Assessing the security of services in IoT systems can sometimes be challenging, because these systems often use newer protocols supported by very few security tools, if any at all. So, it’s important that we learn which tools we can use and whether we can expand those tools’ capabilities.

In this chapter, we start by explaining how to circumvent network segmentation and penetrate into an isolated IoT network. Next, we show you how to identify IoT devices and fingerprint custom network services using Nmap. Then we attack Message Queuing Telemetry Transport (MQTT), a common network IoT protocol. By doing so, you’ll ...