Offensive Internet of Things (IoT) Exploitation is an in-depth course in IoT security and teaches you how to pentest and exploit the so-called “smart” devices. This online class is taught using practical, real world examples on how to to analyze and pentest hardware, firmware, software components, network communication, mobile apps used to control devices and their radio communication protocols.
IoT is one of the hottest trends in technology right now! There seems to be an arms race between both consumer and industrial vendors to connect almost everything to the Internet – your fridge, thermostat, coffee machine, watch, shoes, dog’s collar and toaster are all included! This new frenzy to connect “everything” to the Internet is here to stay and we are already seeing millions of these “smart” devices in homes, offices and public areas.
During the previous “Mobile Application” age, security took a backseat and almost every other app was insecure to the most basic and embarrassing of vulnerabilities. Unfortunately, to our horror, this golden age of “IoT – smart devices” is no different!
The key challenge in learning how to pentest and secure IoT devices is understanding the complex interaction between hardware and firmware. This includes being able to find debug ports to connect to or even having the ability to read/write directly to a chip! This course will take you through this complex yet extremely interesting and exciting journey.
This course is beginner friendly and starts from the very basics of IoT devices and their security – how to get started? Hardware? Software? Tools? Techniques? Will all be answered. This training is ideal for penetration testers, security engineers, managers, bug bounty hunters and anyone interested in uncovering how “smart” these devices really are :)
A non-exhaustive list of topics to be covered include:
- Introduction to Offensive IoT Exploitation
- Mapping attack surface of an IoT device
- Firmware analysis – identifying hardcoded secrets
- Emulating firmware binary
- Backdooring a firmware
- Firmware emulation using FAT
- Web application security for IoT devices
- Burp 101
- Exploiting command injection
- CSRF and firmware diffing
- Conventional attack vectors – Password cracking
- Conventional attack vectors intro
- Analyzing smart plugs
- Controlling smart plug by defeating encryption
- ARM 101
- Buffer overflow on ARM
- Exploit writing on ARM
- Using radare2 for MIPS binary analysis
- Exploitation using GDB remote debugging on MIPS
- Introduction to UART
- Serial interfacing over UART
- NAND Glitching attack
- SPI and I2c – Getting started
- Dumping EEPROM data
- Identifying JTAG pinouts using Arduino
- Identifying pins using JTAGulator
- JTAG – Introduction and Getting started
- JTAG debugging
- Introduction to SDR and basic radio components
- Getting started with GNU Radio companion
- Decoding an AM signal
- Capturing FM signals using RTL-SDR
- Analyzing wireless doorbells using RTL-SDR
- Sensitive information extraction from Signal
- Introduction to Zigbee
- Sniffing and replaying data using Zigbee
Offensive Internet of Things (IoT) Exploitation Course Videos
Aditya Gupta (@adi1391) is the founder and trainer of Attify, a mobile security firm, and leading mobile security expert and evangelist. Apart from being the lead developer and co-creator of Android framework for exploitation, he has done a lot of in-depth research on the security of mobile and hardware devices, including Android, iOS, and Blackberry, as well as BYOD Enterprise Security.
He is also the author of the popular Android security book “Learning Pentesting for Android” selling over 10000+ copies, since the time of launch in March 2014. He has also discovered serious web application security flaws in websites such as Google, Facebook, PayPal, Apple, Microsoft, Adobe, Skype, and many more. He has also published a research paper on ARM Exploitation titled “A Short Guide on ARM Exploitation.” In his previous work at Rediff.com, his main responsibilities were to look after web application security and lead security automation. He also developed several internal security tools for the organization to handle the security issues.
He has also previously spoken and trained at numerous international security conferences including Black Hat, Syscan, OWASP AppSec, Toorcon, Clubhack, Nullcon etc, along with many other corporate trainings on Mobile Security. He can be reached on adi [at] Attify [dot] com.
Books Authored by Aditya
Learning Pentesting for Android Devices (4.5 Stars on Amazon.com)
Learning Pentesting for Android is a practical and hands-on guide to take you from the very basic level of Android Security gradually to pentesting and auditing Android. It is a step-by-step guide, covering a variety of techniques and methodologies that you can learn and use in order to perform real life penetration testing on Android devices and applications. The book starts with the basics of Android Security and the permission model, which we will bypass using a custom application, written by us. Thereafter we will move to the internals of Android applications from a security point of view, and will reverse and audit them to find the security weaknesses using manual analysis as well as using automated tools.
We will then move to a dynamic analysis of Android applications, where we will learn how to capture and analyze network traffic on Android devices and extract sensitive information and files from a packet capture from an Android device. We will look into SQLite databases, and learn to find and exploit the injection vulnerabilities. Also, we will look into root exploits, and how to exploit devices to get full access along with a reverse connect shell. Finally, we will learn how to write a penetration testing report for an Android application auditing project.