Offensive IoT Exploitation (OIE)

Kursbeschreibung Kurstermine Detaillierter Kursinhalt


Who Should Take This Course?

A basic knowledge of web and mobile security will be required. It will help if you understand assembly basics for ARM and overflow based exploitation basics.

Student Requirements

What you should bring:

  • Laptop with at least 25 GB free space
  • 2 GB minimum RAM
  • External USB access
  • Administrative privileges on the system
  • Virtualisation software


A 2-day practical course, exploring the Internet of Things (IoT), playing with firmware, finding exploits in common devices and findings zero days. If you want to try exploitation on new hardware and find security vulnerabilities and 0-days in IoT devices, then offensive IoT Exploitation is the course for you. At the end of the class, there will be a final CTF challenge where the attendees will be asked to identify security vulnerabilities and exploit them in a completely unknown device.


Offensive IoT Exploitation IoT or the “Internet of Things” is an upcoming trend in technology. Many new devices are coming up every single month, however very little attention has been paid to the device’s security until now. “Offensive IoT Exploitation” is a brand new and unique course that offers pen testers and security researchers the ability to assess and exploit the security of these smart devices. The training will cover a variety of IoT devices, assessing their attack surfaces and writing exploits. The 2-day hands-on class will provide attendees the ability to try things for themselves rather than just watching the slides. We will start from the very beginning discussing the architecture of IoT devices, and slowly moving to firmware analysis, identifying attack surfaces, finding vulnerabilities and finally, exploiting these vulnerabilities.

Hacking is not just confined to Applications, Infrastructure testing or Mobile pen testing, but also hardware, software, firmware and devices themselves. In developing our client’s knowledge, we seek to create a rounded mind-set that can tackle any situation or environment so that they can apply these skills commercially. An IoT mind-set can be taken and applied to SCADA systems, manufacturing and plant or just raises awareness about “other systems” that may be attached to the corporate network, which can be used to gain a foothold to other infrastructures, applications or mobile platforms.

We wrote the course to include both labs and emulated environments, as well as real devices which will be provided to the attendees during the training. Custom VMs are provided by the trainer and are used for the entire class. You will be provided with the following:

  • IoT devices
  • Custom IoT pen testing VM
  • Printed lab reference material and handouts
  • 600+ slides (PDF Copy)
Classroom Training
Modality: C

Dauer 2 Tage

inkl. Verpflegung
Verpflegung umfasst:

  • Kaffee, Tee, Saft, Wasser, Cola
  • Gebäck und Süßigkeiten
  • Frisches Obst
  • Mittagessen in einem der naheliegenden Restaurants

Gilt nur bei Durchführung durch Fast Lane. Termine, die von unseren Partnern durchgeführt werden, beinhalten ggf. ein abweichendes Verpflegungsangebot.

Termine und Buchen
Zum Buchen bitte auf den Ortsnamen klicken Kurstermine

Zur Zeit sind keine Termine verfügbar.  Fragen Sie an via

Mittlerer Osten
06.05. - 07.05.2018 Doha Kurssprache: englisch
25.11. - 26.11.2018 Riad Kurssprache: englisch
Vereinigte Arabische Emirate
06.05. - 07.05.2018 Dubai Kurssprache: englisch Dieser Termin wird von iTLS durchgeführt.
27.11. - 28.11.2018 Dubai Kurssprache: englisch Dieser Termin wird von iTLS durchgeführt.
03.06. - 04.06.2018 Kairo Kurssprache: englisch
02.09. - 03.09.2018 Kairo Kurssprache: englisch
11.11. - 12.11.2018 Kairo Kurssprache: englisch