Mosse Cyber Security Offensive Internet of Things Exploitation


3 days


$3300.00 (inc GST)

Offensive IoT Exploitation is an exciting new and unique course which offers penetration testers the ability to assess and exploit the security of smart devices. The course will cover different types of IoT devices, assessing their attack surfaces and writing exploits for them.

The course labs include both emulated environments as well as real live devices which will be provided to attendees. Custom VMs with pre- configured labs provided by the trainer will be used for the entire class.

Hardware Requirements:

  • The students are responsible for bringing their laptops to the course.
  • Internet is provided by the training provider.
  • Attendees will have to install a VPN client to connect to the security lab infrastructure.
  • Attendees are required to have an RDP client (installed by default on all Windows machines)

 Software Requirements:

  • Windows XP SP2/3, Windows 7/8 or *Nix or OSX
  • Administrative privileges on your laptop
  • Virtualization Software
  • Custom VM labs will be provided for exploitation
  • SSH Client


Please be advised that this is a reseller course which is not held at DDLS. Students are expected to organise their own meals.

Skills Gained

Attendees will learn about the architecture of IoT devices, firmware analysis, identifying attack surfaces, finding vulnerabilities and exploiting the vulnerabilities.

Key Topics

Module 1: Getting Started With IoT Security

  • Introduction to IoT
  • Security Architecture
  • Getting familiar with IoT Security and components
  • Case Studies of IoT vulnerabilities


Module 2: Hardware Analysis

  • Hardware Hacking 101
  • Analysing boards and components
  • Identifying Serial Interfaces
  • UART, SPI and JTAG Primer
  • Extracting firmware from a real device
  • Common Techniques to prevent hardware attacks
  • Bypassing hardware protections
  • Side Channel Attack Techniques


Module 3: Firmware Analysis

  • Understanding File Systems
  • Firmware Extraction Techniques
  • Analysing and Backdooring Firmwares
  • Simulating and Running firmwares and binaries
  • Debugging firmware binaries
  • Identifying vulnerabilities in firmwares


Module 4: Exploitation

  • ARM Architecture Introduction
  • Registers and Flags
  • Disassembling and Debugging Binaries
  • Common Exploitation Techniques
  • Ret2Libc Techniques for ARM based architectures
  • Gadget hunting and chaining
  • ROP Exploitation


Module 5: Mobile Application Hacking

  • Introduction to Android and iOS App Security
  • Reversing and Analysing Android Applications
  • Real time Debugging Android applications
  • Analysing Native code and libraries for security issues
  • Automating Application Analysis
  • iOS App Reversing and Decryption
  • Runtime Manipulation of iOS applications
  • Obfuscation techniques and bypassing protections


Module 6: Radio Hacking

  • Getting started with SDR
  • Radio Interfaces and Architecture
  • Setting up the pentesting lab for Radio Hacking
  • Getting familiar with GNURadio and other tools
  • Capturing and Streaming Radio signals
  • Overview of Bluetooth and Wifi connections
  • Attacking BLE and Wifi


Module 7: Hardware Hacking 101

  • Tearing/Breaking apart devices
  • Hardware based protections
  • Embedded device components
  • Understanding PCBs and datasheets


Module 8: Diving into the internals

  • Assembly overview
  • ARM and MIPS architecture
  • Getting familiar with instruction sets
  • Writing shellcodes


Module 9: Firmware Based Exploitation

  • Understanding Embedded firmwares
  • Bootloaders
  • Reversing firmwares
  • Emulating binaries and architectures
  • Real time Debugging binaries
  • Getting around with common issues
  • Inserting custom binaries in the firmware
  • Repackaging firmwares


Module 10: Advanced Embedded Hacking

  • Understanding Serial protocols
  • Getting familiar with UART and JTAG
  • Root via Serial
  • Dumping firmware
  • Flashing device with backdoored firmware


Module 11: Automation

  • Using python for automating tasks
  • Custom toolchains
  • Porting pentesting tools
  • Further research
Target Audience

IoT Developer; Penetration Tester; IT engineer


Basic understanding of programming; basic understanding of penetration testing and application security.

The supply of this course by ACTE Pty Ltd (trading as DDLS) is governed by the booking terms and conditions. Please read the terms and conditions carefully before enrolling in this course, as enrolment in the course is conditional on acceptance of these terms and conditions.

Course Availability

Please call DDLS on 1800 U LEARN (1800 853 276) or register your interest below.

Pre-Course Requirements

DDLS offers this training through a third party. This arrangement requires DDLS to provide your details to our partner for course registration purposes.