easylearn.ing
Easy Learning with Industrial Embedded Systems Hardware Penetration Testing
IT & Software > Hardware
4.5 h
£34.99 £12.99
4.9
831 students

Enroll Now

Language: English

Mastering Offensive Hardware Security: ICS/OT & IIoT Penetration Testing

What you will learn:

  • Build a practical hardware hacking challenge board using a NodeMCU ESP8266.
  • Create a secure hardware hacking lab environment.
  • Identify vulnerabilities in industrial embedded systems (ICS/OT, IIoT).
  • Master practical hardware hacking techniques without soldering (basic soldering skills recommended).

Description

Dive into the cutting-edge field of industrial embedded systems penetration testing! This comprehensive course empowers experienced penetration testers to expand their skillset into the critical realm of ICS/OT and IIoT security. Forget traditional IT-focused methods; learn to identify and exploit the unique vulnerabilities found in PCBs, firmware, and industrial IoT devices.

We start with the fundamentals of electrical and signal analysis, equipping you with hands-on experience using multimeters, logic analyzers, and flash programmers. Through real-world case studies involving industrial devices such as a gateway and communication server, and the practical use of the Chronoguard Challenge Board, you will master practical techniques for identifying hidden entry points and crafting advanced attack paths. Each module builds upon the previous one, guiding you through PCB reconnaissance, electrical and signal analysis, serial interface exploitation, and ultimately, firmware analysis and root access.

Learn to leverage OSINT techniques to gather vital information, understand the intricacies of boot environments, and master bootlog analysis. This course provides a practical framework for OT resilience testing and risk evaluation within real-world security scenarios. By the end, you’ll possess the advanced skills needed to secure critical OT infrastructure against sophisticated threats, bridging the gap between IT and OT security expertise.

Important Note: Prioritize electrical safety throughout this course. This course assumes basic soldering knowledge. Success in real-world scenarios is not guaranteed due to varying levels of documentation and access to debug interfaces.

Curriculum

Introduction

This introductory section sets the stage for your hardware hacking journey. You'll get a warm welcome to the course, followed by a comprehensive shopping list of necessary tools and materials. The key differences between Information Technology (IT) and Operational Technology (OT) are clearly explained to establish the unique context of this course. We introduce the case study industrial embedded systems and challenge board, outlining a framework for effective OT resilience testing and risk evaluation. The course methodology, common attack vectors, and the powerful technique of using OSINT (Open Source Intelligence) via FCC filings are all detailed in this foundational module. Each section includes a knowledge-testing quiz to reinforce your understanding.

Setting Up Your Hardware Hacking Lab

This section guides you through setting up your secure hardware hacking environment. We prioritize safety with four crucial electrical safety rules. You'll learn about virtualization and virtual machines, the installation of VirtualBox, and the setup of Kali Linux using a provided installation script. Specific instructions cover setting up the NodeMCU ESP8266 challenge board and installing the necessary logic analyzer software. Finally, a concise summary of the lab setup ensures you're ready to proceed.

Circuit Board Reconnaissance

This section covers the essentials of PCB reconnaissance. You'll learn how to identify main components on a PCB, and apply these skills to the IX2400 and W2150A case study devices. You’ll utilize AI-powered component identification tools and perform datasheet searches for crucial information. A practical challenge task, along with the solution, reinforces your learning on the challenge board. The section concludes with a knowledge check quiz.

Electrical Reconnaissance

Mastering electrical reconnaissance is the focus here. You'll learn the fundamentals of current, continuity, and voltage, along with Ohm's Law. We apply these fundamentals by identifying ground and voltage levels on the IX2400 and W2150A. A challenge task and its solution on the challenge board help you put your newfound knowledge to practice. The section ends with a comprehensive quiz.

Signal Reconnaissance

This section dives into the intricacies of signal reconnaissance, covering the essentials of analyzer interface hardware and software. You'll master fundamental concepts like logic levels, signal transfer rates, and logic analysis. The course utilizes the IX2400 and W2150A to demonstrate capturing and identifying logical signals. A practical challenge task, along with the solution on the challenge board, provides hands-on experience. Finally, a knowledge-testing quiz evaluates your understanding.

Serial Reconnaissance

This module is dedicated to serial reconnaissance, covering essential tools like the USB-UART interface and Picocom. You’ll learn about low-speed serial interfaces (UART and SPI). The practical application on the IX2400 and W2150A involves establishing serial connections. A challenge task and solution on the challenge board help solidify your skills, and a quiz tests your knowledge.

Exploring the Boot Environment

This section explores the boot environment, covering fundamentals like boot logs. You'll analyze bootlogs from the IX2400 and W2150A. A challenge task and solution on the challenge board provide practical experience, followed by a knowledge-testing quiz.

Accessing the Bootmenu

Learn how to access the bootmenu using tools like xdotool. You will gain understanding of boot shell commands and will be able to apply your knowledge on the IX2400 and W2150A case studies. You will learn to enumerate boot shell commands. A challenge task and solution on the challenge board provides practical experience, followed by a knowledge-testing quiz.

Analysing Non-Volatile Flash Memory and Gaining Root Access

This advanced section teaches you how to analyze non-volatile flash memory and gain root access. You'll learn essential tools like strings, grep, and xxd. We demonstrate dumping non-volatile flash memory via U-Boot and Linux. The IX2400 is used to uncover root credentials and gain root access. A challenge task and its solution on the challenge board will test your newly acquired skills. The section concludes with a comprehensive quiz.

Obtaining Firmware Binaries

This section focuses on obtaining firmware binaries, introducing you to flash programmers and flashrom. You'll learn about extracting firmware via USB access and OSINT. The IX2400 and W2150A are used to demonstrate different methods. A challenge task and solution involving downloading firmware using OSINT is included. A quiz tests your knowledge.

Introduction to Firmware Analysis

This section introduces firmware analysis techniques, using tools like binwalk and firmwalker. You'll learn about manual firmware inspection and entropy analysis. The IX2400 is used to demonstrate firmware structure scans and extraction. A series of challenge tasks and solutions test your ability to apply these techniques. A concluding quiz rounds out the section.

Closing

This final section provides a recap of the course, offers farewells, and suggests additional projects for your challenge board.