Demonstrating the HRES Process
Offered By: YouTube
Course Description
Overview
Explore the HRES (Hardware Reverse Engineering Security) process in this 48-minute conference talk from Derbycon 7 (2017). Delve into embedded device security, network pin tests, and hardware security research, including a case study on a Bluetooth-controlled toilet. Learn about pre-engagement interactions, exploitation techniques, and post-exploit activities. Discover the tools and methods used in firmware analysis, including FCC and USPTO searches, logic analyzers, and UART interfaces. Gain insights into firmware review, memory manipulation, and SSL enablement. Understand the importance of lateral movement, reporting, and adherence to HRES standards in hardware security assessments.
Syllabus
Introduction
Tim Wright
Agenda
Embedded Device Security
Network Pin Tests
Hardware Security Research
Bluetooth Controlled Toilet
BlackEnergy
Safety
Preengagement interactions
Carver
Exploit
Post Exploit
Testing Report
Whats in the box
Getting the firmware
Targets
Tools
Box
Cable modem
Header
FCC Search
USPTO Search
Flash Chip
datasheet
intelligence gathering
logic analyzer
UART
Firmware
Firmware Review
P Menu
Read Write to Memory
Enable SSL
Lateral Movement
Report Time
Report Out
Report Detail
Wrapup
HRES Standard Org
Related Courses
Building Geospatial Apps on Postgres, PostGIS, & Citus at Large ScaleMicrosoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube