> Andrew Bellini's IoT and Hardware Hacking Course - Review

It's been a little while since I finished up Andrew Bellini's Beginner's Guide to IoT and Hardware Hacking course on TCM. As I've reflected upon what I've learned and the course as a whole, I felt that it was worth sharing a review of the course and Andrew's instruction.

[~] The Fundamentals of Electrical Engineering

This course takes you, the student, from knowing nothing to having a solid, fundamental, understanding of IoT and hardware hacking. Starting the course with the basics of electrical engineering and then building on that knowledge, Andrew does an excellent job of explaining highly-complex concepts all the while making them genuinely enjoyable to learn about. Throughout this section I was reminded of how little I had cared for this stuff in science during school, though I realized it was more the teaching than it was the subject. He has managed to instill a genuine excitement in someone who struggled with the subject in the past. For those who have taken the course, or have an interest in the underlying workings of the computers we use on a day-to-day basis, I recommend "Code: The Hidden Language of Computer Hardware and Software" by Charles Petzold. It is a great piece of free material, available online for anyone, that serves to extend your knowledge on the aforementioned areas. Charles has a similarly engaging teaching style and blends in the history of computers while explaining how processors, memory, and electricity work on the most fundamental level. If you decide to take Andrew's assembly course, it may prove useful as well. I have also seen it as a recommended pre-read for anyone looking to learn C.

[~] The Democratization of IoT Hacking

On the hardware front, Andrew employed an easy to understand and readily available demonstration device, the TP-Link N300. This made the learning curve far less daunting than it could have been and ensures that almost anyone can follow along. For those unable to purchase the device, he provides other options. In his DefCon talk, Anyone Can Hack IoT, Andrew offered numerous cheap options for IoT hacking tools, and many of these received mention in the introduction to the course. It's a great presentation and a must-watch for anyone sitting on the fence about whether or not to take the course.

I have assembled a similar purchase list for Canadian sources which can be found here:

Basic Hardware Testing Purchase Guide

Andrew's enthusiasm for teaching generally, and the subject of IoT and hardware hacking specifically, show through his highly engaging delivery throughout the entire course. I have always had some interest in this sub-field of penetration testing; it's where we as testers get to combine everything from web app to reverse engineering to mobile hacking, and have the potential for real-world impact when a vulnerability is exploited. However, after having finished his course I find that I am completely infatuated by the topic and am eager to do everything I can to apply the knowledge learned.

I would highly recommend this course to anyone who has even the slightest interest in hardware or IoT hacking. And, of course, I must extend a thank you to Andrew for putting together such a fantastic course.

I am now working on a few devices that I hope to have finished in the coming months, each of which will be written about and shared.