Exploiting IoT

A Comprehensive Coverage Of IoT Exploitation

The Internet of Things (IoT) is already one of the hottest technology trends currently. And in the near future the IoT ecosystem will explode with billions of devices going online. All of these devices are being developed to have some level of connectivity or the other – in a lot of the cases to the Internet! The progression in IoT is expected to offer services that goes beyond M2M (Machine-to-Machine) communications and is anticipated to herald automation in nearly all fields. Industrial product vendors and consumers are imagining connecting almost every thing to the Internet.

With the brisk development in IoT, security is often given very low priority. To address these concerns, we have developed a specialized course that teaches the cybersecurity professional the art and skill of testing the security of IoT devices.

"Exploiting IoT" is a unique course designed to offer you the ability to evaluate the security of these smart devices. This course is ideal for those wanting to understand the security issues associated with IoT and enabling them to make better decisions when building, deploying and assessing IoT technologies

Pre-requisites

Candidates should be acquainted with:

  • Information Security Concepts
  • Networking Concepts and Protocols used
  • Linux Fundamentals
  • Web Application & Mobile Application Security Concepts

Course Contents

  • Introduction to IoT
  • Benefits & Applications of IoT
  • Issues with IoT
  • Basic Architecture of IoT
  • IoT Attack Surface
  • OWASP Top 10 for IoT
    • Introduction to IOT Hardware & it’s components
    • Tools & Techniques
    • Electronic Communication Protocols
      • Inter System Protocol
        • UART
        • USART
        • USB
    • Intra System Protocol
      • I2c
      • SPI
      • CAN
    • JTAG
      • Introduction to JTAG
      • Identifying JTAG pinouts using Arduino
      • Identifying JTAG pins using JTAGulator
      • JTAG Debugging & it’s tools.
    • Firmware Analysis
      • Introduction to Firmware
      • Obtaining a Firmware
      • Firmware Extraction
      • Static Firmware Analysis
      • Dynamic Firmware Analysis using QEMU
      • Firmware Modification and Repacking
    • Conventional Attack Vectors
    • Introduction to RF Module
    • Types of RF Modules
    • Wireless Protocols used in RF Modules
    • Introduction to BLE
      • BLE Protocol Stack
      • GAP
      • GATT
      • Analysis of Smart Bulb
    • Introduction to SDR
      • Introduction to Basic Radio Components & GNU Radio Companion
      • Capturing FM Signals using RTL-SDR
      • Analyzing wireless doorbells using RTL-SDR
    • Message Queue Telemetry Transport (MQTT)
      • Introduction to MQTT
      • Architecture
      • Topic Matching
      • QoS, Data Types
      • MQTT Packet Structure

     

    • Constrained Application Protocol (CoAP)
      • Introduction to COAP
      • Two Layered Model
        • Messaging Model
        • Request/Response Model
      • Message Usage Table & Message Formats
      • Recon & Attacks

    Understanding COAP with Wireshark

    • Introduction to Android Native Dev

     

    • Introduction to ARM Assembly
      • ARM Overview
      • Processor Modes
      • Registers
      • Instruction Set
      • Stack
      • System Call Convention
      • Procedure Call Convention
      • Buffer Overflow
      • ARM Binary Analysis

     

    • Introduction to MIPS Assembly
      • MIPS Overview
      • Processor Modes
      • Registers
      • Instruction Set
      • System Call Convention
      • Procedure Call Convention
      • MIPS Binary Analysis

     

Ethical Hacking Training

This course goes deep down into depths of networking, systems, web applications, actual exploitation & helps beginners to take their confident first step towards information security field.

  • 6 Weeks Comprehensive Training
  • Built by Experienced Professionals
  • Regularly update on tools, techniques in course content