27 November 2018

Kaspersky Lab ICS CERT Hands-on: IoT vulnerability research and exploitation training

Meet and greet the new world of smart everything! It is everywhere around us: above, below and on us. Most of the IoT and smart devices make our life easier and much more interesting. But is there anything hidden behind this usability and simplicity?

Kaspersky Lab ICS CERT is conducting a practical course in IoT vulnerability research. This class provides a deep dive into hardware analysis, firmware extraction and analysis, vulnerability research and exploitation.


Pavel Cheremushkin, Security Researcher, Kaspersky Lab ICS CERT, Kaspersky Lab
Roland Sako, Security Researcher, Kaspersky Lab ICS CERT, Kaspersky Lab
Andrew Muravitsky, Senior Security Researcher, Kaspersky Lab ICS CERT, Kaspersky Lab

Location: Singapore
Date: April 6-8, 2019
Duration: 2 days
Class size: limited to max 15 participants
Early-bird deal! $2500
Price includes hotel accommodation April 6-8, breakfast, lunch and coffee breaks

This training aims to introduce the participants to conducting security assessments of Internet of Things (IoT) devices. We will start by drawing the big picture and briefly introducing some IoT-related definitions. We will then go through the methodology for analyzing such targets – from knowing nothing about the device to understanding its functioning well enough to start looking for software and hardware vulnerabilities. Mainly practical (80%), this training is organized by types of attack vector and uses hands-on exercises backed by enough theory to allow you to approach most cases when faced with real-life devices.

During this course, will be given a set of real devices and a step-by-step methodology that will help you identify and exploit vulnerabilities.

Class plan:

  • Meet the devices. Identifying research surface: input and output interfaces, communication channels and architecture
  • Firmware analysis: different practical ways of extraction
  • OS identification and analysis
  • IoT firmware and binaries static analysis
  • IoT firmware and binaries dynamic analysis
  • Breaking stuff: firmware modification, patching, vulnerability identification, analysis and exploitation


  • Hardware analysis
  • Firmware extraction
  • Unpacking/repacking
  • Firmware analysis
  • Firmware parts reverse engineering
  • Vulnerability research
  • Vulnerability exploitation
  • Mitigation strategies


  • Understanding of ARM architecture
  • Basic knowledge of C/C++, script languages
  • Basic understanding of Unix-like systems
  • Experience with analyzing code in Radare2, IDA Pro


Hardware & Software requirements: laptop with VMWare / VirtualBox virtualization solution