TR02

A new two-day workshop in english.

IoT HACKING 101

Book now using the voucher code: TR25_HMTRAINING and save an additional 5% of the current valid rate of any package!

Overview

IoT devices are extremely versatile. They can offer a wide variety of physical interfaces, run different kinds of software and communicate with all sorts of protocols. Usually they are embedded into a larger ecosystem. All that makes it very complex to analyze the security of these devices and ecosystems. This workshop is intended to give an introduction into IoT hacking. Afterwards, the participants should be able to enumerate the attack surface of IoT systems, identify and exploit common vulnerabilities, and have an understanding of how to mitigate them.

We will look at IoT devices, their hardware, their firmware, as well as back-end components that are typically found in the IoT world. The workshop will go into common vulnerabilities in IoT ecosystems, as well as how to identify and exploit them. In practical examples the participants will get first-hand experience in assessing the security of IoT devices and their back-ends. At the end of the workshop the participants should have a solid understanding of IoT ecosystems and how to identify vulnerabilities. This course is intended for beginners to give a broad introduction into the topic. At the end, we will go into areas the participants can dig deeper into after the workshop.

Who should attend this training?

The workshop does not strictly require penetration testing experience as we will start with the basics of IoT hacking. Curiosity in hacking and prior experience in IT security is certainly helpful.

The workshop is target towards:

• Penetration testers and security analysts looking to get into testing IoT devices and their infrastructure
• IoT developers that want to improve in the area of securing IoT devices and applications in the IoT context
• Anyone else that is interested in IoT security

Who should attend this training?

The workshop will give attendees an insight into the hacking techniques required for penetration testing. This workshop is for beginners in the IT security field as well as professionals who want to get more practical experience in hacking and penetration testing.

Requirements

The attendees should have:

• Basic knowledge in Linux or Unix systems and networking.
• Basic experience with the Unix command line
• Basic knowledge in penetration testing and/or programming is optional but will help
• Laptop with root/admin privileges
• Ability to run a virtual machine (VirtualBox, ~40GB of disk space)
• A virtual machine image will be provided, alternatively, an installation script can be used to set up your own VM with the required tools
• USB-Forwarding is required (make sure this works in your VM setup)
• We will require multiple USB
• A ports, make sure to bring an adapter, especially if you have only USB-C

About the Trainers

Frieder Steinmetz earned his Master’s degree on the security of embedded and cyber-physical devices from the Technical University of Hamburg. He has a background in cryptography, published work on the security of encrypted messaging protocols and malicious USB devices and Bluetooth security. He works as Senior Security Analyst at ERNW Enno Rey Netzwerke GmbH. His work focuses on pentesting mobile and embedded devices, as well as their back-end communication and infrastructure. He regularly gives Trainings on subjects such as IoT, RFID/NFC Hacking, web application pentesting and communications security.

Dennis Heinze is working as a Security Analyst & Researcher at ERNW Enno Rey Netzwerke GmbH. He earned his Master’s degree in IT-Security at TU Darmstadt with a focus on network and system security. In the past, he published research on the Bluetooth technology in the Apple ecosystem with a special focus on the analysis and security of Bluetooth protocol implementations. In his work at ERNW, the focus of his work is on pentesting mobile and embedded devices as well as their communication and back-end systems.

Booking

Recommended online booking of trainings through:

https://troopers.de/tickets/

Voucher code: TR25_HMTRAINING

Using this voucher code automatically gives you an additional 5% off the current valid price! You can register with this code until seats have run out.

Contact

Need assistance? Don’t hesitate to call us. We are fluent in English and German.
+49 6221 480390 or info@troopers.de

Booking is also possible offline through your trusted partner:

HM Training Solutions, Falkenstrasse 6, 63820 Elsenfeld, Germany

+49 6022 508200 / info@hm-ts.de
+49 6022 5089999 / https://hm-ts.de