back

Intro to IoT Pentesting

9 H 34 M

Just you? Training a whole team? There's an ITProTV plan that fits.

Start Training Today
Episodes
Episodes
  • IoT Basics
    • Course Overview
    • Iot Targets
    • IoT Security
    • Hardware Components
  • Tools
    • Multimeter
    • TTL to USB
    • Bus Pirate
    • JTAGUlator
    • Attify Badge
    • Arduino
    • SOIC Clip
    • Terminal Emulators
    • Binwalk
    • QEMU
    • Firmware Analysis Toolkit
    • Firmware Mod Kit
    • Flashrom
  • Target Analysis
    • OS and Network Service Enumeration
    • Hardware Enumeration
  • Exploiting Vulnerabilities
    • Exploiting Embedded OS
    • Exploiting Network Services
    • Exploiting IoT Web Apps
  • Firmware Hacking
    • Acquiring Firmware
    • Extracting Firmware Filesystems
    • Analyzing Firmware
    • Firmware Emulation
    • Firmware Backdoor
  • Hardware Hacking
    • Manually Identifying UART Pins
    • Automate UART Pin Identification
    • Device Access Through UART

Course Overview

5 M

itprotv course thumbnailitprotv course thumbnailitprotv course thumbnail
  • Episode Description
  • Transcript

In this episode, we will explore the purpose and scope of the "Intro to IoT Pentesting" course. We will also discuss the intended audience and assumed skill-level.

>> YOU'RE WATCHING, ITPROTV. >> HEY, WELCOME. THANKS FOR JOINING US FOR THIS OVERVIEW FOR INTRO TO I O T PEN TESTING. I'M GOING TO BE YOUR HOST FOR THIS COURSE. SOPHIE GOODMAN. AND I'M HERE WITH MISTER DANIEL LOWRY, WHO'S GOING TO BE OUR SUBJECT MATTER EXPERT FOR IOT PEN TESTING. YES, YOU OH, YEAH. PRESSURES ON YOU BETTER GET READY. >> OK, SOUNDS FUN. IT'S GOING TO BE A GOOD TIME. YEAH, I'M DANIEL, LOWRY. I WILL BE THE SME FOR THIS SERIES AND WE'LL HAVE A REALLY GOOD TIME BECAUSE I'VE BEEN DOING SECURITY STUFF FOR A HOT MINUTE NOW. I'VE BEEN IN IT FOR A WHILE. HONESTLY, FOR OVER 20 YEARS, FOR PROBABLY THE LAST TO 10 YEARS. I'VE BEEN WORKING IN SECURITY AND WITH A FOCUS HERE IN THE RECENT PAST ON, YOU KNOW, ETHICAL HACKING AND PENTRATION TESTING AND THINGS OF THAT NATURE. SO I'M GONNA BRING THAT EXPERTISE TO YOU. HOPEFULLY YOU LEARN A THING OR 2 ABOUT THAT IN TURN HAS SOME SKILLS TO YOUR BAG OF TRICKS. >> AND AS FOR ME, WELL, I'M JUST HAPPY TO BE HERE. SO NOW WE KIND OF KNOW SOME OF YOUR BACK AND WHAT IS IN IT FOR THE VIEWER WATCHING THE WATCH THIS COURSE WHAT WE NEED TO KNOW BEFORE GOING INTO THIS COURSE. ALL RIGHT. SO YEAH, THAT'S GOOD. GOOD PLACE TO START. >> WHERE I EXPECT YOU TO HAVE SOME UNDERSTANDING OF ETHICAL HACKING TOOK THESE CONTRITION, TESTED TECHNIQUES, SOME OF GENERAL SECURITY TECHNIQUES AS WELL AS NETWORKING OPERATING SYSTEMS. ALL THOSE FOUNDATIONAL THINGS SHOULD BE UNDERNEATH YOUR BELT AT THIS LEVEL. OKAY. IF THEY'RE NOT THATS COOL, YOU CAN STILL WATCH. IF YOU LIKE WHAT YOU MIGHT BE A LITTLE OVER. YOU MIGHT BE MISSING SOME THINGS BECAUSE I'M GOING TO ASSUME SOME KNOWLEDGE OF YOU THROUGHOUT THE SERIES. SO IF YOU EVER FIND YOURSELF STUCK, YOU KNOW, HIT THE PAUSE BUTTON, GO, WATCH OR READ SOME, YOU KNOW, WEB PAGES ABOUT THAT KIND OF THAT. WE HAVE CLASSES AND COURSES THROUGHOUT OUR COURSE LIBRARY ABOUT A LOT OF THINGS AROUND TALK ABOUT IF NOT ALL OF THEM. SO, YOU KNOW, AVAIL YOURSELF OF THAT. IF YOU'RE AN IT PRO TV MEMBER AND THERE YOU GO. BUT OTHER THAN THAT, THEN WE'RE GOING TO GET INTO THE I O T PART OF IT, RIGHT? THIS IS THE WHAT'S IN IT FOR ME. IF YOU'RE IN THE PEN TESTING YOU'RE LOOKING TO NICHE A LITTLE BIT. SEE LIKE YOU KNOW WHAT, WHAT WOULD BE A GOOD WAY TO GET AWAY FROM THE THE STANDARD FOR EVERYBODY. DOES PEN TESTING. EVERYBODY DOES BUG BOUNTY HUNTING. WHAT CAN I DO? THAT'S A LITTLE BIT DIFFERENT. I O T IS A PHENOMENAL NICHE IN THE PEN TESTING WORLD BECAUSE IOT IS EVERYWHERE. AS WE KNOW, SECURITIES BIT OF A DUMPSTER FIRE HAS BEEN GOOD. NEWS IS GETTING A LITTLE BETTER. WE'LL TALK ABOUT THAT THROUGHOUT THE SERIES, BUT IT'S STILL PLENTY OF MEAT ON THE BONE FOR SOMEBODY THAT WANTS TO GET INTO THAT. SO WHAT WE'RE GOING TO DO IS CAN TRY TO GIVE YOU AN INTRODUCTORY COURSE IN 2 LEARNING ABOUT IOT IN DEVICES, SECURITY. IT'S AROUND HIM AND SOME OF THE THINGS THAT WE CAN DO TO KIND OF GAIN ACCESS TO THE SYSTEMS, A LITTLE FUN, SAME TIME. >> SO OTHER THAN THE VIDEOS THEMSELVES, ARE THERE ANY KIND OF LABS OR EXAMS OR NOTES THAT >> WE SHOULD BE TAKING ADVANTAGE OF AS WE WATCH THE SCORE. SO THERE WILL BE ANY EXAMS. THERE'S NO LIKE LABS FOR SAY THIS IS GOING TO BECOME THE ONUS IS ON YOU TO GET OUT THERE. GET YOUR HANDS ON STUFF. YOU HAVE SMALL DEVICES LAYING AROUND THAT CAN DEFINITELY ACT AS A TEST BED TO BUILD A TESTING ENVIRONMENT IN YOUR OWN WORLD WILL BE A FEW THINGS THAT YOU WILL NEED TO PURCHASE IF YOU WANT TO FOLLOW ALONG. BUT THE BOUNCING BALL AS IT WERE AND WE'LL GO OVER THOSE ITEMS AND WHAT THEY ARE AND HOW THEY WORK THROUGHOUT THE SERIES. SO THERE COULD BE A BIT OF A MONETARY OUTLAY JUST BECAUSE IT THERE'S A LOT TO DO WITH HARDWARE AND HARDWARE IS NOT SOMETHING THAT'S EASILY. I'M ELATED OUT THERE. GOT TO HAVE THAT THING IN YOUR HANDS. SO IF YOU DO WANT TO DO THE THINGS THAT WE'RE DOING, YOU'LL NEED TO PURCHASE THINGS. GOOD NEWS IS MOST OF THEM ARE FAIRLY INEXPENSIVE. SO BUYING THINGS LIKE WI-FI ROUTERS. I'VE I'VE LITERALLY BOUGHT A WI-FI ROUTER FOR $5. I LITERALLY HAVE PEOPLE GIVE ME THEM BECAUSE THEY'RE LIKE, OH, THIS, THOUGH, STEAL THING. YES, PLEASE TAKE THAT THIS OLD IOT DEVICE THAT. I DON'T EVEN KNOW WHAT IT IS. BUT PLEASE TAKE THIS. GET GET A LITTLE INGENUOUS AND SEE WHAT YOU CAN ROUND UP. SCROUNGE UP. GRAB A HOLD OF SAYS YOU CAN APPLY SOME OF THESE TECHNIQUES. OTHER THAN THAT. WE'LL ALWAYS HAVE OUR LEARNING MATERIAL LIKE THE SHOW NOTES FOR YOU. ANYTHING I'M DOING. IT LINKS THAT I HAVE ALL MAKE SURE PUT THOSE IN THERE SO THAT YOU'RE NOT LOVE THAT A WITNESS YOU CAN KIND OF FOLLOW ALONG WITH THAT'S BUT OTHER THAN THAT, IT'S GOING TO BE KIND OF ON YOU TO GET YOUR HANDS ON THINGS AND FIND STUFF. >> DANIEL, WHAT ARE YOU MOST EXCITED ABOUT WHEN IT COMES TO THIS COURSE? >> WHAT I'M MOST EXCITED ABOUT IS HARDWARE HACKING IS AND SPECIFICALLY THOSE KIND OF SUBSECTION OF IOT HACKING ITS REALLY INTERESTING STUFF TO ME. AND WE'RE GOING TO DO A LOT OF THAT IN THIS SERIES. GOT A LOT ABOUT FROM WHERE WE LEARN A LOT ABOUT HOW TO MAKE PHYSICAL CONNECTIONS TO THE DEVICES AND THAT ROUTE SHELLS. IT'S SUPER FUN. VERY FASCINATING. LISTEN, MY ESTIMATION. SO THAT'S TO ME IS WHAT I'M REALLY LOOKING FORWARD TO GETTING INTO AND TEACH YOU GUYS OUT THERE HOW YOU CAN DO SOME OF THAT STUFF. >> THAT'S THE ONLY REASON I'M HERE. I'M GOING INTO THIS WITH NOTHING BUT A HEART FULL OF EXCITEMENT. SO LEARN A LOT OF STUFF. I'M VERY EXCITED FOR Y'ALL TO BE ABLE TO WATCH THIS. WE'RE GOING TO HAVE A OUR CAMERA FRIEND BEN, WHO'S GOING HELP US KIND OF TAKE SOME CLOSE LOOKS AT THE THINGS THAT WE'RE WORKING ON. SO I DON'T THINK I'LL GO ENJOY THIS COURSE. THANK YOU FOR THAT OVERVIEW, DANIEL TO WELCOME. THANK YOU FOR JOINING US. THIS OVERVIEW AND WE'LL SEE YOU IN THE FIRST EPISODE OF IT PENTESTING. >> THANK YOU FOR WATCHING ITPROTV.