IoT or the Internet of Things is one of the most upcoming trends in technology as of now. A lot many new devices are coming up every single month. However, not much attention has been paid to the device's security till now. "Offensive IoT Exploitation" is a brand new and unique course which offers penetration testers the ability to assess and exploit the security of these smart devices.
The training will cover different varieties of IoT devices, assessing their attack surfaces and writing exploits for them. The 2-day class will be hands-on giving attendees the ability to try things themselves rather than just reading the slides. We will start from the very beginning discussing about the architecture of IoT devices, and then slowly moving to firmware analysis, identifying attack surface, finding vulnerabilities and then finally exploiting the vulnerabilities.
The course labs include both emulated environments as well as real live devices which will be provided to the attendees during the training. Custom VMs with pre- configured labs provided by the trainer will be used for the entire class.
Offensive IoT Exploitation is the course for you if you want to try exploitation on new hardware and find security vulnerabilities and 0-days in IoT devices.
At the end of the class, there will be a final CTF challenge where the attendees will have to identify security vulnerabilities and exploit them, in a completely unknown device.
Getting Started With IoT Security
- Introduction to IoT
- Security Architecture
- Getting familiar with IoT Security and components
- Case Studies of IoT vulnerabilities
- Hardware Hacking 101
- Analyzing boards and components
- Identifying Serial Interfaces
- UART, SPI and JTAG Primer
- Extracting firmware from a real device
- Common Techniques to prevent hardware attacks
- Bypassing hardware protections
- Side Channel Attack Techniques
- Understanding File Systems
- Firmware Extraction Techniques
- Analyzing and Backdooring Firmwares
- Simulating and Running firmwares and binaries
- Debugging firmware binaries
- Identifying vulnerabilities in firmwares
- ARM Architecture Introduction
- Registers and Flags
- Disassembling and Debugging Binaries
- Common Exploitation Techniques
- Ret2Libc Techniques for ARM based architectures
- Gadget hunting and chaining
- ROP Exploitation
Mobile Application Hacking
- Introduction to Android and iOS App Security
- Reversing and Analyzing Android Applications
- Real time Debugging Android applications
- Analyzing Native code and libraries for security issues
- Automating Application Analysis
- iOS App Reversing and Decryption
- Runtime Manipulation of iOS applications
- Obfuscation techniques and bypassing protections
- Getting started with SDR
- Radio Interfaces and Architecture
- Setting up the pentesting lab for Radio Hacking
- Getting familiar with GNURadio and other tools
- Capturing and Streaming Radio signals
- Overview of Bluetooth and Wifi connections
- Attacking BLE and Wifi
No prior vulnerability discovery or exploitation experience is necessary.
- Minimum 2GB RAM and 20 GB free Hard Disk space
- Android (preferably Rooted) >= 2.3
- iPhone/iPad/iPod (optional, as we will be providing individual iOS based devices for each participant during the training)
- Windows XP SP2/3, Windows 7/8 or *Nix
- Mac OSX 10.5+ (compulsory for iOS Exploitation or a OSX VM)
- Administrative privileges on your laptop
- Virtualization Software
- Custom VM labs will be provided for exploitation
- SSH Client
About Your Trainer
Aditya Gupta is a leading mobile and Internet of Things security expert. Apart from being the lead developer and co-creator of Android Framework for Exploitation, he has done a lot of in-depth research on the security of mobile devices and IoT - including Android, iOS and Blackberry, as well as BYOD Enterprise Security.
As well as mobile security and IoT research, Aditya has also discovered serious web application security flaws in websites such as Google, Facebook, PayPal, Apple, Microsoft, Adobe, Skype and many more.
Previous training and talks on Mobile and IoT Security have also been given at various national and international conferences such as Syscan, Toorcon, OWASP AppSec, BlackHat, ClubHack, Nullcon, and ISACA.
Who Should Attend?
- Mobile and Internet of Things Application Developers
- Penetration Testers
- Penetration Testing Managers
- Anyone who wants to take their skills to the next level