+91-9999508202 training@codefensive.com

IoT Penetration Testing Training

Beginner • Advanced

IoT Penetration Testing Training

Overview

The IoT Pentration Testing Training is an industrial use case-based, hands-on practical course that focuses on deep-diving into standard IoT components and technologies to protect automotive systems and devices. IoT is one of the hottest technologies, with developments and innovations happening at a stellar speed. However, IoT security is yet to catch up, and since the safety and security repercussions are serious, and at times life-threatening, neglecting IoT security is not an option.

This unique course offers security professionals a comprehensive understanding of the complete IoT technology suite, including IoT protocols, firmware, client-side, and their underlying weaknesses. The extensive hands-on labs enable attendees to identify, exploit or fix vulnerabilities in IoT, not just on emulators, but also on real smart devices.

The IoT Penetration Testing Training focuses on the attack surface on current and evolving IoT technologies in various domains, such as home and enterprise automation. It covers the ground-up on various IoT protocols, including internals, specific attack scenarios for individual protocols, and open-source software/hardware tools one needs to have in their IoT penetration testing arsenal. The training also covers hardware attack vectors and approaches to identifying respective vulnerabilities.

At the end of the IoT Penetration Testing Training, there is an extensive session focused on creating IoT pentesting reports. Participants will learn how to effectively communicate their findings and recommendations to stakeholders, including identifying vulnerabilities, assessing risk levels, and providing actionable solutions to improve IoT security.

This training is ideal for security professionals who are responsible for securing IoT devices, systems, and networks. By the end of the training, participants will have gained the knowledge and skills necessary to identify, exploit, and mitigate IoT-related security risks, effectively securing their organization’s IoT infrastructure.

What You’ll Learn

  • IoT Foundation and Common Protocols
  • BLE Devies Pentesting
  • Radio Frequency Pentesting
  • Exploiting UART , JTAG,I2c , SPI and Memory Based Scenarios

Training Modules

IoT Fundamentals and Security Baseline
  • Introduction to IoT Architecture and attack surfaces
  • IoT Protocol Internals
  • Electrical engineering -101
  • PCB, Capacitors , Inductors , Diodes, Multimeter and Transistors Internals
  • Reconnaissance techniques
  • Information leakage in Devices
  • DOS attacks
  • Hands-on with open-source tools
GATT and CAN Bus Pentesting
  • Introduction and protocol Overview
  • Reconnaissance (Active and Passive) with HCI tools
  • GATT Service Enumeration
  • Sniffing GATT protocol communication
  • Reversing GATT protocol communication
  • Read and write on the GATT protocol
  • Fuzzing Characteristic values
  • CAN Bus essentials
  • Attacks on CAN Bus
Exploiting Wireless IoT : BLE , SDR ,LoRA
  • Zigbee and protocol Overview
  • Reconnaissance (Active and Passive)
  • Sniffing , Eavesdropping and BLE device interaction internals
  • Decrypting communication and Cracking Wireless PSK
  • Hands-on with Zigbee Auditor 
Firmware Pentesting
  • Firmware analysis Foundations
  • Firmware Extraction methods
  • Firmware modification and encryption
  • Emulating device firmware (User-space & Full System)
  • Reverse Engineering Firmwares
IoT Hardware Foundations
  • Introduction to IoT hardware and Components
  • Exploit Nano
  • EEPROM readers
  • Bus Auditor
  • Logic Analyzer
  • Hardware Reconnaissance
  • Analysing the board and Datasheet
Attacking UART , JTAG and Memory
  • Identifying UART interface
  • Methods to analyse the UART interface
  • Accessing sensor via UART
  • Brute-forcing Custom consoles
  • Identifying JTAG interface
  • Methods to analyse JTAG interface
  • Extracting firmware from the microcontroller
  • Run-time patching the firmware code
  • Common memory chips and protocols
  • Hands on memory attacks
Attacking I2c and SPI
  • Interfacing with I2C
  • Manipulating Data via I2C
  • Hands on run-time I2C communication
  • Interfacing with SPI
  • Hands on data Manipulation with SPI
IoT Penetration Testing Reporting
  • IoT Reporting industry guidelines
  • Automative assessment reports
  • Detailed assessment reporting guidelines
  • IoT Pentesting Assessments Use Cases
Who Can Apply For The Training ?
  • Individuals holding a bachelor’s degree and displaying a fascination for mastering advanced proficiencies in Hardware Pentesting.
  • IT Consultants aspiring to elevate their competence in the realm of IoT Security.
  • Members of Pentest Teams seeking to amplify their skillset for greater proficiency.
Enroll Now
Training Delivery Details

Self-Paced Training

Self-paced, the ultimate in flexible cybersecurity learning! With unlimited access to your training, you can learn at your own pace, wherever and whenever it’s convenient for you. Our program includes all labs, exercises, and live support from Codefensive subject matter experts to ensure your success. Join us now to take control of your cybersecurity education!

On-Demand Live Training

Join virtual Codefensive training experience, right from the comfort of your own home! Our industry-leading instructors will deliver interactive courses via live stream, giving you the ultimate in cybersecurity education. Following each class, you’ll have the opportunity to enjoy a keynote from top industry professionals. Choose the ultimate in cybersecurity education and join us today!

Prerequisites
Basics of Computer Networks
Basics of Cyber Security
Computer Hardware Basics

Ready to Get Started?

Book an free consultation and Join the right training for you .

Take a Class
logo dark