div>
\n
Cihazda beklenmeyen davran\u0131\u015f g\u00f6zlemleniyor mu?<\/div>\n<\/div><\/div><\/div>\n\n\n
\n
Veri giri\u015fi manip\u00fclasyonu test edildi mi?<\/div>\n<\/div><\/div>\n\n\n
\n
Ge\u00e7ersiz uzunlukta veya beklenmeyen karakterli hatal\u0131 paketler g\u00f6nderildi mi?<\/div>\n<\/div>
\n
Crash, reset veya memory corruption test edildi mi?<\/div>\n<\/div><\/div><\/div>\n\n\n
\n
Servis d\u0131\u015f\u0131 b\u0131rakma testleri yap\u0131ld\u0131 m\u0131?<\/div>\n<\/div><\/div>\n\n\n
\n
MQTT broker CONNECT istekleriyle flood yap\u0131larak servis d\u0131\u015f\u0131 b\u0131rak\u0131labilir mi?<\/div>\n<\/div>
\n
CPU ve bellek t\u00fcketimi senaryolar\u0131 test edildi mi?<\/div>\n<\/div>
\n
RF Jamming sald\u0131r\u0131s\u0131 test edildi mi?<\/div>\n<\/div><\/div>\n\n\n
\n
RF \/ ZigBee frekanslar\u0131nda sinyal bozma testleri ger\u00e7ekle\u015ftirildi mi?<\/div>\n<\/div>
\n
Cihaz\u0131n fail-safe davran\u0131\u015f\u0131 g\u00f6zlemlendi mi?<\/div>\n<\/div>
\n
Dayan\u0131kl\u0131l\u0131k ve kurtarma mekanizmalar\u0131 test edildi mi?<\/div>\n<\/div><\/div><\/div>\n<\/div>\n<\/div>\n<\/div>\n\n\n\n

Uygulamalar \u00fczerinde s\u0131zma testleri ger\u00e7ekle\u015ftirildi mi?<\/h2>\n\n\n\n
\n
Web uygulama s\u0131zma testleri ger\u00e7ekle\u015ftirildi mi?<\/div>\n<\/div><\/div>\n\n\n
\n
Cihaz \u00fczerinde \u00e7al\u0131\u015fan g\u00f6m\u00fcl\u00fc web servisleri tespit edildi mi?<\/div>\n<\/div>
\n
G\u00f6m\u00fcl\u00fc \u00e7al\u0131\u015fan web uygulamas\u0131n\u0131n s\u0131zma testleri ger\u00e7ekle\u015ftirildi mi?<\/div>\n<\/div><\/div><\/div>\n\n\n
\n
Mobil uygulama s\u0131zma testleri ger\u00e7ekle\u015ftirildi mi?<\/div>\n<\/div><\/div>\n\n\n
\n
Mobil uygulama i\u00e7in statik testler ger\u00e7ekle\u015ftirildi mi?<\/div>\n<\/div><\/div>\n\n\n
\n
A\u00e7\u0131k metin API anahtar\u0131, eri\u015fim token’lar\u0131 vs tespit edildi mi?<\/div>\n<\/div>
\n
MobSF arac\u0131 ile otomatik tarama yap\u0131ld\u0131 m\u0131?<\/div>\n<\/div><\/div><\/div>\n\n\n
\n
Mobil uygulama i\u00e7in dinamik testler ger\u00e7ekle\u015ftirildi mi?<\/div>\n<\/div><\/div>\n\n\n
\n
Mobil uygulamadan \u00e7\u0131kan API istekleri intercept edilebildi mi?<\/div>\n<\/div><\/div>\n\n
\n
Mobil uygulaman\u0131n haberle\u015fti\u011fi API i\u00e7in s\u0131zma testleri ger\u00e7ekle\u015ftirildi mi?<\/div>\n<\/div><\/div><\/div>\n<\/div>\n<\/div>\n\n\n\n

<\/p>\n\n\n\n

Bu kontrol listesinin mindmap versiyonu a\u015fa\u011f\u0131da g\u00f6sterilmi\u015ftir. Ayr\u0131ca bu ba\u011flant\u0131dan<\/a> y\u00fcksek \u00e7\u00f6z\u00fcn\u00fcrl\u00fckl\u00fc versiyona ve bu ba\u011flant\u0131dan<\/a> PDF dosyas\u0131na da eri\u015febilirsiniz.<\/p>\n\n\n\n

<\/p>\n\n\n\n

\"\"<\/figure>\n","protected":false},"excerpt":{"rendered":"

IoT pentest, IT pentest’te yap\u0131lan web\/api, mobil uygulama ve a\u011f servis testlerine ek olarak cihaz\u0131n fiziksel bile\u015fenlerine ve yayd\u0131\u011f\u0131 radyo frekans dalgalar\u0131na kadar olan t\u00fcm ekosistemi hedef alan bir g\u00fcvenlik de\u011ferlendirmesidir. Her cihaz kendi \u00f6zelinde de\u011ferlendirilerek sald\u0131r\u0131 y\u00fczeyleri tespit edilir ve buna uygun olarak s\u0131zma testi \u00e7al\u0131\u015fmas\u0131 ger\u00e7ekle\u015ftirilir. Bu yaz\u0131n\u0131n konusu olan IoT Pentest Checklist […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[],"class_list":["post-70","post","type-post","status-publish","format-standard","hentry","category-iot-pentest"],"_links":{"self":[{"href":"https:\/\/iotsecurity.tr\/tr\/wp-json\/wp\/v2\/posts\/70","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/iotsecurity.tr\/tr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/iotsecurity.tr\/tr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/iotsecurity.tr\/tr\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/iotsecurity.tr\/tr\/wp-json\/wp\/v2\/comments?post=70"}],"version-history":[{"count":22,"href":"https:\/\/iotsecurity.tr\/tr\/wp-json\/wp\/v2\/posts\/70\/revisions"}],"predecessor-version":[{"id":117,"href":"https:\/\/iotsecurity.tr\/tr\/wp-json\/wp\/v2\/posts\/70\/revisions\/117"}],"wp:attachment":[{"href":"https:\/\/iotsecurity.tr\/tr\/wp-json\/wp\/v2\/media?parent=70"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/iotsecurity.tr\/tr\/wp-json\/wp\/v2\/categories?post=70"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/iotsecurity.tr\/tr\/wp-json\/wp\/v2\/tags?post=70"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}