Offensive Internet of Things Exploitation Training @ BlackHat

BlackHat 2015 was the first run of our IoT security training class named “Offensive Internet of Things Exploitation” and it was a HUGE success.

The class got sold out quite fast, much faster than we expected. In fact, we had to increase a few seats in both the batches of our class before limiting further registrations.

The training course was delivered by Attify’s founder Aditya Gupta, along with Aseem Jakhar (another security researcher) and was an intensive 2-day hands-on class with lots of exercises and challenges to help attendees understand the security issues with the Internet of Things.

Some pictures from our class :

The class was divided into 3 sections :
  1. Embedded Device Security Analysis and Exploitation
  2. Mobile/Web Based vulnerabilities
  3. Radio Communications Security

This is indeed the 3 sections on which consists of any Internet of Things architecture – and we decided to approach the problem of IoT security in a similar fashion. Some of the topics that we will cover in our upcoming training classes are  :

  1. IoT architecture and attack surface analysis
  2. ARM and MIPS based vulnerabilities
  3. Firmware Analysis and finding vulnerabilities
  4. UART, SPI and JTAGs
  5. Dumping firmwares from the device and bug hunting
  6. Modifying and Backdooring firmwares
  7. Security vulnerabilities in communication protocols and implementation
  8. Common Mobile App based security issues

We have many more upcoming classes in various security events – Brucon, BlackHat EU etc. and are also offering private versions of the training class. Contact us here to know more about our training offerings.

comments powered by Disqus
Android android application security android hands on security and exploitation training android security Apktool application auditing application security auditing appsec usa appwatch attify attify badge attify training binwalk blackberry pentesting blackhat ble BLE hacking and exploitation BLE sniffing box brut Exception chroot cloud based mobile application security scanner consulting CTF Damn Vulnerable iOS App devops dumping memory embedded hacking exploitation exploiting smart devices Firmware hacking frida hackfest hacking smart devices how to secure iot device IDA internet of things Internet of Things Security ios application security ios security iot iot device IoT Exploitation iot hacking iot pentest iot pentesting iot security iot security training iotsecurity jtag jtag debugging mobile app mobile application security mobile application security testing mobile security ninja recon technique offensive iot exploitation ola cabs owasp owasp appsec penetration testing pentesting pentesting mobile apps powerofcommunity PrinterSecurity qemu quizup radio communication protocol radio coomunication Reversing sdr secure coding guidelines security security issue security services security training security vulnerability smart devices social networking spi threat modeling training uart vulnerability writeups xposed hooking zigbee zigbee exploitation zigbee security zwave firmware reverse engineering firmware emulation firmware analysis toolkit firmadyne getting started with firmware hacking iot penetration testing