IoT Firmware Exploitation

Back to the list of Speakers and Sessions

The IoT Firmware Exploitation and Attack Countermeasures workshop is designed to provide techniques for testing of embedded IoT systems, employing proactive controls, embedded application security best practices, and address the challenges of building security into embedded devices. This course is suited for embedded systems engineers, software developers, and security professionals of all backgrounds. Hands on demonstrations and labs will be given throughout the course. Upon completion of the course, trainees will learn the following:

  • How to identify vulnerabilities in embedded firmware
  • Understand the embedded security testing methodology, techniques, and tools
  • Firmware reverse engineering, emulation, and binary exploitation
  • How to backdoor firmware for MIPs and ARM architectures
  • Understand embedded system design constraints that pose security risks
  • Understand IoT botnet exploitation techniques that impact critical infrastructures and how to apply appropriate mitigating controls for product security teams

Course Prerequisites

  • Familiarity with a Linux operating system
  • Admin Rights to Computer….If you do not have install rights no problem as we will work in pairs for the labs.


  • At least 25 GB of free space
  • Laptop with a minimum of 4 GB RAM
  • USB access allowed


Participants should have virtualization software installed (VMWare and/or VirtualBox)

At the start of the class, we will share a virtual machine which will have all the tools and labs preconfigured for the training.