Mastering IoT Security Workshop

1. Hardware Hacking

• PCB Analysis complete guide

• Debug ports walkthrough

• Hands on UART and JTAG

• Firmware dumping from hardware concepts

• Hardware CTF

2. Bluetooth and WIFI attacks

      Bluetooth

• • Bluetooth Architecture

  • Core Concepts walkthrough

  • BLE 4 & 5 Differences

  • Bluetooth 4.0 practical exploitation

  • BLE emulation on ESP 32 Dev Kit

  • Blueborne, Braktooth and sweyntooth attacks walkthrough

  • Bluetooth 5.0 Walkthrough and known vulnerabilities (If time permits)

      WiFi

• • WiFi Attacks

  • AP and CS Attacks

  • Required Hardware tools and testing methodology

3. Firmware

• Firmware walkthrough

• Firmware static analysis

• Firmware dynamic analysis

• Practical emulation

• ARM exploitation.

4. Embedded Web Applications

• Application architecture

• Command injection practical

• Hunting for bugs and required tools demo

• OWASP Embedded appsec walkthrough

5. IoT Mobile apps

• Application Discovery and Enumeration

• Authentication and Authorization Testing

• Data Communication and Encryption Assessment

• Input Validation and Data Sanitization Testing

• Code Review and Reverse Engineering

Targeted devices to practice for attendees:

1. Smart band

2. Routers

3. Padlocks

Attendees Requirements:

1. Laptop with 8GB with 100 GB hard-disk space.

2. Full Administrative privileges.

3. VirtualBox 7.0 + Extension pack are necessary.

********************************* Benefits for Attendees: Takeaways

1. UART connectors (Limited)

2. IoT-PT OS Lab Edition (seasides special)

3. May get chance to see and use different kind of hardware debug tools (If time permits)

4. Chance to play with Gaming routers (If time permits)

5. Different MCU devices use cases (If time permits)