We provide a three or four day hands-on training, see details below. Please contact us for more information.
This training can be offered privately for groups of five or more. Training is given on-site at your company location, so you don't have to worry about traveling. Trainings can be tailored to your wishes. Prices start at €3000 per student for a three day course.
This training will be offered at ringzer0 in Austin, TX on February 20 - 23 2024. Check out ringerzer0.training for more details.
To stay up to date with any public trainings, you can sign up to our mailing list.
Interested in opening up a car hacker's toolbox and applying these tools and techniques hands-on? Then this training is the best fit for you!
In this course, the participant will become familiar with the theory and practice around numerous techniques in automotive security. This allows the participant to see what’s in a car hacker’s toolbox, and how to mitigate possible security vulnerabilities.
The trainee will learn how to leverage open source tools to perform an analysis of various aspects of the modern car. Everything from attacks on the physical layer and diagnostic protocols to the reverse engineering of firmware will be covered.
Various simulated networks and real Electronic Control Units (ECUs) will be available to practice on. Based on experience level, different ECUs and challenges will be available. A USB to CAN adapter will be provided, to be brought home by the participant to apply their new skills on their own targets.
Day 1 - Vehicle Networks and Tools
Day 1 of the training will be used to become familiar with the standards used for the communication between Electronic Control Units (ECUs) in a vehicle. Attacks on the physical and link layer will be discussed, and their possible detection and mitigation.
In the second part of the day, we will look at hardware used to interact with the vehicle’s network, and implement our first attack.
Day 2 - Diagnostic Protocols and Hardware
On the second day of the training, we will dive into the actual hardware of a car and its ECUs. You’ll learn how to find the schematics of a certain car, and identify the best points to connect to the different networks. We will look at software provided to repair shops by the manufacturer
Day 3 - Reverse Engineering
Different firmware update files and their protections will be discussed. We will also look at the inside of an ECU and ways to extract its firmware. A quick introduction to Ghidra will be given.
An ECU firmware file consists of up to millions of lines of code which would take a long time to fully reverse engineer. Tips and tricks will be taught to quickly identify parts of the firmware that are of interest. After reverse engineering the security access algorithm we can flash the firmware back to the ECU.
Day 4 - RF Hacking using Software Defined Radio
On the last day of the training we will look into all things wireless. Using a Software Defined Radio (SDR) we will interact with different parts of the vehicle. We will look into how tire pressure monitoring systems work. Recent developments in FM radio have opened up a whole new wireless attack surface.
We will also look at the different kinds of attacks on keyfobs. Finally we will learn about how the powerline communication between EV and charging station (EVSE) can be monitored with an SDR to leak personal information, and can be disrupted.
All hands-on exercises will be done on a Raspberry Pi running Jupyter Notebooks.
Willem Melching (https://twitter.com/PD0WM) is an independent security researcher. He has over 5 years of experience working on automotive security and reverse engineering. During his time at comma.ai he worked on providing open source tools to help the community reverse and interact with a wide variety of cars. Check out his blog (https://blog.willemmelching.nl/) for recent work.
"I attended the Practical Car Hacking training by Willem and I consider it to be a great foundation for my car hacking knowledge. I now feel like I have the required expertise to perform a real-life assessment on the security of a car, despite knowing little about car hacking before attending this training."
"I recently attended the three-day car hacking course that was not only a worthwhile way to end my week but also proved to be an excellent introduction to the world of practical car hacking, even for someone without prior experience. The course struck a perfect balance between theory and hands-on learning, ensuring accessibility for all participants. The practical challenges were thoughtfully designed, and Willem's knowledge and passion for the subject matter made the learning experience engaging. I highly recommend this course for anyone interested in Car hacking, as it provided both valuable skills and a newfound appreciation for the field."
"The course for the training was very informative and useful to understand the networking within a car and how an attacker can abuse it. This was a very fun course especially the hands on challenges using the tools comma ai, Cabana, and reversing using Ghidra to solve challenges that involved ECUs from Tesla model 3, Volkswagen Golf, Hyundai Sonata, etc. I highly recommend it for anyone who is curious about automotive hacking."
"As a noob to car hacking and associated concepts like reverse engineering this course provided me with a fantastic understanding of in car networks, protocols and tools required for vehicle ECU hacking. The hands on labs/CTFs were expertly put together and a pleasure to work through."
"I loved that the course goes into detail really quickly and covers a lot of real life scenarios. The primary focus was hands on training, and it covered all the theory topics. I would recommend to anyone looking to expand their knowledge in the different attack vectors of car hacking."
"A great hands-on training where you get to work with actual car-parts. The 3-day training thought me the necessary skills to further develop in this field on my own."
"I really enjoyed the training. The hands-on assignments were well thought out and learned more in-depth how ECUs operate and communicate."