ROP Based Exploitation for ARM
ROP Based Exploitation for ARM
Offensive IoT Exploitation
Buy now
Learn more
OIX - 2026 Edition
[OIX] Intro
The SMDA Loop
Introduction to IoT Security
Introduction
13
IoT 101
IoT Security Case Studies
6
Ninja Recon Technique
2
Firmware Analysis and Exploitation
Getting started with Firmware
Extracting file system from Firmware
17
Automated File System Extraction using Binwalk
4
Hidden Certificates inside Firmware
2
Hardcoded Telnet Credentials inside Firmware
4
Additional Firmware analysis - password protected firmware
3
Reversing Binaries using Hopper
5
Working with Encrypted Firmware Binaries
6
Emulating IoT Firmware Binaries
3
Debugging Emulated Binaries
1
Full Firmware Emulation with FAT
27
Backdooring Firmware Binaries
11
Firmware Patching
Firmware Patching - Hands On
Conventional Attack Techniques
Attacking Web Apps
Performing Command Injection
Diffing based vulnerabilities
Getting started with SmartPlug
Additional mobile application analysis
1
Reversing Encryption
5
Using Frida for App Analysis
Smart Plug Hacking
2
Orvibo Smart Plug Hacking
3
Native library analysis using Ghidra
4
Binary Exploitation for IoT Devices
Intro to Binary Exploitation & ARM
ARM Instruction Sets and Addressing Modes
1
Using GDB to analyze ARM Binaries
2
ARM Mode and Thumb Mode
1
Manipulating Program Execution
13
Reversing Binary and Understanding Disassembly
ROP Based Exploitation for ARM
5
ARM Exploitation on Real World Firmware
Writing Shellcodes for ARM
2
Binary Exploitation on MIPS - A Short Overview
2
Hardware/Embedded Hacking for IoT Devices
Introduction to Hardware Hacking
Analyzing Circuit Boards (PCB Recon)
PCB Reconnaissance Continued
Performing Pin Tracing (Analyzing Tracks)
1
Serial Communication Interfaces and Introduction to UART
1
Exploiting an IP Camera
6
NAND Glitching
Introduction to JTAG
Identifying JTAG pinouts with Arduino Nano and JTAGEnum
Using JTAGulator to identify JTAG pinouts
8
Connections for JTAG
JTAG Debugging with Attify Badge
11
Flashing new firmware using JTAG
5
Reading Memory Contents using JTAG
2
Dumping data using JTAG
2
Connections for the Final Exercise
1
JTAG Authentication Bypass Walkthrough
1
Serial Peripheral Interface (SPI) Communication
1
SPI Flash Firmware Dumping
1
Logic and Bus Sniffing
4
Software Defined Radio and Radio Communications for IoT
Introduction to Software Defined Radio (SDR)
1
Common Radio Terminologies
2
Getting Started With RTL-SDR
2
Working with GNURadio
4
Sending Data with a 433 MHz transmitter
3
Identifying Exact frequency using GQRX
Decoding a 433 MHz signal
2
Bluetooth Low Energy (BLE)
Introduction to Bluetooth Low Energy
BLE Device Recon
2
Analyzing a BLE device
3
Getting started with ESP32 for BLE Security Research
10
Exploring BLE using ESP32
3
Sniffing BLE using Adafruit Sniffer
Sniffing BLE using Ubertooth sniffer
3
Exploiting a BLE Smart Lock
3
Getting started with BLE Smart Lock (OKLOK)
Reverse Engineering OKLOK with JADx and Frida
3
Smartlock BLE Traffic Capture and Analysis
1
Understanding the Smart Lock Logic
Smartlock Unlock Script and Mechanism
1
Zigbee
Introduction to ZigBee and Lab Setup
3
Sniffing and Dumping ZigBee packets
3
[DEMO] Attify Zigbee Framework - Sniff, Replay and Exploit ZigBee traffic in IoT devices
6
Preview unavailable
You must log in or sign up to view this lesson.
Login
Sign up
Offensive IoT Exploitation
Buy now
Learn more
OIX - 2026 Edition
[OIX] Intro
The SMDA Loop
Introduction to IoT Security
Introduction
13
IoT 101
IoT Security Case Studies
6
Ninja Recon Technique
2
Firmware Analysis and Exploitation
Getting started with Firmware
Extracting file system from Firmware
17
Automated File System Extraction using Binwalk
4
Hidden Certificates inside Firmware
2
Hardcoded Telnet Credentials inside Firmware
4
Additional Firmware analysis - password protected firmware
3
Reversing Binaries using Hopper
5
Working with Encrypted Firmware Binaries
6
Emulating IoT Firmware Binaries
3
Debugging Emulated Binaries
1
Full Firmware Emulation with FAT
27
Backdooring Firmware Binaries
11
Firmware Patching
Firmware Patching - Hands On
Conventional Attack Techniques
Attacking Web Apps
Performing Command Injection
Diffing based vulnerabilities
Getting started with SmartPlug
Additional mobile application analysis
1
Reversing Encryption
5
Using Frida for App Analysis
Smart Plug Hacking
2
Orvibo Smart Plug Hacking
3
Native library analysis using Ghidra
4
Binary Exploitation for IoT Devices
Intro to Binary Exploitation & ARM
ARM Instruction Sets and Addressing Modes
1
Using GDB to analyze ARM Binaries
2
ARM Mode and Thumb Mode
1
Manipulating Program Execution
13
Reversing Binary and Understanding Disassembly
ROP Based Exploitation for ARM
5
ARM Exploitation on Real World Firmware
Writing Shellcodes for ARM
2
Binary Exploitation on MIPS - A Short Overview
2
Hardware/Embedded Hacking for IoT Devices
Introduction to Hardware Hacking
Analyzing Circuit Boards (PCB Recon)
PCB Reconnaissance Continued
Performing Pin Tracing (Analyzing Tracks)
1
Serial Communication Interfaces and Introduction to UART
1
Exploiting an IP Camera
6
NAND Glitching
Introduction to JTAG
Identifying JTAG pinouts with Arduino Nano and JTAGEnum
Using JTAGulator to identify JTAG pinouts
8
Connections for JTAG
JTAG Debugging with Attify Badge
11
Flashing new firmware using JTAG
5
Reading Memory Contents using JTAG
2
Dumping data using JTAG
2
Connections for the Final Exercise
1
JTAG Authentication Bypass Walkthrough
1
Serial Peripheral Interface (SPI) Communication
1
SPI Flash Firmware Dumping
1
Logic and Bus Sniffing
4
Software Defined Radio and Radio Communications for IoT
Introduction to Software Defined Radio (SDR)
1
Common Radio Terminologies
2
Getting Started With RTL-SDR
2
Working with GNURadio
4
Sending Data with a 433 MHz transmitter
3
Identifying Exact frequency using GQRX
Decoding a 433 MHz signal
2
Bluetooth Low Energy (BLE)
Introduction to Bluetooth Low Energy
BLE Device Recon
2
Analyzing a BLE device
3
Getting started with ESP32 for BLE Security Research
10
Exploring BLE using ESP32
3
Sniffing BLE using Adafruit Sniffer
Sniffing BLE using Ubertooth sniffer
3
Exploiting a BLE Smart Lock
3
Getting started with BLE Smart Lock (OKLOK)
Reverse Engineering OKLOK with JADx and Frida
3
Smartlock BLE Traffic Capture and Analysis
1
Understanding the Smart Lock Logic
Smartlock Unlock Script and Mechanism
1
Zigbee
Introduction to ZigBee and Lab Setup
3
Sniffing and Dumping ZigBee packets
3
[DEMO] Attify Zigbee Framework - Sniff, Replay and Exploit ZigBee traffic in IoT devices
6