Scroll Top

IoT Security Bootcamp

Course Description

This is a hands-on IoT hacking class. It covers all aspects of IoT Security, from the technologies and testing methodologies to the vulnerabilities. The main focus is offensive security: attacking and testing the devices and platforms.

We first cover the basics and lay out the ground with concepts before diving into the actual hacking. This provides the understanding of what and why the things can be hacked, with a good mix of knowledge and learning-by-doing or in this case learning-by-hacking.

Students will receive a IoT Hacking Kit (hardware with a value of +350 Euros), which contains the tools and some vulnerable devices used in class, so that they can continue sharpening their skills or hack devices after the event. 

Learning objective

After the class, the attendees will be able to evaluate the security of different IoT architectures, identify the attack surface, knowledge of security testing methodologies and how to use them, dump, extract and analyze device firmwares, hack UART, SPI, I2C and JTAGs, debug and attack hardware and software, analyze protocols, attack radio and wireless communications like BLE, Zigbee, and custom protocols and much more.

Course contents

Day 1

  • IoT Security Concepts
    • Evaluate the security of different IoT architectures
    • Identify the attack surface
    • IT and IoT Pentest methodologies and frameworks
  • Bluetooth: classic and BLE
    • Concepts
    • Sniffing
    • MiTM attacks and proxy attacks

Day 2

  • Firmware
    • Definitions
    • Dump, extract and analyze device firmware
    • Emulate parts of and entire firmware
    • Adding a backdoor and re-building firmware
  • Hardware and debugging interfaces
    • Electronics 101
    • Serial interfaces: UART, SPI, I2C and JTAG
    • Extracting firmware and data from EEPROM chips
    • JTAG debugging, exploitation

Day 3

  • Software defined radio
    • Concepts
    • Sniffing and reversing radio frequencies
    • Working with 433 MHz: rx, tx, decoding
  • Zigbee
    • Concepts
    • Working with Zigbee: rx, tx, decoding
    • Hacking Zigbee

Who should take this course?

  • All kinds of professionals with an understanding of IT or hacking
  • Anyone interested in learning IoT device hacking
  • Security Professionals
  • IT Professionals
  • Embedded Security Enthusiasts

Students will be provided

High level contents :

  • Software defined radio (SDR) kit
  • BLE sniffing tools
  • BLE dongles
  • General purpose USB to GPIO + SPI + I2C + JTAG + UART adaptor
  • Breadboard + jumper wires and cables
  • EEPROM
  • Zigbee sniffer
  • 2 x NRF52840 DK
  • Multimeter, Jumpers, and USB cables
  • And more..

Note: the content of the kit varies per session based on the content and availability

Requirements

Basic knowledge of Linux or UNIX (especially bash) and security is always an advantage, but not required. It is assumed that attendees will have no knowledge of the topics of the class.

What students should bring

  • Android Smartphone (running Android 7 o newer) – will used to run standard applications from the PlayStore — will not be hacked
  • USB-A Hub (at some point we connect 3 USB-A devices to the laptop) – powered is better — optional but encouraged
  • Laptop with at least the following requirements
    • 64-bit processor with 64-bit operating system (Linux is recommended, but Windows and IOS will work as well)
    • VT or other 64-bit virtualization settings enabled in your BIOS to run 64-bit VMs
    • At least eight (8) GB of RAM, recommended sixteen (16) GB if possible
    • At least fifty (50) GB of free hard drive space
    • Current virtualization software, both VmWare and VirtualBox will work
    • Access to an account with administrative permissions and the ability to disable all security software on their laptop such as Antivirus and/or firewalls if needed for the class.

Trainer Biography

Pablo Endres is the founder and CEO of SevenShift,, a IoT boutique security company. He is an experienced Security Consultant, Professional Hacker, Technological Solution Architect and published author. He is a computer engineer, and he holds a handful of security certifications ISC2 CISSP, CompTIA Security+, and ISECOM’s OPSA + OPST. 

Pablo’s career has taken place mostly doing security in a variety of industries, like wireless phone, VoIP solution and Cloud Service providers, Banks, contact centers and university labs. Pablo has founded multiple companies in different continents and enjoys hacking, IoT, reverse engineering, teaching, working with new technologies, startups, collaborating with Open Source projects, learning new things, teaching, networking and being challenged. In the last couple of years, he has been working mainly in IoT security, testing dozens of devices and working with multiple platform providers to secure their solutions.

Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.