Product Description
The growing Internet of Things is bringing more connected devices to consumers every day. These devices, like smart thermostats and smart speakers, are designed to make life easier. This creates new security concerns, since hackers no longer need physical connection to the networks linking the devices, but only need to be in their proximity, to send malicious data to exploit some vulnerability. Wi-Fi technology has big impacts on security, both in terms of perimeter security and client security. In this course we will discuss the security and privacy issues in today’s wireless network including WPA and WPA2 and also fuzz the scanning, authentication and association process of several IoT devices and non-IoT devices.
- Why you?
- Why now?
- Why this course?
Who is this course for?
Security professionals and IoT Enthusiasts are welcome to take this course.
Course benefits:
- Skills
- Scope
- Tools
What skills will you gain?
- Setting up a Wi-Fi fuzzing testing lab environment
- Fuzzing with open source tools to learn about the target network
- Advanced Wi-Fi fuzzing techniques
- Analysing packet types with Wireshark
Course general information:
- How this works
- Lab Setup
- Prerequisites
DURATION: 18 hours
CPE POINTS: On completion you get a certificate granting you 18 CPE points.
SELF-PACED, PRE-RECORDED.
Course format:
- Self-paced
- Pre-recorded
- Accessible even after you finish the course
- No preset deadlines
- Materials are video, labs, and text
- All videos captioned
YOUR INSTRUCTOR: Vaibhav Bedi
Experience in various fields such as Biomedical, Embedded system, Additive and Smart Manufacturing and Internet of Things.
Experience in the security domain.
Delivered lectures to more than 500 students in communities like OWASP, Null Bangalore and Test Tribe.
Love spending most of my free time in making, breaking and securing IoT Devices.
Excel at operating and working with hardware.
The materials presented here do not represent the work done by the instructor for their current employer.
COURSE SYLLABUS
Module 1
Getting started with 802.11 protocol
The 802.11 is perhaps the fastest-changing network protocol around the world. The purpose of this module is to give the basic overview of the 802.11 Standard, in such a way that they will be able to understand the basic concepts, layers, frame structure and protocols. In this module, we will purely focus our efforts on 802.11 protocols.
- Topics
- Assignment
- 802.11 overview
- 802.11 Architecture
- Components and services
- 802.11 Layer Modules
- 802.11 frame Structure
- 802.11 protocols
Module 2
Introduction to Wi-Fi Fuzzing
The recent rise in complex Wi-Fi vulnerabilities indicates the critical need for effective Wi-Fi protocol testing tools. In this module, we will discuss packet injection for testing Wi-Fi client implementations against vulnerabilities and also introduce some frame fuzzing techniques to capture the packet using Wireshark.
- Topics
- Tools
- Assignment
Fuzzing overview
Building a router with a Raspberry Pi and OpenWRT
Setting up a Wi-Fi fuzzing testing Lab environment
Common Wi-Fi vulnerabilities
Wi-Fi Frame Fuzzing
- Beacon fuzzing
- Probe Request
- Authentication & Deauthentication Request/Response
- Association & Reassociation Request & Response
- Disassociation
Access Point Fuzzing
Wi-Fi Raw Packet Injection
- Raw Fake AP
- Raw Glue AP
- Raw Covert
- Python Raw Covert
- WiFi Advanced Stealth Patches
Module 3
Fuzzing with Open Source Tools
In this module, we will discuss a lot of open source tools related to fuzzing and perform the attacks on the Wi-Fi network.
- Topics
- Tools
- Assignment
Fuzzing with Scapy
- Scapy Introduction
- Packets handlers in Scapy
- Finding Wi-Fi Devices
- Dictionary Attack on Hidden SSID Networks
Fuzzing with PeachFuzzer
Fuzzing with Sulley
Fuzzing with Metasploit
- TFTP Fuzzer
- IMAP Fuzzer
Fuzzing with libpcap
- Setup libpcap
- Send and verify Probe response
- Authentication and association
- Parsing of Probe response frames
Fuzzing with wifuzzit
Packet analysing using tcpdump
Module 4
Advance Wi-Fi Fuzzing Techniques
With more IoT devices entering the consumer market, it becomes imperative to detect their security vulnerabilities before an attacker does. In this module, we will discuss a novel automatic fuzzing framework, called IoTFUZZER, and find the memory corruption vulnerability in the IoT device. And also we will discuss some Wi-Fi dynamic testing, mutation fuzzing method, and as well as wireless sniffing techniques.
- Topics
- Tools
- Assignment
- Wi-Fi Dynamic Testing
- Advance Mutation Fuzzing method
- IoT Devices Fuzzing
- Writing the fuzzer in C
- Wireless HID hijacking
- Fuzzing wireless firmwares
- Wireless Sniffing
