Hardware Security

I know some people that self-taught themselves assembly at home. There are probably some online resources to help with that if you want to do it in your spare time.

I'm a noob and won't pretend to have a great knowledge of it, but these guys did develop exploits, reverse engineered stuff, did some malware analysis etc.

I found this short online course in Hardware Security from University of Maryland. I've not done it so cannot attest to the quality or anything, but perhaps look into it? Even if you're beyond it, it might help you refresh something and give you a certificate to put on Resumé if you wanted.

https://www.coursera.org/learn/hardware-security

Good luck!

I think it was "Hardware Security" by The University of Maryland:

https://www.coursera.org/learn/hardware-security?specialization=cyber-security

Was years ago. Not sure how the course has changed.

I think there would be 2 areas of interest for you.

1. Building secure systems (Defensive approach)
2. This includes (but is not limited to) cryptography, hardware security, network security, TPMs. A fair understanding of possible attacks on your system can help improve the system's defense.
3. There is a lot of research going on the fields of side-channel attacks on computers and embedded systems.
4. Use what you learn in all the software and hardware you build to make them secure.
5. Vulnerability analysis for given systems (Offensive approach)
6. This includes penetration testing, white/black hat hacking, reverse engineering systems
7. What you learn can be used to break into networks, computers, IoT devices.

​

Richard Feynman famously said "What I cannot create, I do not understand". In case of security, what I cannot break, I will not understand. So, resources and places to start with:

1. CTF competitions (you can search for embedded CTFs): https://ctftime.org/event/list/upcoming
2. MITRE held a eCTF: https://mitrecyberacademy.org/competitions/embedded/
3. Hack This Site (general security) : hackthissite.org
4. Go to DefCon and participate. If I remember correctly, kids who participate break into ~~election~~ voting machines. It is a great place to learn.
5. Hacker Roadmap: https://github.com/Sundowndev/hacker-roadmap
6. If you can get your hands on this drone, try hacking it without actually physically touching it. It is very very vulnerable and great experimentation tool for MITM attacks. There are several papers describing how to hack it.
7. More formal ways:
8. My personal favorite is a book called Hacking: The Art of Exploitation. It was the one that got me started and interested in the field.
9. Aleph One's Stack Smashing is a wonderful read: http://insecure.org/stf/smashstack.html You can implement as you go through it.
   1. Articles about buffer overflows. https://cs.columbusstate.edu/cae-ia/otherstudentpapers/BufferOverflowLinks.php
10. Coursera course : https://www.coursera.org/learn/hardware-security
11. Read about the Stuxnet
    1. A few people have reverse engineered the virus: https://github.com/Christian-Roggia/open-myrtus
12. Google about "Side Channel Attacks on Embedded Systems". You will find a lot of research papers.
    1. E.g. : https://ieeexplore.ieee.org/document/7085468/

Above all make sure you understand that stuff you do might be considered illegal. So make sure what you do is contained. Please do not cause DDOS attack on some server or do not destroy some proprietary equipment.

Have fun!

​

Edit: Formatting and adding more info

If you're interested in hardware and cybersecurity, then you might like this:

https://www.coursera.org/learn/hardware-security?