Attend in-personat ADNEC Abu Dhabi
Attend onlinevia Livestream
Date22-23 November 2021
Time09:00 to 17:00 GST/GMT+4
Online attendees on Nov 22-23 will be present via Zoom and Discord but will not have a practical part of training. HITB Badge and additional hardware will be shipped to online attendees after all registrations are confirmed. A separate single day online session with hardware practice will be scheduled in the second half of December as soon as all attendees confirm their mail package received.
Microcontrollers and embedded devices are all around us. Cheap hardware has many integrated basic communication methods, including access to the Internet. At the same time, there are almost no built-in security features in most microcontrollers to protect code from reverse engineering, cloning, finding hardcoded keys and accessing backend API endpoints that device uses.
During this two day training we are going to discuss threat model of IoT devices with backend interaction. Our examples are based on STM32 and ESP32 microcontrollers, SDR demonstrations are done with bladeRF 2.0.
TechMaker’s blog: https://blog.techmaker.ua/en
1. What is a microcontroller?
2. Comparing architectures and toolchains
3. Hardware interfaces: I2C, SPI, UART, USB, CANbus
4. How to read PCBA and find valuable stuff
5. Analysing digital data
6. JTAG, bootloaders, secure boot, root of trust, FUSEs
7. Wireless connectivity. Threat model, attack vectors
8. Device to backend connection architecture: MQTT, HTTPS, TLS
9. Intercepting wired data
10. Intercepting wireless data
11. Reverse engineering binary firmware obtained from debug interface or OTA update
12. Analysing backend infrastructure: anubis -> gobuster, Firefox + Burp + sqlmap
13. Expert topics. Side-channel attacks, ChipWhisperer
14. Expert topics. Using SDR and blank SIM cards to capture 4G traffic
Head of Embedded dept at Thea Auto, a connected cars company, developing systems & software for car telemetry. Additionally teaching application security at TechMaker (https://techmaker.ua) – a special appsec course for software developers explaining every aspect of the backend, frontend, mobile applications security, hardware security, including side-channel attacks and RF-signals hacking.
Embedded developer at Thea Auto, a connected cars company, developing systems & software for car telemetry. Additionally teaching firmware development at TechMaker (https://techmaker.ua) – an embedded programming course featuring STM32 ARM-based development boards.
This class is run a little different from most classes. We provide you purpose-built recorded lectures instead of trapping you in realtime with live-lectures. But fear not, the instructor is always right there eagerly waiting to mingle with the students and answer any questions you have. (The instructor really likes being asked questions. It shows you're paying attention ;)). One of many benefits is that you can watch lectures at 2x speed and zoom ahead of the other students and get to the hands on labs quicker. Or if there's bits of material you already know, you can just skip them and move on to the bits you don't know! Another big benefit is that you get to take the full lectures and labs with you! That means if you forget stuff and then need it in 6 months, you can quickly re-bootstrap yourself! Or you can watch the class twice, to really grow those neural connections and cement it in your brain! And unlike live lectures, our lectures are always getting more factually accurate, by having any accidental errors edited out.
This class is designed to give you all the background you need to understand how x86-64 reset vector firmware works, and what the most common security misconfigurations are. It will prepare you to be able to read and understand the existing attack and defense research in the space, taking an explicit walk through of the attack and defense moves and counter-moves threat tree. And as always, this classes teaches you to be comfortable with Reading The Fun Manual (RTFM!) to go seek out the most accurate details of how things work, and to see out new problems in new areas that no one's read yet with a security mindset.You can also opt to attend this class on 23 & 24 Nov instead. To do so, just email firstname.lastname@example.org
This class teaches you about the fundamental hardware mechanisms which all operating systems, virtualization systems, and firmware *must* interact with in order to run successfully on x86 hardware. This is taught in a *mostly* OS-agnostic way focusing on Intel-isms rather than OS-isms (albeit with using Windows as reinforcement, thanks to its excellent kernel-level debugging support.) This class also teaches you to be comfortable with Reading The Fun Manual (RTFM!) to give you self-sufficiency when seeking out the most accurate details of how things work.You can also opt to attend this class on 23 & 24 Nov instead. To do so, just email email@example.com
This class teaches you how to disassemble binaries, read x86-64 assembly language, and debug black-box binaries in WinDbg and GDB. This knowledge of assembly is the fundamental skill which is required to learn reverse engineering and vulnerability exploitation. Reverse engineering is in turn a fundamental skill which is required for malware analysis and vulnerability hunting.
You can also opt to attend this class on 23 & 24 Nov instead. To do so, just email firstname.lastname@example.org