Luca Bongiorni - Offensive Hardware Hacking €5,300 $5,800
$5,800.00
ABSTRACT:
The Offensive Hardware Hacking Training is a hands-on course designed to fulfill the skills gap that in the recent years emerged within the InfoSec scene in respect of the (I)IoT landscape. In it, students will be able to gather the needed theoretical knowledge and practical skills to engage with confidence hardware security audits involving those devices, that started to flood both consumer and corporate markets. The course is structured to be accessible to both junior and senior security personnel: it goes from a generic panoramic of the theory behind electronics, protocols, memories, microprocessors & tools-of-the-trade; then proceeds deeper into the topics by reviewing various TTPs. Moreover, the students' workbook contains more than 40 practical exercises involving real hardware devices and will allow each student to physically work on them during the training AND also to bring it at home together with their own first HW Hacking Lab Kit worth around 300 USD.
The Offensive Hardware Hacking Training is a hands-on course designed to fulfill the skills gap that in the recent years emerged within the InfoSec scene in respect of the (I)IoT landscape. In it, students will be able to gather the needed theoretical knowledge and practical skills to engage with confidence hardware security audits involving those devices, that started to flood both consumer and corporate markets. The course is structured to be accessible to both junior and senior security personnel: it goes from a generic panoramic of the theory behind electronics, protocols, memories, microprocessors & tools-of-the-trade; then proceeds deeper into the topics by reviewing various TTPs. Moreover, the students' workbook contains more than 40 practical exercises involving real hardware devices and will allow each student to physically work on them during the training AND also to bring it at home together with their own first HW Hacking Lab Kit worth around 300 USD.
For more info, check the following videos:
[1] https://www.youtube.com/watch?v=zbUuBZJIHkE
[2] https://www.youtube.com/watch?v=VpHBMELQmnk
This course is an unique opportunity to enhance the skills of InfoSec professionals that are going to be involved in engagements or applied researches involving unusual devices: IoT appliances, hardware implants, ATM skimmers, smart devices, Industrial IoT gateways/sensors, etc.
ABOUT THE TRAINING:
- Go from Zero to Hardware Hacking Hero while Building Your Own Hacking Lab! (You will receive a Printed Workbook of 200 pages, a cool Hardware Hacking Kit worth 300EUR, Videos Recordings of the Training about both Theory and Practice, 350 Slides of the course and much more!)
- A full hands-on workshop with more than 40 Practical Lab Exercises!
- Hours of recorded Videos Walkthrough and Lessons to bring home
- Course Slides covering multiple topics (eMMC, NAND, UART, I2C, JTAG, SPI, SWD, Fault Injection Attacks, Electronics, PCB Reverse Engineering, Exotic Exploitation TTPs, etc.)
- Get your hands on the WHID’s Challenge Coin* and certification* that will grant you the title of Certified Hardware Hacker (*once passed the exam).
ABOUT CH2: Certified Hardware Hacker
- One Free Exam Attempt Included (valid for 1 year from the day of the training)
- Not Expiring Certification
- No Renewal Fees
- 45/60 Minutes Video Call Exam (about training material, exercises & homework)
WHO SHOULD TAKE THIS COURSE:
- This course is aimed at students who have some experience with AppSec, Linux OS & Pentesting, but want to learn more about Electronics, (De)Soldering components, Reversing Circuits, Attacking Embedded & IoT Devices, etc.
- If you are comfortable using a Linux Shell and know how to use a screwdriver, you should have the background knowledge required for this course.
- Within the training, there is a dedicated part about Electronics 101 and Practical Soldering exercises!
TRAINING EXPECTATION:
- Jump into the marvelous world of Hardware Hacking and get ready for your first professional IoT and Embedded security audits, researches or 0days bughunts.
- Very Technically-Oriented Hands-on Exercises (because getting your hands dirty with real stuff, is better than just reading a book)
- Learn a variety of tricks & TTPs that will make your life easier during a security audit against IoT/Embedded devices.
- Learn the basics behind: Electronics, MIPS/ARM Architectures Emulation, Reverse Engineering PCBs, dumping eMMC/NAND/NOR memories, how to hunt & use: BootStrap Pins & Debugging Protocols, etc.
- Learn how to properly design and threat model a Secure IoT product.
WHY PEOPLE SHOULD ATTEND?
This course is aimed at students who have some experience with AppSec, Linux OS & Pentesting, but want to learn more about Electronics, (De)Soldering components, Reversing Circuits, Attacking Embedded & IoT Devices, etc.
If you are comfortable using a Linux Shell and know how to use a screwdriver, you should have the background knowledge required for this course.
Within the training, there is a dedicated part about Electronics 101 and Practical Soldering exercises!
STUDENT REQUIREMENTS:
This course is aimed at students who have some experience with AppSec, Linux OS & Pentesting, but want to learn more about Electronics, (De)Soldering components, Reversing Circuits, Attacking Embedded & IoT Devices, etc.
If you are comfortable using a Linux Shell and know how to use a screwdriver, you should have the background knowledge required for this course.
Within the training, there is a dedicated part about Electronics 101 and Practical Soldering exercises!
STUDENT REQUIREMENTS:
- Basic knowledge of Linux OS
- Basic knowledge of bash scripting & python
- Basic exposure to OWASP terminology
WHAT STUDENTS SHOULD BRING:
Students must bring their own laptop with VMware Workstation. Local Administrative privileges to the host laptop may be required to ensure proper virtual machine functionality (this is absolutely required. If your company will not permit this access for the duration of the course, then you should make arrangements to bring a different system). VM images will be provided to students;
A minimum of 100GB free disk space is required.
The laptop must have with a RJ45 connector and at least 2 USB-A ports (or an external docking station with USB-A ports and RJ45).
Would be also beneficial the possibility to load a Linux LiveOS from USB flashdrive. You must be able to access your system's BIOS throughout the class. If your BIOS is password-protected, you must have the password. Note: Apple computers are heavily discouraged due to their instability in running Vmware.
WHAT STUDENTS WILL BRING HOME:
- A dedicated vulnerable WiFi CPE Router for practical hands-on exercises.
- A complete soldering kit and two soldering training sets (SMD and THT)
- Hardware Tools for hands-on: Multimeter, SOC-8/16 sockets clips, SPI Flash chips, Logic Analyzer, Micro Probes, multi-protocol JTAG/UART/SPI/I2C detector and analyzer, etc
- Slides, Scripts, Tools, etc.
- A BRUSCHETTAboard (a multi-purpose programmer and memory dumper with embedded voltage level-shifters)
- A 200 pages paper workbook with more than 40 walkthrough exercises and valuable tips
- A 64GB USB 3.0 flashdrive with NdujaOS: A Live distro Fully Customized for Hardware Hacking
- A free voucher to attempt the exam for the CH2 (Certified Hardware Hacker) certification
NON DISCLOSURE AGREEMENT:
A NDA will have to be signed before starting the class (you can’t do the class if you don’t sign it): https://drive.google.com/file/d/1bXNvkUQrpZ4Jly5E6oo61VAsRu8LzhZ2/view
A NDA will have to be signed before starting the class (you can’t do the class if you don’t sign it): https://drive.google.com/file/d/1bXNvkUQrpZ4Jly5E6oo61VAsRu8LzhZ2/view
DATE: November 11th-14th 2024
TIME: 8am to 5pm
VENUE: Holiday Inn Express, Canal De La Villette, Paris
TRAINER: Luca Bongiorni
- 32 hours of training with a certificate of completion.
- 2 coffee breaks are provided per day
- Note: Food is not included
-VAT included in the price.
Registration terms and conditions:
Trainings are refundable before September 15th, 2024 the processing fee is €250.
Trainings are non-refundable after October 1st, 2024.
Training tickets may be transferred. Please email us for specifics.
Failure to attend the Training without prior written notification, will be considered a No-Show. No refund will be given.
By purchasing this ticket you agree to abide by the DCT Code of Conduct and the registration terms and conditions listed above.