Organized by security consulting and research firm Independent Security Evaluators (ISE), IoT Village delivers advocacy for and expertise on security advancements in Internet of Things devices. IoT Village hosts talks by expert security researchers who dissect real-world exploits and vulnerabilities and hacking contests consisting of off-the-shelf IoT devices.
IoT Village's contests are brought to you by SOHOpelessly Broken™, the first-ever router hacking contest at DEF CON. The ISE research that inspired the SOHOpelessly Broken™ contests delivered 56 CVEs to the infosec community. Over the years at DEF CON, IoT Village has served as the platform to showcase and uncover 278 new vulnerabilities in connected devices.
We are bringing our SOHOplessy Broken CTF contest to this virtual event! In brief, our CTF is comprised of IoT and other commonly-used networking devices tiered across three networks. Each device made a part of this contest has publically-disclosed vulnerabilities; however, the exciting part is that you cannot rely on the public exploit alone to make your way through the contest. You will have to leverage networking techniques such as SSH tunneling to pivot from one subnet to another after you gain a foothold in one of the devices in the initial network drop point. How cool is that?
This contest is for all skill levels, no matter if you have no experience, casual interest, or are an experienced bug hunter. The goal here is to create a contest that everyone can learn and test their knowledge and skillsets. We have limited space for participants, so if you are interested, be sure to register for the contest ASAP!
To continue the theme of continuous learning, we are making available various hands-on labs that were created to teach methodology and exploitation techniques that can be used in the wild. Topic areas include hardware hacking, web vuln exploitation, IoT protocol analysis, and reverse engineering.
These labs are dope, and the best part is that these were created using devices everyone can find off the shelve! Talk about real-world applications.