In this beginner-friendly training, you'll look into the firmware of an IoT device and take it apart! The training introduces the fundamentals of analyzing embedded firmware using the Raspberry Pi Pico 2 W as a target platform. You will explore how compiled firmware looks compared to source code, and how to extract meaningful information from it.
Through a series of hands-on exercises, you will analyze, flash, debug, and emulate firmware. Along the way, you will uncover hidden functionality and flags, gaining practical insight into both static and dynamic analysis techniques for IoT devices.
This training teaches the essential methods and tools required to analyze embedded firmware, providing a foundation for IoT security research and hardware-oriented reverse engineering.
Trainer
Jiska Classen is a wireless and mobile security researcher, leading a research group at Hasso Plattner Institute. The intersection of her research topics means that she digs into iOS internals, reverse engineers wireless firmware, and analyzes proprietary protocols. Her research includes the security analysis of widely deployed IoT devices such as Fitbit fitness trackers, Apple AirTags, and Neato vacuum cleaning robots.
She has previously spoken at Black Hat USA, DEF CON, RECon, Hardwear.io, Chaos Communication Congress, Chaos Communication Camp, Gulasch Programmer Nacht, MRMCDs, Easterhegg, Troopers, Pass the Salt, NotPinkCon, gave various lectures and training, and published at prestigious academic venues. Jiska Classen gave iOS and Android security trainings at TROOPERS, Nullcon, RE//verse, Countermeasure, and Objective by the Sea, and has teaching experience from creating own lectures and labs in academic settings.
Venue
This training will take place June 24, 2026 on-site at TROOPERS 2026 in Heidelberg.
Booking
As a BlackHoodie training, dedicated to women, this 1-day IoT training is free for all attendees! Furthermore, full-time students can apply for a free TROOPERS conference ticket. For further details, see the BlackHoodie website.
Topic Overview
- Introduction to embedded firmware and the Raspberry Pi Pico 2 W platform.
- Static analysis of Pico firmware using tools such as Ghidra and IDA.
- Flashing custom firmware onto a Raspberry Pi Pico 2 W.
- Debugging firmware using a second Pico for dynamic analysis.
- Manipulating control flow during debugging to trigger hidden functionality.
- Introduction to firmware emulation using Unicorn/QEMU.
- Partial emulation of firmware without any hardware.
Training Prerequisites
- Basic programming knowledge, ideally C/C++, but other languages will work as a base as well.
- Basic familiarity with command line tools.
- No prior embedded or hardware experience required.
What to Bring
- Laptop (Windows/Linux/macOS) with at least 8GB of RAM that can run Visual Studio Code with the Raspberry Pi Pico extension.
- Internet connection and permissions to install additional software.
- We will provide you with a Pico 2 W throughout the training, so no other hardware to bring from your side :)
Who should attend?
This training is aimed at anyone interested in firmware and IoT security, including up and coming pen testers, security or vulnerability researchers, or IoT device developers.