Red Team Exercises for IoT Security
2-Day Training | Virtual
| 22-23 November 2021

Red Team Exercises for IoT Security

This course will explain the concept and architecture of IoT devices, and then jump into legit “in the wild” / real hacking techniques and analysis used against real targets.  We will also review the real world exploit, as a framework for how these security issues start through development, so that students can get a glimpse of the world of IoT security.
Threat Researcher, TXOne Networks

Available seats

TBA

Difficulty

Intermediate
US$ 2,299

Attend in-person

TBA

Attend online

via livestream

Date

22-23 November 2021

Time

09:00 to 17:00 GST/GMT+4
To be announced

Today's Internet of Things (IoT) market is developing rapidly, and presents the security community with a difficult challenge.  How do you monitor or limit the dangers that IoT devices can bring to the workplace (and at home), while recognizing the explosion in the market of products to include:  kitchen gadgets, watches, web cameras, smart televisions, smart speakers (Alexa, Google Home), Wi-Fi routers, to all forms of consumer and hospital-grade medical devices/equipment, from the “connected car,” and onto Smart Cities and Smart Factories (Industry 4.0).  

Basically, if it has an on/off switch, either a consumer or the business wants to give it an IP address, and connect it with other devices or the Internet for monitoring, advertising or the promise of “ easier management.”  IoT devices have become an indispensable part of people's lives, but its threat to your personal/business data, and privacy will continue to grow.

The reality is that IoT devices are here to stay, and their threat will only grow as the line between working from home or at the office continues to blend together.  In addition, the threat IoT devices bring to systems that cannot be traditionally monitored, lateral movement after an attack, and the dangers that ransomware also brings to a business means that gaining control of the threat of IoT is something that cannot be ignored.

This course will explain the concept and architecture of IoT devices, and then jump into legit “in the wild” / real hacking techniques and analysis used against real targets.  We will also review the real world exploit, as a framework for how these security issues start through development, so that students can get a glimpse of the world of IoT security.

There are a lot of hands- on Lab exercises in this course, which is very suitable for students who want to be taught by hand, and will foster learning from within the course and hands-on instruction, as well as working at home or in your home lab.

  • Blue Team members to understand the threats of IoT, and Red Team members to exploit their weaknesses
  • Network / Security Operations Center personnel looking to better understand the IoT threat
  • Penetration tester for IoT Security
  • Security researcher and consultant interested in IoT Security
  • Developers want to build IoT Security Knowledge which help to create more secure products
  • Anyone who interested in IoT Security
  • Risk management personnel that want to understand the risks IoT devices bring to both the working from home and within an office environment

Trainees should have a working knowledge of TCP/IP and a basic knowledge of the Windows and Linux command lines.

As the world of IoT, Enterprise IT security (IT)  and Operational Technology (OT) / Critical infrastructure blend together, the trends and threats that IoT brings are here to stay.  This is not meant to instill fear or doubt, but about looking at the reality of how security events are happening, beyond the scope of phishing attacks and end-users accidentally clicking on “bad links.”

IoT security knowledge and implementation technology is the trend of the Internet of Everything era.  In this course, you can explore various IoT Security-related technologies from the shallower to the deeper, and after this course, the students will be better prepared to not only understand the primary risks around IoT, but also have a starter framework and hands-on ability to put what they’ve learned into practice at both their home and job.

  • Build IoT Hacking Foundations
  • Comparing the x86 and ARM-based IoT frameworks
  • Get ARM Exploitation and Bypass Mitigation Techniques
  • Familiar with How to Use Reverse Engineering (Ghidra) and Dynamic Analysis Tools
  • Learn How to Analyze Common IoT Firmwares
  • Learn How to Analyze Encrypted IoT Firmwares
  • Get the Skills to Fix Hardware Dependency
  • Learn the Knowledge about IoT Malware
  • Experience of IoT Botnet Hand on
  • Car Attack Vectors and Protocol attacking
  • Hardware and Radio Frequency Penetration Testing Concept
  • The course is expected to provide 2 VMs (OVA files), 50 GB free space of hard disk and 8GB of memory are minimum)
  • Attendees will need VMware Player or Workstation, VMware Fusion as your virtual machine environment

+Testimonials

No data was found

+agenda

Title

Details

Date

IoT Ecosystem Overview and Attack Vectors

• What is IoT?
• Exploring OWASP IoT Top 10
• Introduce Attack Vector of IoT devices
• Experience and Analyze MQTT protocol (Lab)

22-23 November 2021
ARM Exploitation (Lab)

• Tool Introduction
• Basic ARM Exploitation
• Exploit Mitigation Techniques
• Bypass Mitigation

22-23 November 2021
Analyzing and Exploiting IoT Firmware (Many Labs)

• Firmware Analysis Process Overview
• Common Firmware Analysis (Static and Dynamic)
• Encrypted Firmware Analysis (Static and Dynamic)
• Fix Hardware Dependency

22-23 November 2021
Analyzing IoT Malware and Botnet (Lab)

• Analyze and Compile IoT Malware
• Build IoT Botnet

22-23 November 2021
Analyzing Car Protocol attacking (Lab)

• Attack Vectors Analysis on Car
• Build Car Simulation
• Cat Attack Exercise

22-23 November 2021
Introduction of Hardware and Radio Frequency Penetration Testing

• Hardware Penetration Testing Overview
• Exploit Hardware Debug Ports
• Radio Frequency Penetration Testing Overview
• Demos

22-23 November 2021

Book your spot for this training

+TRAINERS

Mars Cheng
Threat Researcher, TXOne Networks

Mars Cheng (@marscheng_) is a threat researcher for TXOne Networks, blending a background and experience in both ICS/SCADA and enterprise cybersecurity systems. He has directly contributed to more than 10 CVE-IDs, and has had work published in three Science Citation Index (SCI) applied cryptography journals.

Before joining TXOne, he was a security engineer at the Taiwan National Center for Cyber Security Technology (NCCST). He is a frequent speaker and trainer at several international cyber security conferences such as Black Hat Europe, DEFCON, SecTor, FIRST, HITB, ICS Cyber Security Conference Asia and USA, HITCON, SINCON, VXCON, CYBERSEC, CLOUDSEC and InfoSec Taiwan as well as other conferences and seminars related to the topics of ICS and IoT security.

In addition, he also conducted many cyber security training classes at the Hacks in Taiwan (HITCON) Training 2020 and 2019, Ministry of Education (Information Security Incubation Program, ISIP), Ministry of National Defense in Taiwan and listed companies. Mars is general coordinator of HITCON 2021 and was vice general coordinator of HITCON 2020.

+OTHER COURSES YOU MIGHT BE INTERESTED IN

x86-64 All You Can Learn Buffet!
US$ 4,299
x86-64 All You Can Learn Buffet!

This class is run a little different from most classes. We provide you purpose-built recorded lectures instead of trapping you in realtime with live-lectures. But fear not, the instructor is always right there eagerly waiting to mingle with the students and answer any questions you have. (The instructor really likes being asked questions. It shows you're paying attention ;)). One of many benefits is that you can watch lectures at 2x speed and zoom ahead of the other students and get to the hands on labs quicker. Or if there's bits of material you already know, you can just skip them and move on to the bits you don't know! Another big benefit is that you get to take the full lectures and labs with you! That means if you forget stuff and then need it in 6 months, you can quickly re-bootstrap yourself! Or you can watch the class twice, to really grow those neural connections and cement it in your brain! And unlike live lectures, our lectures are always getting more factually accurate, by having any accidental errors edited out.


Go HERE to join the 2-day x86-64 Assembly class. Or,
Go HERE to join the 2-day x86-64 OS Internals class. Or,
Go HERE to join the 4-day x86-64 Reset Vector Firmware class.
4-Day Training Hybrid
x86-64 Reset Vector Firmware
US$ 2,299
x86-64 Reset Vector Firmware

This class is designed to give you all the background you need to understand how x86-64 reset vector firmware works, and what the most common security misconfigurations are. It will prepare you to be able to read and understand the existing attack and defense research in the space, taking an explicit walk through of the attack and defense moves and counter-moves threat tree. And as always, this classes teaches you to be comfortable with Reading The Fun Manual (RTFM!) to go seek out the most accurate details of how things work, and to see out new problems in new areas that no one's read yet with a security mindset.

You can also opt to attend this class on 23 & 24 Nov instead. To do so, just email info@cyberweek.ae

Go HERE to join the 2-day x86-64 Assembly class. Or,
Go HERE to join the 2-day x86-64 OS Internals class. Or,
Go HERE to join the 4-day x86-64 All You Can Learn Buffet class.
2-Day Training Hybrid
x86-64 OS Internals
US$ 2,299
x86-64 OS Internals

This class teaches you about the fundamental hardware mechanisms which all operating systems, virtualization systems, and firmware *must* interact with in order to run successfully on x86 hardware. This is taught in a *mostly* OS-agnostic way focusing on Intel-isms rather than OS-isms (albeit with using Windows as reinforcement, thanks to its excellent kernel-level debugging support.) This class also teaches you to be comfortable with Reading The Fun Manual (RTFM!) to give you self-sufficiency when seeking out the most accurate details of how things work.

You can also opt to attend this class on 23 & 24 Nov instead. To do so, just email info@cyberweek.ae

Go HERE to join the 2-day x86-64 Assembly class. Or,
Go HERE to join the 2-day x86-64 Reset Vector Firmware class. Or,
Go HERE to join the 4-day x86-64 All You Can Learn Buffet class.
2-Day Training Hybrid
x86-64 Assembly
US$ 2,299
x86-64 Assembly

This class teaches you how to disassemble binaries, read x86-64 assembly language, and debug black-box binaries in WinDbg and GDB. This knowledge of assembly is the fundamental skill which is required to learn reverse engineering and vulnerability exploitation. Reverse engineering is in turn a fundamental skill which is required for malware analysis and vulnerability hunting.

 

You can also opt to attend this class on 23 & 24 Nov instead. To do so, just email info@cyberweek.ae

 
Go HERE to join the 2-day x86-64 OS Internals class. Or,
Go HERE to join the 2-day x86-64 Reset Vector Firmware class. Or,
Go HERE to join the 4-day x86-64 All You Can Learn Buffet class.  
2-Day Training Hybrid