Attify Store

Sold out



After tons of research and conducting 100+ IoT device pentests so far, we have put a training together which will teach you how to pentest IoT devices.  


"Offensive IoT Exploitation" or "IoT Security for Pentesters (online class)" is an IoT hacking class where we take an offensive approach to break the security of so-called "smart devices". It's an action packed class covering a number of topics including Embedded Device Hacking, Firmware Reverse Engineering, Binary Exploitation, Radio - BLE and ZigBee exploitation and more.


The training puts special emphasis on learning-by-doing, which means that you will get a chance to attack and pwn various real-world devices through the skillsets taught by the instructor.


The training starts with you getting familiar with the various internal concepts of IoT security architecture, previous vulnerabilities and case studies in IoT devices and takes you all the way through getting firmware for a given target device, reverse engineering it, finding security issues and exploiting them. You will learn concepts such as ARM and MIPS exploitation, Firmware extraction and debugging, Firmware emulation and more.


Next module is where things start getting hardcore. The module starts with you taking apart a real world IoT device to understand the underlying circuit boards, its various components and using that knowledge to get a root shell on the device. The exploitation does not end there! You will also learn about topics such as UART exploitation, JTAG debugging and dumping flash chip contents from a device. All of this will be taught with actual labs and handouts so that you are able to grasp 100% of what is taught in the class, and apply it to any IoT device you encounter.


Finally, the final modules contain everything that you need to attack devices remotely! Be it Bluetooth Low Energy Exploitation or sniffing and attacking ZigBee devices or even creating your custom radio - we've got it covered! With a combination of labs and exercises, you will learn what it takes for a real-world highly targeted attacker to break into an IoT device.




Once the training is over, you will still have access to the video lectures, course contents, lab manual and slack channel for discussions, all because, WE WANT YOU TO BE AN IOT SECURITY PENTESTER! 


We have seen this class change lives of so many people in the past, when we taught this course at conferences such as BlackHat USA, OWASP AppSec, HackFest and many more, including private organizations and three letter agencies. We know that this stuff works. Period.


Finally, this class is not just a training class. It's an experience where we want you to get the most out of it. We want you to dedicate few days of your life, living, breathing and learning IoT security - and rest assured, we will deliver what people say as "The best training of their lives in security".


After the class, the attendees will be able to:

  • Extract and analyze device firmware
  • Debug and Disassemble binaries
  • Exploit UART, SPI and JTAGs
  • JTAG debugging, exploitation
  • Dump firmware through various techniques
  • Debug hardware and software
  • Analyze security of MQTT, CoAP and M2MXML protocols
  • Attack cloud and mobile component of an IoT device
  • Sniff, Replay, MITM and Attack Radio communications
  • BLE and Zigbee exploitation
  • ARM and MIPS Reversing
  • Conventional and Unconventional attack techniques
  • Write exploits for the platforms
  • and more.

All the above-mentioned topics are taught in extremely hands-on practical sessions.

Total Video Duration: Over 10 hours of HD-Content




IoT devices  

Attify's IoT pentesting VM

Printed Lab reference material and handouts

600+ slides (PDF Copy)

IoT Exploitation Learning Kit

WHO CAN take THIS course


IoT Security Enthusiasts

Security Professionals and Penetration Testers

Embedded Developers


train your team:
for teachers and trainers


Do you plan to teach a training class on IoT Security in one of the security conferences or internally?

Or to your university students?

Or train your team in your organisation using the IoT Exploitation Learning Kit?

We have special add-ons (completely free with the order of Offensive IoT Exploitation with Complete IoT Exploitation Learning Kit) which includes Instructor and Student worksheets.

The Instructor worksheet includes solutions of all the lab exercises and additional background reading for all topics, and the student worksheet includes questions and answers which can be filled by performing different exercises.

Note - It is recommended to have 1 IoT Exploitation Learning Kit for each student, but the kits can also be used in a pair of 2. A minimum quantity of 10 kits is required to receive the worksheets.


government, veterans, university


We provide special discounts to Government organisations, Veterans and University (both professors and students). Please reach out to us using the support page for the same.


iot security Certification:


With every purchase of "Offensive IoT Exploitation with Complete IoT Exploitation Learning Kit", you will receive a one-time access pass (normal price: $449) to take the IoT Security Certification Exam. The certification will launch on 10th March, 2019 and can be availed by 1 person on 1 order of the kit.


train your team:
With Attify's instructors


Attify's Offensive IoT Exploitation training class is available as a corporate on-site offering delivered at your location for your team. The training ensures that your team gets a hands-on experience performing IoT Security analysis and exploitation, guided by Attify's team of experts. Each attendee will also receive an IoT Exploitation Learning Kit for takeaway. For more details about on-site training, reach out to us using the contact form available here - .  



Reverse Engineering Tool: Hopper

(20% OFF for students)

Bug Bounty Partner:

BugCrowd (IoT Device Bug Bounties)