|22 November||Monday||09:00 to 17:00 GST/GMT+4||8 Hours|
|23 November||Tuesday||09:00 to 17:00 GST/GMT+4||8 Hours|
Online attendees on Nov 22-23 will be present via Zoom and Discord but will not have a practical part of training. HITB Badge and additional hardware will be shipped to online attendees after all registrations are confirmed. A separate single day online session with hardware practice will be scheduled in the second half of December as soon as all attendees confirm their mail package received.
Microcontrollers and embedded devices are all around us. Cheap hardware has many integrated basic communication methods, including access to the Internet. At the same time, there are almost no built-in security features in most microcontrollers to protect code from reverse engineering, cloning, finding hardcoded keys and accessing backend API endpoints that device uses.
During this two day training we are going to discuss threat model of IoT devices with backend interaction. Our examples are based on STM32 and ESP32 microcontrollers, SDR demonstrations are done with bladeRF 2.0.
TechMaker’s blog: https://blog.techmaker.ua/en/
1. What is a microcontroller? 2. Comparing architectures and toolchains 3. Hardware interfaces: I2C, SPI, UART, USB, CANbus 4. How to read PCBA and find valuable stuff 5. Analysing digital data 6. JTAG, bootloaders, secure boot, root of trust, FUSEs 7. Wireless connectivity. Threat model, attack vectors 8. Device to backend connection architecture: MQTT, HTTPS, TLS
9. Intercepting wired data 10. Intercepting wireless data 11. Reverse engineering binary firmware obtained from debug interface or OTA update 12. Analysing backend infrastructure: anubis -> gobuster, Firefox + Burp + sqlmap 13. Expert topics. Side-channel attacks, ChipWhisperer 14. Expert topics. Using SDR and blank SIM cards to capture 4G traffic