Kamel Ghali - Hands-on Car Hacking & Automotive Cybersecurity - DCTLV2025
Name of Training: Hands-on Car Hacking & Automotive Cybersecurity
Trainer(s): Kamel Ghali
Dates: August 11-12, 2025
Time: 8:00 am to 5:00 pm PT
Venue: Las Vegas Convention Center
Cost: $2,200
Hardware: $470 (if you choose to keep)
Course Description:
As automobiles increase their reliance on advanced connectivity and autonomy systems, they become more vulnerable to cyber-attacks. This class introduces participants to car hacking with in-depth case studies of automotive security research and guided, hands-on activities to instill mastery in the use of automotive technologies such as CAN and diagnostic protocols such as UDS and XCP. All hardware and software needed for the course is supplied by the instructor.
Participants will learn:
-
In-depth details of the automotive cybersecurity industry and car hacking incidents from the past
-
In-depth understanding of vehicle attack surfaces and how they have been exploited by researchers in the past, including in-depth case studies
-
Details of in-vehicle networking technologies used in the automotive industry and how they have been used to hack vehicles
-
Hands-on operation of CAN bus networking equipment to hack cars including
-
Reading CAN bus data
-
Sending CAN bus data
-
Reverse engineering CAN bus data
-
Executing attacks on a vehicle CAN bus
-
Using vehicle diagnostic protocols to read and write information to vehicle ECUs
Course Outline:
Day 1:
-
Introduction to Car Hacking & Automotive Cybersecurity
-
Car Hacking Case Studies
-
CAN Bus Hands-on I
-
CAN Bus Hands-on II
Day 2:
-
CAN Bus Reverse Engineering
-
In-vehicle Diagnostics with ISO 14229 & UDS
-
In-vehicle Diagnostics with XCP
-
CAN Bus Security and Attacks
-
CAN Bus CTF
Difficulty Level:
The course is an intermediate course that assumes participants have moderate cybersecurity experience, but no specific experience with automotive cybersecurity or hacking vehicle systems.
Necessary Skills/Knowledge:
-
Linux Command Line Experience
-
Bash Scripting Experience
-
Digital Signaling Understanding
-
Binary Algebra/Operations Understanding
Suggested Prerequisites:
-
Jeep Hack News Video: https://www.youtube.com/watch?v=MK0SrxBC1xs&pp=ygUJamVlcCBoYWNr
-
Jeep Hack Whitepaper: https://illmatics.com/Remote%20Car%20Hacking.pdf
What Students Should Bring:
Students should bring a laptop computer with the following characteristics:
-
Virtualization Enabled
-
VMWare or Oracle VirtualBox Installed
-
At least one USB-A port available
All vehicle network hardware will be lent by the instructor. The instructor will also share reference documents and pre-configured virtual machine images for use during the course ahead of time.
Uniquely, this Car Hacking Training utilizes both virtualized vehicle network environments AND real vehicle hardware. This includes hardware purchased on the aftermarket as well as vehicle parts retrieved directly from real vehicles, giving students the opportunity to interact with vehicle networks as they are used in real vehicle hardware. In addition, several of the hardware modules incorporated into the course have been featured in the Automotive Pwn2Own competition from 2024 and 2025.
For the course, each student will be provided with a single-board automotive networking platform that emulates 4 distinct vehicle ECUs for the purpose of analyzing and learning how to use CAN bus, as well as extensions for the board and USB cable. If you would like to purchase your course equipment, choose the "KEEP" option below before adding the course to your cart.
Trainer(s) Bio:
Kamel Ghali is an 8 year veteran of the automotive cybersecurity industry and the VP of international affairs of the Defcon Car Hacking Village. He has extensive cyber physical systems security experience and has worked as a vehicle penetration tester, security consultant, and trainer in the United States and Japan. He speaks fluent English, Arabic, and Japanese, and volunteers in cybersecurity communities around the world spreading awareness for the need for cybersecurity in transportation systems.
Registration Terms and Conditions:
Trainings are refundable before July 8, 2025, minus a non-refundable processing fee of $250.
Trainings are non-refundable after July 8, 2025.
Training tickets may be transferred. Please email us at training@defcon.org for specifics.
If a training does not reach the minimum registration requirement, it may be cancelled. In the event the training you choose is cancelled, you will be provided the option of receiving a full refund or transferring to another training (subject to availability).
Failure to attend the training without prior written notification, will be considered a no-show. No refund will be given.
By purchasing this ticket you agree to abide by the DEF CON Training Code of Conduct and the registration terms and conditions listed above.
Several breaks will be included throughout the day. Please note that food is not included.
All courses come with a certificate of completion, contingent upon attendance at all course sessions.
Training Justification Request – DEF CON Training
To: [Manager Name]
From: [Employee Name]
Date: [Date]
Subject: Business Justification for Attendance at DEF CON Training
Dear [manager’s name],
I am requesting approval to attend DEF CON Training, one of the cybersecurity industry's most recognized technical training programs. I’ve reviewed the options and selected a course to expand my skills with [1-2 key skills focus areas for the course].
DEF CON has been one of the world’s leading cybersecurity communities for more than three decades, known for convening industry, government, and independent experts to exchange advanced knowledge and practical skills. Building on this tradition, DEF CON Training delivers intensive courses taught by recognized global instructors. DEF CON Training courses offer hands-on instruction in a challenging, fast-paced environment. Many of the courses offered by DEF CON Training align with the National Institute of Standards and Technology (NIST) NICE Framework and Department of Defense Cyber Workforce Framework (DCWF), and attending this course will help me build and sharpen the skills required for my role.
Training: [Name of DEF CON Training Course]
Instructor/Provider: [Trainer Name(s)]
Dates: [Training Dates]
Location: Las Vegas, NV
Cost: [Course Fee]
Travel Expenses: [estimated travel & accommodations costs]
Course Description: [Copy short description of the selected class from the website here]
Trainer Bio: [Copy bio of the trainers of the selected class from the website here]
Once I’ve completed the course, I’ll be able to:
[copy student outcomes from course page where available or choose 3-4 skills or topic areas from the outline that are applicable to your current role, will help you fill a skill gap, etc.]
Business Need
As cyber threats continue to evolve, it is critical that our organization maintains current knowledge of emerging techniques and industry best practices. The selected DEF CON training aligns directly with my responsibilities in [your role/field here - for example, security operations, incident response, threat detection and hunting, application security, cloud security, risk management, security engineering].
The course will provide practical, hands-on experience that can be immediately applied to our environment and security initiatives. DEF CON training emphasizes real-world attack and defense scenarios, enabling participants to develop skills that extend beyond traditional classroom learning.
Request for Approval
I respectfully request approval and funding to attend DEF CON Training this August in Las Vegas. The knowledge, hands-on experience, and industry insights gained will directly support our cybersecurity objectives and contribute to strengthening our organization's security capabilities.
Thank you for your consideration. Please let me know if you have questions or need additional information to support this request.
Sincerely,
[Employee name]