Description

Price: $ 7.00 USD | Size: 5 GB | Duration : 7.22 Hours | 46 Video Lessons

BRAND : Expert TRAINING | ENGLISH | Bonus : IoT Exploitation PDF Guides | INSTANT DOWNLOAD

Offensive IoT Exploitation Online Course

LEARN IOT PENTESTING, EXPLOIT REAL-WORLD DEVICES AND GET CERTIFIED

Course Overview

After tons of research and conducting 100+ IoT device pentests so far, we have put a training together which will teach you how to pentest IoT devices.”Offensive IoT Exploitation” is an IoT hacking class where we take an offensive approach to break the security of so-called “smart devices”.

It’s a 5-day action packed class which we have converted to an online self-paced version covering a number of topics including Embedded Device Hacking, Firmware Reverse Engineering, Binary Exploitation, Radio, BLE, ZigBee exploitation and more.

The training puts special emphasis on learning-by-doing, which means that in the three days, you will get a chance to attack and pwn various real-world devices through the skillsets taught by the instructor.

More importantly, you will have access to the virtual machine, the hardware tools and devices that we use during the class and a support channel for any post-training questions.

• 10+ hours of HD training videos with cutting-edge content with practical IoT exploitation education (no fluff)
• Access to the private Slack group to get answers to any questions you might face while (or after) going through the class
• All class labs, virtual machine with pre-configured tools and a mammoth 1000+ pages slides in PDF format
• Lifetime access to the training class with all future updates – any future content updates will be accessible for you
• Prepares you for the Certified IoT Penetration Tester examination which will allow you to prove your IoT exploitation skills

What is covered in Offensive IoT Exploitation?

MODULE 1: INTRODUCTION TO IOT SECURITY

In this module, we start by understanding the Internet of Things, what they are, how they behave and the underlying components which make up the IoT Ecosystem.

We also have a look at the Attack Surface Mapping, which is the process of identifying a device architecture and preparing a detailed spreadsheet including all the information about the device, the possible vulnerabilities and the test cases that we will perform to identify the vulnerabilities.

We also look into some of the previous vulnerabilities and their case studies of why the devices were vulnerable and the techniques you could use to identify vulnerabilities like those, which you will learn in the upcoming modules.

Even if you have no prior background of Internet of Things or IoT Security Assessment, this module is the perfect starting point for you in the world of IoT security exploration.

MODULE 2: FIRMWARE REVERSE ENGINEERING AND EXPLOITATION

The first component of IoT exploitation that we cover is Firmware based vulnerabilities. Here, we go through a number of different firmware to learn techniques like file system extraction, emulation, debugging, modifying firmware binaries, backdooring them, static analysis and so on. All of the files and binaries used for this section are available in the virtual machine, which will be provided to you when you register for the class.

We also put special attention here to not only illustrate the vulnerabilities which are specific to these firmware, but also how to get an understanding of where things could go wrong in the firmware development process of IoT devices, and how you, as an IoT Security Researcher, can find and exploit those vulnerabilities.

MODULE 3: BINARY EXPLOITATION FOR IOT DEVICES

Once you have played around with the device a bit and had a look at the firmware, the next step for a pentester or a security researcher is to find vulnerabilities in the individual binaries within the firmware file system. A vulnerability could be an easily identifiable one such as hardcoded values or it could be something like a buffer overflow or it could be something as tricky as a vulnerability that requires gadget-hunting and ROP exploitation techniques – we will cover all of them in this module.

This module will also give you a background about ARM and MIPS architecture types, which are the two most common processor architecture you will see in IoT devices around you. You don’t need to think in assembly or be an assembly guru to write ROP exploits, but just a good understanding of the fundamentals and a clear goal of what you want to achieve will make you unstoppable at exploiting software flaws.

MODULE 4: EMBEDDED DEVICE EXPLOITATION

This module is where we unleash the demons. We take an IoT device, open it up, find specs, look at the chipsets, find what the chipsets do, interact with the chipsets, dump data from the flash chips, debug using JTAG, get root access using UART and tap into the buses. Yes, this module does holds a lot of content and is also one of the most fun and exciting sections of the course.

Especially if you have never worked with hardware before, you are in for a joy ride. You will be able to get rid of your fear of working with embedded devices in this module and emerge as someone who can look at an IoT device’s PCB and know what to do next.

Even if you have played with hardware and electronics in the past, this module will give you an entirely new perspective to look at Embedded devices by putting the pentester glasses on. For instance, if you now notice a flash chip, the first thing that will come to your mind would be – oh, let’s dump the firmware. Or by looking at the PCB, you might say that this looks like a JTAG interface, let me get my setup, and we will go JTAG debugging.

All the devices, tools, and targets that we use in this module come along with the IoT Exploitation Learning Kit, which is a part of the full Offensive IoT Exploitation bundle.

MODULE 5: SOFTWARE DEFINED RADIO (SDR), BLE AND ZIGBEE