Internet of Things (IoT) Penetration Testing

Course Outline of IOTP

Introduction to IoT:

  • Security Architecture
  • Getting Familiar with IoT Security and Components
  • Case Studies of IoT Vulnerabilities

Hardware Analysis:

  • Hardware Hacking 101
  • Analyzing Boards and Components
  • Identifying Serial Interfaces
  • UART, SPI and JTAG Primer
  • Extracting Firmware from a Real Device
  • Common Techniques to Prevent Hardware Attacks
  • Bypassing Hardware Protections
  • Side Channel Attack Techniques

Firmware Analysis:

  • Understanding File Systems
  • Firmware Extraction Techniques
  • Analyzing and Backdooring Firmwares
  • Simulating and Running
  • Firmwares and Binaries
  • Debugging Firmware Binaries
  • Identifying Vulnerabilities in Firmwares


  • ARM Architecture Introduction
  • Registers and Flags
  • Disassembling and Debugging Binaries
  • Common Exploitation Techniques
  • Ret2Libc Techniques for ARM Based Architectures
  • Gadget Hunting and Chaining
  • ROP Exploitation

Mobile Application Hacking:

  • Introduction to Android and iOS App Security
  • Reversing and Analyzing Android Applications
  • Real time Debugging Android Applications
  • Analyzing Native code and Libraries for Security Issues
  • Automating Application Analysis
  • iOS App Reversing and Decryption
  • Runtime Manipulation of iOS Applications
  • Obfuscation Techniques and Bypassing Protections

Radio Hacking:

  • Getting Started with SDR
  • Radio Interfaces and Architecture
  • Setting up the Pentesting Lab for Radio Hacking
  • Getting familiar with GNURadio and Other Tools
  • Capturing and Streaming Radio Signals
  • Overview of Bluetooth and Wifi Connections
  • Attacking BLE and Wifi

2-4 December 2019

Course Level



3 Days

Tuition Fee

21,000.00 THB


A.Sunt-tanarit Prapassaraporn
CISSP, CBCI, GPEN, GXPN, CEH ECSA, OSCP, CMFE, Qualysguard Certified Specialist, CompTIA Security+, CCSK