Diffing based vulnerabilities

Diffing based vulnerabilities

Preview unavailable

You must log in or sign up to view this lesson.

LoginSign up

Offensive IoT Exploitation

Buy nowLearn more

OIX - 2026 Edition

  • [OIX] Intro
  • The SMDA Loop

Introduction to IoT Security

  • Introduction13
  • IoT 101
  • IoT Security Case Studies6
  • Ninja Recon Technique2

Firmware Analysis and Exploitation

  • Getting started with Firmware
  • Extracting file system from Firmware17
  • Automated File System Extraction using Binwalk4
  • Hidden Certificates inside Firmware2
  • Hardcoded Telnet Credentials inside Firmware4
  • Additional Firmware analysis - password protected firmware3
  • Reversing Binaries using Hopper5
  • Working with Encrypted Firmware Binaries6
  • Emulating IoT Firmware Binaries3
  • Debugging Emulated Binaries1
  • Full Firmware Emulation with FAT27
  • Backdooring Firmware Binaries11
  • Firmware Patching
  • Firmware Patching - Hands On

Conventional Attack Techniques

  • Attacking Web Apps
  • Performing Command Injection
  • Diffing based vulnerabilities
  • Getting started with SmartPlug
  • Additional mobile application analysis1
  • Reversing Encryption5
  • Using Frida for App Analysis
  • Smart Plug Hacking2
  • Orvibo Smart Plug Hacking3
  • Native library analysis using Ghidra4

Binary Exploitation for IoT Devices

  • Intro to Binary Exploitation & ARM
  • ARM Instruction Sets and Addressing Modes1
  • Using GDB to analyze ARM Binaries2
  • ARM Mode and Thumb Mode1
  • Manipulating Program Execution 13
  • Reversing Binary and Understanding Disassembly
  • ROP Based Exploitation for ARM5
  • ARM Exploitation on Real World Firmware
  • Writing Shellcodes for ARM2
  • Binary Exploitation on MIPS - A Short Overview2

Hardware/Embedded Hacking for IoT Devices

  • Introduction to Hardware Hacking
  • Analyzing Circuit Boards (PCB Recon)
  • PCB Reconnaissance Continued
  • Performing Pin Tracing (Analyzing Tracks)1
  • Serial Communication Interfaces and Introduction to UART1
  • Exploiting an IP Camera6
  • NAND Glitching
  • Introduction to JTAG
  • Identifying JTAG pinouts with Arduino Nano and JTAGEnum
  • Using JTAGulator to identify JTAG pinouts8
  • Connections for JTAG
  • JTAG Debugging with Attify Badge11
  • Flashing new firmware using JTAG5
  • Reading Memory Contents using JTAG2
  • Dumping data using JTAG2
  • Connections for the Final Exercise1
  • JTAG Authentication Bypass Walkthrough1
  • Serial Peripheral Interface (SPI) Communication1
  • SPI Flash Firmware Dumping1
  • Logic and Bus Sniffing4

Software Defined Radio and Radio Communications for IoT

  • Introduction to Software Defined Radio (SDR)1
  • Common Radio Terminologies2
  • Getting Started With RTL-SDR 2
  • Working with GNURadio4
  • Sending Data with a 433 MHz transmitter3
  • Identifying Exact frequency using GQRX
  • Decoding a 433 MHz signal2

Bluetooth Low Energy (BLE)

  • Introduction to Bluetooth Low Energy
  • BLE Device Recon2
  • Analyzing a BLE device3
  • Getting started with ESP32 for BLE Security Research10
  • Exploring BLE using ESP323
  • Sniffing BLE using Adafruit Sniffer
  • Sniffing BLE using Ubertooth sniffer3
  • Exploiting a BLE Smart Lock3
  • Getting started with BLE Smart Lock (OKLOK)
  • Reverse Engineering OKLOK with JADx and Frida3
  • Smartlock BLE Traffic Capture and Analysis1
  • Understanding the Smart Lock Logic
  • Smartlock Unlock Script and Mechanism1

Zigbee

  • Introduction to ZigBee and Lab Setup3
  • Sniffing and Dumping ZigBee packets3
  • [DEMO] Attify Zigbee Framework - Sniff, Replay and Exploit ZigBee traffic in IoT devices6