IoT Firmware Exploitation

The IoT Firmware Exploitation and Attack Countermeasures workshop is designed to provide techniques for testing of embedded IoT systems, employing proactive controls, embedded application security best practices, and address the challenges of building security into embedded devices. This course is suited for embedded systems engineers, software developers, and security professionals of all backgrounds. Hands on demonstrations and labs will be given throughout the course. Upon completion of the course, trainees will learn the following:

  • How to identify vulnerabilities in embedded firmware
  • Understand the embedded security testing methodology, techniques, and tools
  • Firmware reverse engineering, emulation, and binary exploitation
  • How to backdoor firmware for MIPs and ARM architectures
  • Understand embedded system design constraints that pose security risks
  • Understand IoT botnet exploitation techniques that impact critical infrastructures and how to apply appropriate mitigating controls for product security teams

Course Prerequisites

  • Familiarity with a Linux operating system
  • Admin Rights to Computer….If you do not have install rights no problem as we will work in pairs for the labs.


  • At least 25 GB of free space
  • Laptop with a minimum of 4 GB RAM
  • USB access allowed


Participants should have virtualization software installed (VMWare and/or VirtualBox)

At the start of the class, we will share a virtual machine which will have all the tools and labs preconfigured for the training.

Aaron Guzman Security Consultant,

Aaron Guzman is a Security Consultant from the Los Angeles area with expertise in web app security, mobile app security, and embedded security. Mr. Guzman has spoken at several word-wide conferences which include: DEF CON, AppSec EU, AppSec USA, HackFest, Security Fest, HackMiami, 44Con, AusCERT as well as several regional BSides events. Furthermore, Aaron is a Chapter leader for the Open Web Application Security Project (OWASP) Los Angeles, Cloud Security Alliance SoCal (CSA SoCal), a Technical Editor, and author of "IoT Penetration Testing Cookbook" with Packt Publishing. He has contributed to many IoT security guidance publications from CSA, OWASP, Prpl, and several others. Aaron leads the OWASP Embedded Application Security project; providing practical guidance to address the most common firmware security bugs to the embedded and IoT community. Follow Aaron’s latest research on Twitter at @scriptingxss