Trainings

 

OFFENSIVE INTERNET OF THINGS (IoT) EXPLOITATION ™

Offensive Internet of Things (IoT) Exploitation ™ is a unique course focused around the security of the smart IoT devices. The course is intended to the ones who want to get into Internet of Things Security and Pentesting, and starts from the basics till the intermediate/advanced modules.
The Offensive IoT Exploitation training class has been previously delivered at a few security conferences such as BlackHat US, Brucon etc. - each of which got SOLD OUT instantly.

For a private and customized version of the class at your organisation, contact us at [email protected]. Refer to the course abstract below.


ADVANCED ANDROID & iOS HANDS-ON EXPLOITATION

This training is an advanced and offensive version of Android, iOS and ARM Exploitation. It covers much in-depth security issues and automation in terms of security analysis and creating own tools for analyzing mobile applications and code.

We have taught another version of this course at various international security conferences such as Blackhat, Toorcon, OWASP AppSec, Syscan, HackInParis etc.

We also provide customized versions of different trainings depending on the requirements. Contact us at [email protected] if you want to have a live training at your organization.


Practical Internet of Things Exploitation

Location: Washington DC, USA
Event: OWASP AppSec
Date: 11th Oct - 12th Oct, 2016
Register: OWASP Training Page or E-Mail for private class.

Offensive Internet of Things ( IoT ) Exploitation

Location: Amsterdam
Event: Black Hat EU
Date: 1-2 Nov, 2016
Register: Website for registration or E-Mail for private class.

Offensive Internet of Things (IoT) Exploitation

Location: Las Vegas, USA
Event: BlackHat USA
Date: July 30th - 2nd Aug, 2016
Register: SOLD OUT

Offensive Internet of Things (IoT) Exploitation and Security

Location: Melbourne, Australia
Event: Private Class
Date: 22-23 Oct, 2015
Register: SOLD OUT

Offensive Internet of Things (IoT) Exploitation and Security

Location: Ghent, Belgium
Event: Brucon
Date: 05-07 Oct, 2015
Register: SOLD OUT

Advanced Android and iOS Hands-On Exploitation

Location: San Francisco, USA
Event: OWASP AppSec
Date: 22-23 Sept, 2015
Register: SOLD OUT

Offensive Internet of Things (IoT) Exploitation and Security

Location: Las Vegas, USA
Event: BlackHat USA
Date: 01-04 Aug, 2015
Register: SOLD OUT

Offensive Internet of Things (IoT) Exploitation and Security

Location: Ghent, Belgium
Event: Brucon
Date: 05-07 Oct, 2015
Register: SOLD OUT

Advanced Android and ARM Exploitation

Location: Paris, France
Event: HackInParis
Date: 15-17 Sept, 2014
Register: Sold Out

Advanced Android and iOS Hands-On Exploitation

Location: San Diego, US
Event: Independent class
Date: 22-23 Oct, 2014
Register: Sold Out

Advanced Android and iOS Hands-On Exploitation

Location: Melbourne, Australia
Event: Independent class organized by Mosse Security and NotSoSecure Ltd.
Date: 8-10 Sept, 2014
Register: Sold Out

Advanced Android and iOS Hands-On Exploitation

Location: Auckland, New Zealand
Event: Independent class organized by Insomnia Group and NotSoSecure Ltd.
Date: 3-5 Sept, 2014
Register: Sold Out

Advanced Android and iOS Hands-On Exploitation

Location: London, UK
Event: Independent class organized by NotSoSecure Ltd.
Date: 27-29 Aug, 2014
Register: Sold Out

Advanced Android Exploitation

Location: Kochi, India
Event: C0C0N Security Conference
Date: 22 Aug, 2014
Register: Sold Out

Advanced Android Exploitation

Location: Moscow, Russia
Event: phDays 2014
Date: 21 May, 2014
Register: Sold Out

Advanced Android and iOS Hands-On Exploitation

Location: London, UK
Event: Independent class organized by NotSoSecure Ltd.
Date: 7-9 May, 2014
Register: Sold Out

Advanced Android and iOS Hands-On Exploitation

Location: London, UK
Event: Private class for a security firm
Date: 29-31 Jan, 2014
Register: Sold Out

Advanced Android and iOS Hands-On Exploitation

Location: San Diego, US
Event: Toorcon 2013
Date: 16-17 Oct, 2013
Register: Sold Out

Mobile Hacking Summit

Location: Las Vegas, US
Event: BlackHat 2013
Date: 27-29 July, 2013
Register: Sold Out

Advanced Android and iOS Hands-On Exploitation

Location: Singapore
Event: Syscan
Date: 22-24 March, 2013
Register: Sold Out

Advanced Android and iOS Hands-On Exploitation

Location: Jeju Island, South Korea
Event: OWASP AppSec APAC 2013
Date: 19-20 Feb, 2013
Register: Sold Out

Course Structure


Advanced Hands-on Android and iOS Exploitation


Advanced Android and iOS Hands-on Exploitation is a unique training which covers security and exploitation of the two dominant mobile platforms - Android and iOS. This is a three day action packed class, full of hands-on challenges and CTF labs, for both Android and iOS environment. The entire class will be based on a custom VM which has been prepared exclusively for the training. The training will take the attendees from the ground level upwards to be able to audit any real world applications on the platforms.

Some of the topics that will be covered are Advanced Auditing of iOS and Android Applications, Reverse Engineering, Bypassing Obfuscations, Automating security analysis, Exploiting and patching apps, Advanced ARM Exploitation, API Hooking and a lot more.

The 3-day class is designed in a CTF approach where each of the module is followed by a complete hands-on lab, giving the attendees a chance to apply the knowledge and skills learnt during the class in real life scenario. Students will also be provided with the author signed copy of the book "Learning Pentesting for Android Devices", printed reference materials and handouts to be used during and after the training class, and private scripts written by the trainer for Android and iOS app security analysis.


Course Outline



Module 1 : Diving into Android

    Setting up a Mobile Pentest Environment
    Android Security Architecture
    Permission Model Flaws
    Getting familiar with ADB
    Activity and Package Manager Essentials
    API level vulnerabilities
    Rooting for Pentesters Lab
    Android ART and DVM Insecurities

Module 2 : Android App for Security Professionals

    Security Analysis of AndroidManifest.xml
    Reverse Engineering for Android Apps
    Smali for Android 101
    Smali Labs for Android
    Cracking and Patching Android apps
    Understanding Dalvik
    Dex Analysis and Obfuscation
    Android Application Hooking
    Using JDB and Andbug
    Dynamic Dalvik Instrumentation for App Analysis
    Introspy for Android
    Creating custom Hooks

Module 3 : Application Specific Vulnerabilities

    Static Analysis of Android Apps
    Attack Surfaces for Android applications
    Exploiting Side Channel Data Leakage
    Exploiting and identifying vulnerable IPCs
    Exploiting Backup and Debuggable apps
    Exploiting Exported Components
    Webview based vulnerabilities
    Dynamic Analysis for Android Apps
    Logging Based Vulnerabilities
    Insecure Data Storage
    Network Traffic Interception
    Analysing Network based weaknesses
    Exploiting Secure applications
    Analysing Proguard, DexGuard and other Obfuscation Techniques
    OWASP Mobile Top 10
    Using Drozer for Exploitation
    Writing custom Modules for Drozer
    Analysing Android apps using Androguard
    Analysing Native Libraries
    Security Issues in Hybrid Apps

Module 4 : ARM for Android Exploitation

    Getting familiar with Android ARM
    ARM Architecture and Calling conventions
    Debugging with GDB
    Using IDA for Android
    Exploiting Overflow based vulnerabilities
    ROP Labs for Android
    Use After Free vulns
    Writing your own reliable exploit
    Race Condition vulns
    Hardware Exploitation Techniques
    Exploit Mitigation and Protections


Module 5 : Getting Started with iOS Pentesting

    iOS security model
    App Signing, Sandboxing and Provisioning
    Setting up XCode
    Changes in iOS 8
    Exploring the iOS filesystem
    Intro to Objective-C and Swift

Module 6 : Setting up the pentesting environment

    Jailbreaking your device
    Cydia, Mobile Substrate
    Getting started with Damn Vulnerable iOS app
    Binary analysis
    Finding shared libraries
    Checking for PIE, ARC
    Decrypting ipa files
    Self signing IPA files

Module 7 : Static and Dynamic Analysis of iOS Apps

    Static Analysis of iOS applications
    Dumping class information
    Insecure local data storage
    Dumping Keychain
    Finding url schemes
    Dynamic Analysis of iOS applications
    Cycript basics
    Advanced Runtime Manipulation using Cycript
    Writing patches using Theos
    Method Swizzling
    GDB basic usage
    GDB kung fu with iOS

Module 8 : Exploiting iOS Applications

    Broken Cryptography
    Side channel data leakage
    Sensitive information disclosure
    Exploiting URL schemes
    Client side injection
    Bypassing jailbreak, piracy checks
    Inspecting Network traffic
    Traffic interception over HTTP, HTTPs
    Manipulating network traffic
    Bypassing SSL pinning

Module 9 : Reversing iOS Apps

    Introduction to Hopper
    Disassembling methods
    Modifying assembly instructions
    Patching App Binary
    Logify, Introspy, iNalyzer, Snoopit

Module 10 : Securing iOS Apps

    Securing iOS applications
    Where to look for vulnerabilities in code?
    Code obfuscation techniques
    Piracy/Jailbreak checks
    iMAS, Encrypted Core Data


Schedule a Training

Contact us here or send us a mail at [email protected] for any training enquiries.

OFFENSIVE INTERNET OF THINGS (IOT) EXPLOITATION


IoT or the Internet of Things is one of the most upcoming trends in technology as of now. A lot many new devices are coming up every single month. However, not much attention has been paid to the device's security till now. "Offensive IoT Exploitation" is a brand new and unique course which offers pentesters the ability to assess and exploit the security of these smart devices.


The training will cover different varieties of IoT devices, assessing their attack surfaces and writing exploits for them. The 2-day class will be hands-on giving attendees the ability to try things themselves rather than just watching the slides. We will start from the very beginning discussing about the architecture of IoT devices, and then slowly moving to firmware analysis, identifying attack surface, finding vulnerabilities and then finally exploiting the vulnerabilities. The course labs include both emulated environments as well as real live devices which will be provided to the attendees during the training. Custom VMs provided by the trainer will be used for the entire class.


After the 2-days class, the attendees will be able to:

  • Extract and ananlyze device firmwares Analysis
  • Get familiar with UART, SPI and JTAGs
  • Hardware and Software Debugging
  • ARM and MIPS Platform Exploitation with Labs
  • Identify attack surfaces for Smart Devices
  • Specific Web and Mobile based vulnerabilities concering IoT devices
  • Familiarity with NFC, Bluetooth, RFID
  • Write exploits for the platforms

  • Offensive IoT Exploitation is the course for you if you want to try exploitation on new hardwares and find security vulnerabilities and 0-days in IoT devices. At the end of the class, there will be a final CTF challenge where the attendees will have to identify security vulnerabilities and exploit them, in a new IoT device prepared for the training.


    Schedule a Training

    Contact us here or send us a mail at [email protected] for any training enquiries.

    Trainer Bio





    Aditya Gupta (@adi1391) is the founder and trainer of Attify, a specialized Mobile and IoT security firm. Apart from being the lead developer and co-creator of Android framework for exploitation, he has done a lot of in-depth research on the security of Embedded/IoT Devices and Mobile apps, including platforms such as ARM and MIPS architectures, and Android, iOS, and Blackberry platforms.

    He is also the author of the popular Android security book "Learning Pentesting for Android" selling over 15000+ copies, since the time of launch in March 2014. He has also discovered serious web application security flaws in websites such as Google, Facebook, PayPal, Apple, Microsoft, Adobe, Skype, and many more.

    In his previous work at Rediff.com, his main responsibilities were to look after web application security and lead security automation. He also developed several internal security tools for the organization to handle the security issues. He has also previously spoken and trained at numerous international security conferences including BlackHat, Syscan, OWASP AppSec, Toorcon, Clubhack, Nullcon etc, along with many other corporate and defense trainings on Mobile and IoT Security.