Spring Training 2016 - Offensive IoT Exploitation
From BruCON 2016
Contents
Offensive IoT Exploitation
This unique course offers penetration testers the ability to assess the security of smart devices. The training will cover assessing IoT attack surfaces and finding security issues and is valuable for anybody interested to learn about IoT security. Several IoT devices will be provided during the course for hands-on exercises.
Course Description
IoT or the Internet of Things is one of the most upcoming trends in technology as of now. A lot many new devices are coming up every single month. However, not much attention has been paid to the device's security till now. "Offensive IoT Exploitation" is a brand new and unique course which offers pentesters the ability to assess the security of these smart devices.
The training will cover assessing IoT attack surfaces and finding security issues. The course will be hands-on giving attendees the ability to try things themselves rather than just watching the slides. We will start from the very beginning discussing about the architecture of IoT devices, and then slowly moving to firmware analysis, identifying attack surface and finding/exploiting vulnerabilities.
The course labs include both emulated environments as well as real live devices which will be provided to the attendees during the training for the hands-on labs. Offensive IoT Exploitation training is designed for pentesters who want to kickstart their career in IoT Pentesting and the training does not expect the attendees to have a prior knowledge of assembly, mobile security or reversing. The attendees will be provided with VM image for IoT security testing platform called Drona created by the trainers themselves.
Course Contents
- Introduction to IOT
- IOT Architecture
- Identify attack surfaces
- Mobile App security and analysis
- Specific Web and Mobile based vulnerabilities
- ARM Architecture and assembly
- ARM Reversing
- MIPS Architecture and assembly
- Device scanning
- Firmware analysis and reversing
- Modifying and creating custom firmware
- Simulating real environments
- UART identification
- Introduction to radio protocols
What to expect
- Hands-on Labs
- Reversing binaries and apps
- Getting familiar with the IoT security
- This course will give you a direction to start performing pentests on IoT devices
What not to expect
Becoming a hardware/IoT hacker overnight. Use the knowledge gained in the training to start pentesting IoT devices and sharpen your skills
Target Audiance
- Pentesters/security professional
- Embedded security enthusiast
- Anyone interested to learn IoT pentesting
- IoT Developers and testers
Requirements
- Basic knowledge of web and mobile security
- Basic knowledge of Linux OS
Hardware/software Requirements
- Laptop with at least 25 GB free space
- 2 GB minimum RAM
- External USB access
- Administrative privileges on the system
- Virtualization software – VirtualBox 5.x
Provided at the course
- IoT devices will be provided during the class for Labs
- Drona VM
- Slides
Trainers Biography
Aditya Gupta (@adi1391) is the founder and trainer of Attify, a mobile security firm, and leading mobile security expert and evangelist. Apart from being the lead developer and co-creator of Android framework for exploitation, he has done a lot of in-depth research on the security of mobile and hardware devices, including Android, iOS, and Blackberry, as well as BYOD Enterprise Security. He is also the author of the popular Android security book "Learning Pentesting for Android" selling over 5000+ copies, since the time of launch in March 2014. He has also discovered serious web application security flaws in websites such as Google, Facebook, PayPal, Apple, Microsoft, Adobe, Skype, and many more. He has also published a research paper on ARM Exploitation titled "A Short Guide on ARM Exploitation." In his previous work at ediff.com, his main responsibilities were to look after web application security and lead security automation. He also developed several internal security tools for the organization to handle the security issues. He has also previously spoken and trained at numerous international security conferences including Black Hat, Syscan, OWASP AppSec, Toorcon, Clubhack, Nullcon etc, along with many other corporate trainings on Mobile Security
Aseem Jakhar is the Director, research at Payatu Technologies Pvt Ltd payatu.com a boutique security testing company. He is well known in the hacking and security community as the founder of null -The open security community, registered not-for-profit organization http://null.co.in and also the founder of nullcon security conference nullcon.net. He has extensive experience in system programming, security research, consulting and managing security software development projects. He has worked on various security software including UTM appliances, messaging/security appliances, anti-spam engine, anti-virus software, multicast packet reflector, Transparent HTTPS proxy with captive portal, bayesian spam filter to name a few. He is an active speaker at security and open source conferences; some of the conferences he has spoken at include AusCERT, Defcon, Hack.lu, Black Hat, PHDays, Xcon, Cyber security summit - Bangalore, Cocon, OSI Days - Bangalore, Clubhack, Gnunify. His research includes Linux remote thread injection, automated web application detection and dynamic web filter. He is the author of open source Linux thread injection kit -Jugaad and Indroid which demonstrate a stealthy in-memory malware infection technique.
Mon. 20 - 22 April 2016 (09:00 - 17:00) (3-day)