Successful completion of the first edition of our custom Hardware Hacking and Reverse Engineering training!
For a whole week we have been having fun with an international group of students teaching them the basics of hacking hardware and the principles of reverse engineering applied to Internet of Things devices. It has been a very intense week in which we have been studying the most commonly used communications protocols and how to intercept them, learning to identify them and make accessible hidden connections using decapping and bus probing techniques to carry out Man-In-The-Middle attacks.
We've had time to learn how to attack microcontrollers, with practical examples of how to bypass read-only protections from various manufacturers, using tools widely available on the market and with a really low cost.
There has also been room for more advanced attacks that included the application of fuzz testing techniques in unusual interfaces, where such techniques are not usually applied.
Finally, the chapter on reverse engineering of IoT devices has allowed us to focus on specific techniques when working with ARM architectures, binaries lacking symbols, and when the information provided by the manufacturer is not available (zero-knowledge scenario).
And all this without losing sight of how it affects possible certification scenarios for standards such as Common Criteria or FIPS 140-2 in terms of requirements modeling and the security problem definition.
Our students have had a really practical experience of how to deal with the security evaluation of an IoT device, allowing them to gain first-hand experience, performing hardware and software attacks with technology available to anyone against a commercial devices. We are sure that they will be able to masterfully apply the knowledge acquired.
In this way, we open a new series of customized trainings focused on basic and intermediate level attacks applied to security hardware and IoT devices.
Don't hesitate to contact us if you need specific training tailored to your needs!
