IOT pentesting and Security
IoT Pentesting and Security Training is Industrial use cases based hands-on practical course. The training focuses on deep diving into standard IoT components and technologies to protect the automative systems and devices. The IoT pentesting and security training widely focus on critical threats to Exposed IoT Devices, attack vectors, current security regulations, standards and common security architectures. Furthermore, candidates will learn how to perform security testing on the Device hardwares to find out the design flows
At the beginning of the IoT Pentesting and security training, the course covers fundamental aspects of the IoT and OWASP guidelines. The candidate will be able to review common security architectures & how it can be applied to IoT devices
The core part of this training is offensive assessment .In the middle of IoT Pentesting and security training we will explore the security assessment of the IoT components such as the IoT (hardware, real-time operating systems), Application Programming Interfaces, messaging, communication protocols and backend services.
At the end of IoT Pentesting and security training there is an extensive session will be focused on creating the IoT pentesting reports.
REAL LIFE CASE STUDIES
INSTRUCTOR-LED SESSIONS
INDUSTRY DRIVEN CERTIFICATION
DAILY ASSIGNMENTS
STUDENT LEARNING KIT
syllabus
syllabus
module 1 : IOT pENTESTING and security BASICS
- Introduction of the internet of things
- IoT Architecture layers
- IoT devices and technology
- IoT Protocols suite
- IoT network architecture
- IoT Applications & Insecurities
- OWASP IoT top 10 & Standards
- IoT attack surface areas
- IoT Hardware & components
- IoT ToolKit Preparation
- Hardware Communication Protocols
- Embedded devices enumeration
- Analyzing the interfaces and pinouts
- Conventional Attack Vectors in IoT devices
module 2 : RADIO FREQUENCY & ble PENTESTING
- Introduction to Radio Communication Analysis
- Types of radio frequency modules
- Protocols in radio frequency Modules
- Sniffing the radio packets
- Jamming based attacks
- BLE in IOT devices
• Sniffing BLE packets
• Modifying and sending own packets
• Taking over an IoT device using BLE - ZigBee – Versions and Security Issues
• Zigbee packet sniffing
• Replaying Zigbee packets
• Additional exploitation possibilities in Radi
module 3 : cORE IOT ATTACKS
- Analyzing Boards and chipsets
- Identifying Serial Interfaces and Pinouts
- UART Introduction and Interaction
- Introduction to SPI Flash
- Dumping Firmware
- JTAG – Introduction and finding pinouts
- JTAG Enabling and Exploitation
- Bypassing authentication using JTAG debugging
- Firmware Dumping – via UART and JTAG Debug
- USB Based Attack Vectors
- Fuzzing IoT Devices
- Industrial Grade IoT Ecosystem and Security Issue
module 4 : WEB ATTACKS WITH iot DEVICES
- Message Queue Telemetry Transport (MQTT)
- Constrained Application Protocol (COAP)
- Understanding COAP with Wireshark
- web dashboard vulnerabilities
- Application security issues identification
- Introduction to Android Native Devices
- Exploitation for Android and iOS
- API based security issues
- Cloud-based and vulnerabilities in the backed systems
- How to Defend Against IoT Hacking
- General Guidelines for IoT Device Manufacturing Companies
who should attend this training?
- Security Associates
- Penetration testers/Red team members
- Network security engineers
- Information security consultants
- Freshers
why should i take this training?
IoT devices are widely used nowadays in many automotive operations as well as in daily life. These devices are exposing multiple threats to the outside world. It may sometimes cause a serious impact. IoT Pentesting and security training bulds a skilful IoT pentester .Candidate can apply this knowledge to secure the IoT channels and Devices worldwide
prerequisite of the training ?
What is the duration of the training ?
It’s an Instructor-led online training and the total duration of the training is 30 hours.
IoT Pentesting and
security training
enquiry
Whats Next ?
Checkout the advanced training modules with the given below link.
Testimonials
This is the first time I have attended a class in this format and wondered how effective it would be. It was very effective and therefore I would definitely be interested in attending other classes in the same format. The instructor was very knowlegeable and provided a wealth of information about the current version, especially since the last version I used was several releases ago.
5 start training. Naresh is the best. He made me Zero to Hero in 3 months time. Little bit expensive compare to others ,but totally worth it .