back to overview
IoT Security Bootcamp

Delivery: classroom // Duration: 3 days

This is a hands-on IoT hacking class . It covers all aspects of IoT Security, from the
technologies and testing methodologies to the vulnerabilities. The main focus is
offensive security: attacking and testing the devices and platforms.
We first cover the basics and lay out the ground with concepts before diving into the
actual hacking. This provides the understanding of what and why the things can be
hacked, with a good mix of knowledge and learning-by-doing or in this case

Students will receive a free IoT Hacking Kit (hardware with a value of +300 Euros),
which contains the tools and some vulnerable devices used in class, so that they can
continue sharpening their skills or hack devices after the event.


Learning Objectives

After the class, the attendees will be able to evaluate the security of different IoTarchitectures, identify the attack surface, knowledge of security testingmethodologies and how to use them, dump, extract and analyze device firmwares,hack UART, SPI, I2C and JTAGs, debug and attack hardware and software, analyzeprotocols, attack radio and wireless communications like BLE, Zigbee, and customprotocols and much more.


Course Content

Day 1

  • IoT Security Concepts

    • Evaluate the security of different IoT architectures

    • Identify the attack surface

  • IT and IoT Pentest methodologies and frameworks

  • Bluetooth: classic and BLE

    • Concepts

    • Sniffing

    • MiTM attacks and proxy attacks

Day 2

  • Firmware

    • Definitions

    • Dump, extract and analyze device firmware

    • Emulate parts of and entire firmware

    • Adding a backdoor and re-building firmware

  • Hardware and debugging interfaces

    • Electronics 101

    • Serial interfaces: UART, SPI, I2C and JTAG

    • Extracting firmware and data from EEPROM chips

    • JTAG debugging, exploitation

Day 3

  • Software defined radio

    • Concepts

    • Sniffing and reversing radio frequencies

    • Working with 433 MHz: rx, tx, decoding

  • Zigbee

    • Concepts

    • Working with Zigbee: rx, tx, decoding

    • Hacing Zigbee

  • Capture the Flag

    • Hack a read IoT device

Target Audience

  • Security Professionals

  • IT Professionals

  • Embedded Security Enthusiasts

  • All kinds of professionals with understanding of IT or hacking

  • Anyone interested in learning IoT device hacking


Pre-requisite for Course Registration

  • Laptop with at least 50 GB free space and at least 8 GB RAM, external USB access (3 ports), Virtualization software (Virtualbox or VmWare)

  • Eagerness to learn

  • Basic knowledge of Linux or UNIX (especially bash) is always an advantage


How to get to the ISH Campus?

Address: Südallee 1 85326 Munich, Germany
Phone: +49 (0)89 975 32275

By car - from the A92 / Munich

Leaving the motorway A92 you will find yourself at the "Zentralallee". When reaching the first bridge, turn right and leave the "Zentralallee" following the sign with direction "Fracht/Cargo/Wartungsallee/Südallee/FOC".  Continue to follow the street  until the end - for approx. 1,5 km -  and turn left. On your right you will reach the “Luftpostleitstelle” where the ISH is located. 

By S-Bahn / airplane

Take the S-Bahn line S8 or S1 and drive to the “Besucherpark”. Exit the S-Bahn station towards the Flight Operations Center (FOC / Lufthansa) and at the bottom of the stairs, turn left and follow the road for approx. 1,5 km, leaving the "Frachtgebäude/Cargo" at your right hand side. At its end turn left and you will reach the "Luftpostleitstelle" where the ISH is located. 

Are events and trainings in English or in German?

Since we want to provide the best trainings and events for “Securing the Global future” we offer our programs in both English and German. You can tell which language the training or event is in by which flag icon is listed next to the title. A British flag for English or the German flag for Deutsch.

How can I book an open class or company training?

For our "CDC Handling" open class trainings please register via our online registration form. If you plan a company training please arrange a date with our training department, as we offer these trainings on demand.

Which hotels are in the area?

While there is a wide range of hotels around the airport we personally have stayed at both the Hilton and Novotel hotel, and find them to be very nice and comfortable.

Hilton Munich Airport

Address: Terminalstraße Mitte 20, 85356 München-Flughafen
Phone: +49 (0)89 97820

Hotel Novotel

Address: Nordallee 29, 85356 München Phone: +49 (0)89 9705130