{"product_id":"iot-exploitation-masterclass-hardware-rf-hacking-smriti-gaba-yianna-paris-dctlv2026","title":"IoT Exploitation Masterclass: Hardware \u0026 RF Hacking - Smriti Gaba \u0026 Yianna Paris - DCTLV2026","description":"\u003cp dir=\"ltr\"\u003e\u003cmeta charset=\"utf-8\"\u003e\u003cstrong\u003eName of Training\u003c\/strong\u003e\u003cspan\u003e\u003cstrong\u003e:\u003c\/strong\u003e IoT Exploitation Masterclass: Hardware \u0026amp; RF Hacking\u003cbr\u003e\u003c\/span\u003e\u003cstrong\u003eTrainer(s)\u003c\/strong\u003e\u003cspan\u003e\u003cstrong\u003e:\u003c\/strong\u003e Smriti Gaba and Yianna Paris\u003cbr\u003e\u003c\/span\u003e\u003cspan\u003e\u003cstrong\u003eDates\u003c\/strong\u003e\u003cstrong\u003e:\u003c\/strong\u003e \u003cmeta charset=\"utf-8\"\u003eAugust 10-11, 2026\u003cbr\u003e\u003cstrong\u003eTime:\u003c\/strong\u003e 8:00 am to 5:00 pm \u003cbr\u003e\u003cstrong\u003eVenue\u003c\/strong\u003e\u003cstrong\u003e:\u003c\/strong\u003e \u003cmeta charset=\"utf-8\"\u003eLas Vegas Convention Center\u003cbr\u003e\u003cstrong\u003eCost\u003c\/strong\u003e\u003cstrong\u003e: \u003c\/strong\u003e$2,500 (USD)\u003c\/span\u003e\u003cstrong\u003e\u003c\/strong\u003e\u003cstrong\u003e\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eShort Summary:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003eUncover the IoT attack surface through hands-on hardware exploitation and RF hacking using a custom vulnerable IoT device. Students will learn to identify vulnerabilities, from PCB component analysis to wireless protocols, performing practical attacks including firmware extraction and analysis, debug interface exploitation, and RF based replay and injection attacks.\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eCourse Description:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003eThis 2-day course provides comprehensive hands-on training in IoT security exploitation using a purpose-built vulnerable embedded system. Students will progress from hardware-level exploitation techniques starting from PCB component analysis, mapping attack surface, UART\/JTAG debugging, firmware extraction, analysis and modification, understanding secure boot and overview of advanced sophisticated attacks like fault injection to RF hacking fundamentals covering RFID attacks, protocol analysis, replay attacks, and wireless exploitation.\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003eEach student receives a custom IoT security testing board featuring multiple vulnerabilities across hardware interfaces, firmware, and wireless communications. Through practical labs based on real-world attack scenarios, participants learn how attackers compromise IoT ecosystems at various layers: extracting hardcoded credentials, manipulating firmware, intercepting wireless communications, and chaining exploits for complete device takeover. The course demonstrates actual vulnerability patterns from commercial IoT devices, showing not just how to perform attacks but why these flaws exist, their impact on device security, user privacy, and wireless communication. By bridging hardware and RF security disciplines, this training equips security professionals, penetration testers, and product teams with the skills needed to assess and defend today's connected device infrastructure.\u003c\/p\u003e\n\u003cp\u003e\u003cspan\u003e\u003cmeta charset=\"utf-8\"\u003e \u003cstrong\u003eCourse Outline: \u003c\/strong\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp class=\"p1\"\u003e\u003cb\u003e\u003ci\u003eDay 1: Hardware Hacking fundamentals \u003c\/i\u003e\u003c\/b\u003e\u003cb\u003e\u003ci\u003e\u003c\/i\u003e\u003c\/b\u003e\u003c\/p\u003e\n\u003cp class=\"p1\"\u003eMorning session\u003c\/p\u003e\n\u003cp class=\"p1\"\u003e1. Introduction and lab setup\u003c\/p\u003e\n\u003cul\u003e\n\u003cli class=\"p1\"\u003eIntro and course overview\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eDetails on target board and setup instructions (We will prepare everything before the training to save time for setup and configurations)\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eMission: what we’ll exploit over 2 days (Agenda)\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eVerification of setup and environment configuration.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp class=\"p1\"\u003e2. IoT Architecture \u0026amp; Attack surface mapping \u003c\/p\u003e\n\u003cul\u003e\n\u003cli class=\"p1\"\u003eUnderstanding IoT device components and security boundaries.\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eMethodology, building strategy\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eIdentifying assets and mapping attack surface\u003c\/li\u003e\n\u003cli class=\"p1\"\u003ePCB component analysis and identifying security relevant components\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eInformation gathering, schematics and datasheets\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eUseful tools (multimeters, logic analyzers, FTDI... etc)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp class=\"p3\"\u003e\u003ci\u003eExercise 1: Identifying components on the victim board. \u003c\/i\u003e\u003ci\u003e\u003c\/i\u003e\u003c\/p\u003e\n\u003cp class=\"p1\"\u003e3. Debug Interfaces \u003c\/p\u003e\n\u003cul\u003e\n\u003cli class=\"p1\"\u003eIntroduction to debug interfaces and types\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eSecurity concerns and attack paths\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp class=\"p1\"\u003e\u003ci\u003ea. UART: \u003c\/i\u003e\u003ci\u003e\u003c\/i\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli class=\"p1\"\u003eIdentifying UART pinouts using multimeter and logic analyzer\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eBaud rate detection techniques\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eConnecting to debug consoles and Uboot\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eExtracting sensitive info from boot logs (Boot log analysis)\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eReal world attack scenarios on UART and what leads to shell access\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp class=\"p3\"\u003e\u003ci\u003eExercise 2: Identifying UART pins and pinout on target board \u003c\/i\u003e\u003ci\u003e\u003c\/i\u003e\u003c\/p\u003e\n\u003cp class=\"p3\"\u003e\u003ci\u003eExercise 3: Gaining root shell access via UART \u003c\/i\u003e\u003ci\u003e\u003c\/i\u003e\u003c\/p\u003e\n\u003cp class=\"p1\"\u003e\u003ci\u003eb. JTAG: \u003c\/i\u003e\u003ci\u003e\u003c\/i\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli class=\"p1\"\u003eIntroduction to JTAG and SWD protocols\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eSecurity concerns and attack paths\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eJTAG pin identification and boundary scan\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eConnecting debuggers (OpenOCD, J-link)\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eReading\/writing memory and registers\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eGetting to know GDB important commands\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eFirmware dumping via debug interfaces\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp class=\"p3\"\u003e\u003ci\u003eExercise 4: JTAG interface discovery and connection \u003c\/i\u003e\u003ci\u003e\u003c\/i\u003e\u003c\/p\u003e\n\u003cp class=\"p3\"\u003e\u003ci\u003eExercise 5: Firmware extracting using JTAG\/SWD \u003c\/i\u003e\u003ci\u003e\u003c\/i\u003e\u003c\/p\u003e\n\u003cp class=\"p1\"\u003eAfternoon session \u003c\/p\u003e\n\u003cp class=\"p1\"\u003e1. Firmware extraction techniques\u003c\/p\u003e\n\u003cul\u003e\n\u003cli class=\"p1\"\u003eIntro to flash memories: NAND, NOR, eMMC and protocols (SPI, I2C)\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eDifferent types of programmers and tools for flash dumping and reprogramming\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eChip identification and pinout discovery\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp class=\"p3\"\u003e\u003ci\u003eExercise 6: Extracting firmware from SPI flash chip \u003c\/i\u003e\u003ci\u003e\u003c\/i\u003e\u003c\/p\u003e\n\u003cp class=\"p1\"\u003e2. Firmware analysis and Reverse engineering \u003c\/p\u003e\n\u003cul\u003e\n\u003cli class=\"p1\"\u003eUnderstanding firmware formats and file systems\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eUsing binwalk for firmware unpacking\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eAnalyzing file system continents (squashfs, jffs2, ubifs)\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eBasic static analysis of binaries using Ghidra\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eFinding hardcoded credentials, other sensitive information\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eIdentifying vulnerable services and backdoors\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eAnalyzing update mechanisms\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp class=\"p3\"\u003e\u003ci\u003eExercise 7: Unpacking and analyzing firmware \u003c\/i\u003e\u003ci\u003e\u003c\/i\u003e\u003c\/p\u003e\n\u003cp class=\"p3\"\u003e\u003ci\u003eExercise 8: Finding hidden credentials and backdoors \u003c\/i\u003e\u003ci\u003e\u003c\/i\u003e\u003c\/p\u003e\n\u003cp class=\"p1\"\u003e3. Firmware modification and reprogramming \u003c\/p\u003e\n\u003cul\u003e\n\u003cli class=\"p1\"\u003eModifying extracted firmware images\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eAdding backdoors and persistent mechanisms\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eRepackaging and flashing modified firmware\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp class=\"p3\"\u003e\u003ci\u003eExercise 9: Modifying firmware to add backdoor \u003c\/i\u003e\u003ci\u003e\u003c\/i\u003e\u003c\/p\u003e\n\u003cp class=\"p3\"\u003e\u003ci\u003eExercise 10: Reflashing modified firmware to device \u003c\/i\u003e\u003ci\u003e\u003c\/i\u003e\u003c\/p\u003e\n\u003cp class=\"p1\"\u003eSummary and Key takeaways of Day 1\u003c\/p\u003e\n\u003cp class=\"p1\"\u003e\u003cb\u003e\u003ci\u003eDay 2: Wireless communication and RF fundamentals \u003c\/i\u003e\u003c\/b\u003e\u003cb\u003e\u003ci\u003e\u003c\/i\u003e\u003c\/b\u003e\u003c\/p\u003e\n\u003cp class=\"p1\"\u003eMorning session \u003c\/p\u003e\n\u003cp class=\"p1\"\u003e1. Secure boot and protection bypass techniques \u003c\/p\u003e\n\u003cul\u003e\n\u003cli class=\"p1\"\u003eUnderstanding secure boot mechanism\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eBypassing secure boot techniques\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eBasic intro to fault injection techniques and sophisticated hardware attacks\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eDemo videos and examples\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eReal world examples of fault injection attacks and secure boot bypass\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp class=\"p1\"\u003e2. Introduction to wireless interfaces \u003c\/p\u003e\n\u003cul\u003e\n\u003cli class=\"p1\"\u003eOverview of wireless protocols in IoT: BLE, WiFi, Zigbee, LoRa\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eCommon wireless security mistakes\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eExtracting wireless credentials from firmware\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eWiFi security: Exploring weaknesses in IEEE 802.11, sniffing and attacking WPA\/WPA2 Personal, overview of WPA3 weaknesses\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eDemo: WiFi-based motion sensing using an ESP32 (hands-on if time permits)\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eBLE security mechanisms and common weaknesses\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eUsing basic BLE tools (bluetoothctl, nRF Connect)\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eBLE device enumeration and characteristic reading\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp class=\"p3\"\u003e\u003ci\u003eExercise 11: Scanning and connecting to BLE devices with simple commands \u003c\/i\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli class=\"p3\"\u003eZigbee security: protocol overview and common weaknesses\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli class=\"p3\"\u003eSniffing Zigbee communication, extracting network keys, and decrypting traffic\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli class=\"p3\"\u003eReplay and injection attacks on Zigbee devices\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cem\u003eExercise 12: Zigbee sniffing, decryption, and replay on a real IoT ecosystem\u003c\/em\u003e\u003c\/p\u003e\n\u003cp class=\"p1\"\u003e3. Hardware security real world case studies \u003c\/p\u003e\n\u003cul\u003e\n\u003cli class=\"p1\"\u003eCommercial device vulnerability examples:\u003cbr\u003e\n\u003cul\u003e\n\u003cli class=\"p1\"\u003eUAV Drones vulnerabilities\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eUART exposed on IP cameras\u003cbr\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eAttack chain examples showing progression from hardware to network compromise\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eDiscussion session\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp class=\"p1\"\u003eAfternoon session \u003c\/p\u003e\n\u003cp class=\"p1\"\u003e1. RF Basics for IoT Security \u003c\/p\u003e\n\u003cul\u003e\n\u003cli class=\"p1\"\u003eRadio frequency spectrum and common IoT frequencies\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eBasic concepts: frequency, amplitude, modulation\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eWireless attack surface in IoT devices\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli class=\"p1\"\u003e\n\u003cstrong\u003eVideo Demo\/walkthrough\u003c\/strong\u003e: Signal capture, analysis, and replay attack on an IoT device\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp class=\"p1\"\u003e2. RFID Technology Deep Dive \u003c\/p\u003e\n\u003cul\u003e\n\u003cli class=\"p1\"\u003eRFID technology overview (125kHz LF, 13.56MHz HF)\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eCommon RFID applications: access control, transit cards, hotel keys\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eSecurity vulnerabilities and attack vectors\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli class=\"p1\"\u003e\n\u003cstrong\u003eLive Demo 1\u003c\/strong\u003e: Reading and cloning access cards\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli class=\"p1\"\u003e\n\u003cstrong\u003eLive Demo 2\u003c\/strong\u003e: Emulating cloned cards for access\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eTools: Proxmark3, Flipper Zero demonstration\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp class=\"p3\"\u003e\u003cem\u003eInteractive Activity- Students read their own RFID cards\/badges, discuss what information is exposed and security recommendations\u003c\/em\u003e\u003c\/p\u003e\n\u003cp class=\"p1\"\u003e3. Open Hacking Session\u003c\/p\u003e\n\u003cul\u003e\n\u003cli class=\"p1\"\u003eStudents apply the full methodology learned across both days on a\u003cbr\u003evariety of different target devices\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eWork individually or in teams to identify attack surfaces, find debug interfaces, extract data, and exploit vulnerabilities\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eTrainers provide guidance and share real-world war stories as students\u003cbr\u003ework through the targets\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eGroup discussion on findings\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp class=\"p1\"\u003eSummary, Key takeaways and Q\u0026amp;As\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eDifficulty Level:\u003c\/strong\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003eIntermediate - The student has education and some experience in the field and familiarity with the topic being presented. The student has foundational knowledge that the course will leverage to provide practical skills on the topic.\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eSuggested Prerequisites:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli dir=\"ltr\"\u003e\n\u003cb\u003e\u003c\/b\u003eBasic understanding of electronics concepts (voltage, current, digital logic)\u003c\/li\u003e\n\u003cli dir=\"ltr\"\u003eFamiliarity with Linux command line\u003c\/li\u003e\n\u003cli dir=\"ltr\"\u003eBasic networking knowledge (TCP\/IP, common protocols)\u003c\/li\u003e\n\u003cli dir=\"ltr\"\u003eUnderstanding of programming\/scripting fundamentals (Python preferred)\u003c\/li\u003e\n\u003cli dir=\"ltr\"\u003eAbility to read datasheets and technical documentation\u003cbr\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp class=\"p1\"\u003eRecommended Experience: \u003cb\u003e\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli class=\"p1\"\u003ePrior exposure to embedded systems or IoT devices\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eFamiliarity with wireless protocols (WiFi, Bluetooth) at a conceptual level\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp class=\"p1\"\u003ePre-Work: \u003cb\u003e\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli class=\"p1\"\u003eReview basic RF concepts (frequencies, modulation)\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eOptional: Familiarize yourself with tools like Binwalk, Wireshark, URH\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eWhat Students Should Bring: \u003c\/strong\u003e\u003c\/p\u003e\n\u003cp class=\"p1\"\u003eLaptop with the following specifications:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli class=\"p1\"\u003eOS: Linux (Ubuntu 22.04+ recommended), Windows 10\/11 with WSL2, or macOS\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eMinimum: 16GB RAM, 50GB free disk space\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eUSB 3.0 ports (at least 2)\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eAdministrator\/root access for tool installation\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eVirtualization enabled in BIOS (for VM-based labs)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp class=\"p1\"\u003eRecommended: \u003cb\u003e\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli class=\"p1\"\u003eUSB hub (for multiple hardware devices)\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eNotepad and pen for taking notes\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eMultimeter (if you have one - not required, extras will be available)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eWhat the Trainer Will Provide:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp class=\"p1\"\u003eEach student receives a comprehensive hardware kit to keep:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli class=\"p1\"\u003eCustom IoT security testing board (vulnerable target device with multiple attack vectors)\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eUSB-to-UART adapter (CH340\/FTDI)\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eLogic analyzer\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eBasic jumper wire set\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eSPI flash programmer and pomona clip\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp class=\"p1\"\u003eShared resources (available during training): \u003cb\u003e\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli class=\"p1\"\u003eHackRF One SDRs, Pluto SDR (available for demonstrations)\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eProxmark3, flipper zero (available for demonstrations)\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eAdditional specialized RF equipment\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eBackup hardware components\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp class=\"p1\"\u003eDigital materials: \u003cb\u003e\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli class=\"p1\"\u003eComprehensive lab manual and slides with step-by-step instructions\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eVirtual machine images with pre-configured tools\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eReference firmware samples and code examples\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eVideo recordings of key demonstrations\u003c\/li\u003e\n\u003cli class=\"p1\"\u003eCheat sheets and reference guides\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eTrainer(s) Bio:\u003c\/strong\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/p\u003e\n\u003cp class=\"p1\"\u003e\u003cb\u003eSmriti \u003c\/b\u003eis a Senior Security Researcher at Alpitronic, one of the world's leading EV charger manufacturers, where she enhances product security and drives secure design practices for next-generation charging infrastructure. With over 6 years of specialized experience in hardware hacking, IoT security, embedded systems, automotive security, and RF exploitation, she has conducted security evaluations on diverse embedded targets including drones, routers, RF-based smart meters, IoT ecosystems, automotive ECUs, and 5G communication systems. As a technical lead, Smriti has developed and delivered multiple trainings in the hardware security domain at beginner, intermediate, and advanced levels for both internal teams and external customers.\u003c\/p\u003e\n\u003cp class=\"p1\"\u003e\u003cstrong\u003eYianna\u003c\/strong\u003e is a security researcher and technical lead with a background in software engineering, breaking systems across various technical layers. She currently works as a Senior Offensive Security Consultant at Xebia in the Netherlands, where she focuses on hunting vulnerabilities, integrating product security within engineering teams and securing physical hardware and cloud infrastructure. Radio turned from interest to professional focus when she was introduced to tracking aircrafts in Australia using ADS-B, a variety of SDR’s, and decoding digital signals from audio to GPS coordinates. She likes to sniff out problems, assessing and securing networks by digging deeper into radio devices such as security cameras, drones, printers, and agricultural robotics. Using this experience, Yianna has developed custom trainings on key topics like reconnaissance, secure code review, reverse engineering firmware, and web, hardware and wireless exploitation.\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eRegistration Terms and Conditions: \u003c\/strong\u003e\u003cb\u003e\u003c\/b\u003e\u003cspan\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eTrainings are refundable before July 11, 2026, minus a non-refundable processing fee of $250.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eBetween July 11, 2026 and August 5, 2026 partial refunds will be granted, equal to 50% of the course fee minus a processing fee of $250.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eAll trainings are non-refundable after August 5, 2026.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eTraining tickets may be transferred to another student. Please email us at training@defcon.org for specifics.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eIf a training does not reach the minimum registration requirement, it may be cancelled. In the event the training you choose is cancelled, you will be provided the option of receiving a full refund or transferring to another training (subject to availability).\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eFailure to attend the training without prior written notification will be considered a no-show. No refund will be given.\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eDEF CON Training may share student contact information, including names and emails, with the course instructor(s) to facilitate sharing of pre-work and course instructions. Instructors are required to safeguard this information and provide appropriate protection so that it is kept private. Instructors may not use student information outside the delivery of this course without the permission of the student.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eBy purchasing this ticket you agree to abide by the \u003c\/span\u003e\u003ca href=\"https:\/\/defcon.org\/html\/links\/dc-code-of-conduct.html\"\u003e\u003cspan\u003eDEF CON Training Code of Conduct\u003c\/span\u003e\u003c\/a\u003e\u003cspan\u003e and the registration terms and conditions listed above.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eSeveral breaks will be included throughout the day. Please note that food is not included.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eAll courses come with a certificate of completion, contingent upon attendance at all course sessions. Some courses offer an option to upgrade to a certificate of proficiency, which requires an additional purchase and sufficient performance on an end-of-course evaluation.\u003c\/span\u003e\u003c\/p\u003e","brand":"Las Vegas 2026","offers":[{"title":"Course only - Aug 10-11","offer_id":47691835048154,"sku":null,"price":2500.0,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0629\/2088\/4442\/files\/Smriti_Gaba.jpg?v=1766975276","url":"https:\/\/training.defcon.org\/products\/iot-exploitation-masterclass-hardware-rf-hacking-smriti-gaba-yianna-paris-dctlv2026","provider":"defcontrainings","version":"1.0","type":"link"}