Course Overview
The Beginner’s Guide to IoT and Hardware Hacking course teaches foundational skills and techniques required to get started performing security research and testing on IoT devices and hardware. This course focuses mainly on the hardware aspects of IoT hacking and how to use the underlying access to physical hardware to aid in and amplify the ability to hunt for vulnerabilities. While this course is a “beginner” level for IoT and Hardware Hacking the difficulty level as an overall cybersecurity course is intermediate. This course is open to everyone but has been specifically created for students who are familiar with software-based penetration testing (such as network, web, and mobile) and want to learn how to bridge those skills over to IoT and Hardware testing.
Prerequisites & System Requirements
- A general understanding of penetration testing methods and methodology and a general understanding of Linux are strongly recommended.
- A computing environment (Windows, Linux, or Mac*) capable of running a virtual machine with at least 8GB of RAM and 40GB of disk space. *Note that new MacBook Pros with the M1 chip are unable to run virtual machines such as the ones demonstrated in this course.
- If you want to follow along with all the hands-on portions of the course, you’ll need to purchase the physical equipment and tools used in the course; you can find a full list in the second lesson of the course which is available for preview. Note that some hands-on portions of the course can be completed without physical hardware.
IoT Hacking Course Objectives
Topics Covered:
- Electrical engineering and electronics fundamentals
- Understanding and identifying common electronic components
- How to use common hardware hacking tools such as digital multimeters, logic analyzers, USB to serial adapters, and flash programmers
- An optional lesson on soldering
- Performing OSINT and recon on hardware
- How to read and interpret datasheets
- Common IoT protocols such as UART and SPI
- Initiating and using a serial shell
- Firmware extraction methods
- Firmware analysis and reverse engineering
IoT and Hardware Hacking Curriculum - 13 Hours
- 1.1 - Section Intro (1:02)
- 1.2 - What is Electricity Part 1 (9:25)
- 1.3 - What is Electricity Part 2 (6:38)
- 1.4 - Electrical Engineering Fundamentals: Schematics, Voltage Source, Resistors and Ohm's Law (4:34)
- 1.5 - Electrical Engineering Fundamentals: Kirchov's Voltage Law and Series Circuits (4:54)
- 1.6 Electrical Engineering Fundamentals: Parallel Circuits and Kirchov's Current Law (9:01)
- 1.7 - Circuit Lab Simulation Demo (5:22)
- 1.8 - Reading Schematics (6:50)
- 1.9 - Section Challenge (5:26)
- 1.10 - Section Challenge Solution (15:35)
- 2.1 - Electrical Lab Safety (11:12)
- 2.2 - Opening the Router (5:54)
- 2.3 - ESD Precautions (9:11)
- 2.4 - Intro to PCBs (10:07)
- 2.5 - Intro to Digital Multimeters (5:56)
- 2.6 - Measuring Voltage with DMM (9:14)
- 2.7 - Measuring Resistance with DMM (5:35)
- 2.8 - Measuring Continuity with DMM (5:44)
- 2.9 - Measuring Current with DMM (7:08)
- 5.1 - IoT Architecture and Attack Surface (14:39)
- 5.2 - Internet Facing IoT Devices (11:30)
- 5.3 - Hardware OSINT via FCC ID (9:28)
- 5.4 - Embedded System Components (7:41)
- 5.5 - Locating and Reading Datasheets (18:35)
- 5.6 - Locating Firmware Online (3:16)
- 5.7 - Network Setup (9:34)
- 5.8 - NMAP Scans (6:02)
- 5.9 - Exploring Past CVEs (5:18)
- 5.10 - Section and Notes Review (10:39)
- 6.1 - Initiating UART Shell (12:17)
- 6.2 - Boot Logs and Boot Loader (17:29)
- 6.3 - Using TFTP to Exfil Files (11:38)
- 6.4 - Using TFTP to Transfer Tools onto Devices (11:03)
- 6.5 - Hunting Interesting Files and Passwords (12:17)
- 6.6 - Reviewing Files and Cracking Passwords (10:06)
- 6.7 - Checking Running Processes and Network Connections (6:06)
- 6.8 - Prompting Additional Console Logging (9:26)
- 6.9 - Serial Connections via Python (11:07)
- 6.10 - Tricky UART Connections (12:23)
- 6.11 - Troubleshooting UART (5:28)
- 6.12 - Section and Notes Review (9:30)
- 7.1 - Firmware Extraction Methods (4:59)
- 7.2 - Serial Peripheral Interface Part 1 (16:56)
- 7.3 - Serial Peripheral Interface Part 2 (21:03)
- 7.4 - Extracting Firmware from ROM (12:59)
- 7.5 - Firmware Analysis (19:02)
- 7.6 - Inspecting Firmware and Manual Firmware Extraction (14:46)
- 7.7 - Enumerating Root File System (10:51)
- 8.1 - Intro to Reverse Engineering (8:02)
- 8.2 - Reverse Engineering Decryption Function Part 1 (12:39)
- 8.3 - Reverse Engineering Decryption Function Part 2 (11:28)
- 8.4 - Decrypting Config Files (14:10)
- 8.5 - Reviewing util_execSystem for Command Injection (15:36)
- 8.6 - Tracing Function Calls (12:06)
- 8.7 - Section and Notes Reviews (9:11)
About the Instructor: Andrew Bellini
Welcome Everyone! My name is Andrew Bellini and I sometimes go as DigitalAndrew on social media. I’m an electrical engineer by trade with a bachelor’s degree in electrical engineering and am a licensed Professional Engineer (P. Eng) in Ontario, Canada. While my background and the majority of my career has been in electrical engineering, I am also an avid and passionate ethical hacker. In addition to being an instructor I am also a longtime student of TCM, and their courses helped me transition my career to working as a technical trainer for a cybersecurity company.
In addition to my love for all things ethical hacking, cybersecurity, CTFs and tech I also am a dad, play guitar and am passionate about the outdoors and fishing.
Hope you enjoy the course!
Follow Andrew on social media:
LinkedIn - https://www.linkedin.com/in/andrew-bellini/
Twitter - https://twitter.com/d1gitalandrew
Website – www.andrewbellini.com
This course is included in our
All-Access Membership
starting at $29.99/month
Get full access to the Beginner's Guide to IoT and Hardware Hacking course and our full course catalog when you enroll in our All-Access Membership.
Courses Included in the All-Access Membership
Frequently Asked Questions
Can I get a refund if I'm unhappy with my purchase?
Yes. All courses come with a 24-hour money-back guarantee.
Will I receive a certificate of completion when I finish a course?
Yes. All courses come with a certificate of completion.
Do the courses count as Continuing Education Units (CEUs)?
Yes. Every certificate of completion comes with the total CEUs earned listed on the certificate.
What is the All-Access Pass?
As of July 1st, 2023 TCM Academy transitioned to a monthly subscription model, where you now receive full access to all of the courses on our platform for as long as your subscription remains active.
What if you already own courses on TCM Academy?
If you already own a course on our platform, you will continue to own that course forever. Previously owned courses will not be affected by this change.
I can see the course, but it won’t load or play. What should I do?
We use Cloudflare to protect our course platform and unfortunately, it does not play nice with VPNs. If you are experiencing issues, turn off your VPN and try again. If that does not solve the issue, please contact our support team at [email protected] and we will help you out.