Pentester Academy – Embedded/IoT Linux for Red-Blue Team

[protectaccount]

​

This course is a deep dive into Embedded/IoT firmware where we will start from the very basics – understand the multistage boot process, the kernel and root filesystem, how to build them with a custom toolchain and how they can be compromized with user and kernel mode backdoors/rootkits. We will be using the latest 4.15.x kernel for this course on an ARM architecture board.

A non-exhaustive list of topics to be covered include:

Embedded/IoT device architecture basics

Understanding the Boot Process

Multi-stage Bootloaders

Creating a custom toolchain with crosstool-NG

U-boot build and deep dive

Booting a device manually with u-boot

Kernel and Device Tree basics

Custom Kernel and DTB builds

Building the runtime C library (uClibc)

Building the root filesystem and BusyBox

Debugging the system over UART

Understanding Kernel mode rootkits

Embedded/IoT system constraints

Kernel mode rootkits on IoT/Embedded devices

Syscall monitoring and hijacking

Process manipulation

Network stacking hooking with Netfilter

Kernel mode Network backdoor with C&C

and many others

To see this hidden content, you need to "Reply & React" with one of the following reactions: Like