Skip to main content
back to List back
on this page

Deep Dive IoT Exploitation: From ARM Binary Hacking to Firmware Analysis

live online
price $1,400
Mars
Advanced
2 Days
Defense
Sun 22 Nov - Mon 23 Nov
price $1,400
Register


Online, Available in English

Topics:

  • IoT Ecosystem Overview and Attack Vectors
  • ARM Exploitation
  • Lab 1: Command Injection on ARM-based applications
  • Lab 2: Format String Vulnerability exploitation
  • Lab 3: Stack-based Bucer Overflow (BOF) — understanding ARM calling conventions and stack layout
  • Lab 4: Heap-based Bucer Overflow (BOF) — ARM heap internals and exploitation
  • Lab 5: Use After Free (UAF) — dangling pointers and exploitation on ARM
  • Lab 6: Bypass NX — ret2libc techniques on ARM
  • Lab 7: Return Oriented Programming (ROP) — building ROP chains for ARM architecture
  • Lab 8: Bypassing ASLR — information leaks and brute-force techniques
  • Analyzing and Exploiting IoT Firmware
  • Lab 9: Firmware extraction and unpacking using binwalk, firmware-mod-kit
  • Lab 10: File system analysis, hardcoded credential discovery, and configuration review
  • Lab 11: Emulating firmware with QEMU for runtime analysis
  • Lab 12: Debugging running firmware — attaching debuggers and tracing execution flow
  • Lab 13: Static approach — identifying and breaking firmware encryption
  • Lab 14: Dynamic approach — extracting encryption keys from runtime memory
  • Lab 15: Setting up fuzzing environments for IoT firmware
  • Lab 16: Identifying and triaging crash results, writing proof-of-concept exploits


Overview

The Internet of Things (IoT) has rapidly scaled into billions of devices, yet its underlying security remains a critical vulnerability. Security cannot be assessed solely from the cloud layer; it requires deep physical, protocol, and binary-level scrutiny. Deep Dive IoT Exploitation: From ARM Binary Hacking to Firmware Analysis is a demanding, lab-intensive course designed to teach you how to audit, attack, and compromise embedded systems from scratch.

This course strips away generic security concepts to focus entirely on low-level exploitation. You will learn to reverse-engineer custom firmware, bypass OS-level mitigations on ARM architecture, and trick running software into executing shellcode. If you want to move past standard network scanning and enter the world of hardware and embedded software vulnerability research, this course is your gateway.

 

By the end of this course, the participant will learn about: 

  • Low-Level Architectural Focus: You won't just learn that an exploit works; you will learn why it works by tracing registers and stack frames inside the ARM CPU layout.
  • Real-World Cryptography Bypasses: Learn the elite art of attacking encrypted firmware—including pulling secret crypto keys directly out of live memory pools.
  • Emulation over Hardware: By mastering QEMU, you learn how to scale your security research into virtual environments, removing the need for rare or expensive physical circuit boards during the testing phase.