PentHerz blog

Articles, notes and feedbacks of our hardware and radio communication experiments.

TEACHertz - A new service infrastructure for high-quality online hardware trainings

The beginning of this year is particularly tough for everyone socially and economically. As a circumstance, many habits changed, and businesses moved to a format we are more familiar with as known as remote work. Of course, this format is considered to be degraded for courses by many people, and will probably never replace the same experience in-person trainings. But this crisis makes us think about existing solutions and new ways of improvements to fit everyone's needs as much as possible. This is why PentHertz also evolved in that direction to respond to its customers by testing and then building various platforms for teaching and consulting, even for the radiocommunications and hardware areas that normally require a physical presence. In this small post, we will show the directions taken by PentHertz to provide not only high-quality and but also very interactive remote trainings. Moreover, we will also introduce the TEACHertz infrastructure that every professional can benefit from our services to provide its own high-quality trainings in software as well as in hardware.

The online format

In this uncertain period, many conferences and trainings got canceled, but only few events, got the reflex to move to an online format, and so PentHertz too. Netherveless, it is a big challenge to provide such trainings in radiocommunications and hardware as it requires the right platform to bring the same experience when it comes to devices' manipulation and get feedbacks as with physical presence. Indeed, a training cannot be just theoric with a poor recording of what attendees should be able to do after the training. Its also a matter of sending inputs to targeted devices and observe the outputs to understand possible behaviors. But even doing all these efforts, some other experiences are and will always be missing in this online format. Indeed, there is a blog post Online Training Best Practices, written 3 days ago by Dmitry Nedospasov, that perfectly resumes all thoughts about this format and the differences in terms of interaction, when most of the question can be answered during coffee breaks in physical for example. In my personal experience doing trainings for over the past 12 years, including years when I was a computer sciences student, this will clearly be something that is and will always be missing. But as social people, we are and will always be open and happy to answer your questions in private via emails, private chats, or for later occasions in person.

Online trainings by PentHertz

The TEACHertz plateform

To respond to its customers and like everyone else, PentHertz tested many solutions to bring its services online. All of these tests during free time and some deliveries were the perfect occasions to take the best part of these solutions, and find ways to complete them with missing features by ourselves.

Past experiments with Google Meeting
Past experiments (example with Google Meeting)

In the middle of April, PentHertz got a mature vision of the requirements for its trainings:

  • a videoconference solution to be able to exchange with students;
  • share screens and cameras between attendees and the teacher in the same training session, not just one-way sharing;
  • features for teaching: slides upload and download, pollings for quizzes, drawing features on presentations, etc.;
  • the ability for participants to study captures, but also to interact with remote targets;
  • have more than one high-definition camera to show the behavior of the targets while interacting with them;
  • allows sessions recording;
  • and if possible with minimum software requirements: a computer with a browser, a VMware hypervisor to run all the tools, and SSH or OpenVPN client to interact with real target devices.

And so, out of all its experiments, PentHertz has developed the following infrastructure to fit all its requirements for online hardware trainings:

TEACHertz Architecture
The TEACHertz platform by PentHertz

The different key features of this infrastructure will be briefly explained in the following sections.

Training Sessions

Training sessions can be spawned and controlled by a hypervisor that instantiates a virtual isolated network, were a videoconference server and a socket tunnel will be mounted between this virtual network and a training lab to interact with targets: intercoms, alarms, and other IoT/embedded devices.

Training labs

A training lab is a physical place where attendees can play and interact with real-world devices by sending their own signals (RF, or other numeric signals) through a deployed secure channel. For the case of radio communication, we use the power of the ØMQ block to send a signal from a ZMQ push to a ZMQ pull sink:

ZeroMQ with GNU Radio
ZeroMQ blocks to push and receive signals

As simple as that on your side! And we take care of all the routing through our tunnels to reach the targets.

For other trainings related to hardware hacking only, we are still experiencing some possible bridges to port UART, I2C, SPI, and JTAG interfaces:

  • with dedicated computers as remote servers to interact with those interfaces
  • and playing with the GreatFet's GNU Radio blocks introduced by Kate Temkin and Mike Ossmann.
GreatFet GNU Radio
GreatFet's GNU Radio block from their supercon 2019 talk

Each attendee is provided with a VMware Virtual Machine that connects to the dedicated infrastructure to run all the tools, avoid complex setup, and start the course directly.


Putting targets in the training lab is the manual part where all used devices are relative to the course and transceivers are regrouped to let the attendees interact with them.

For private trainings, the attendees can also ask us if we can introduce specific targets to attack during the course. Everything is possible depending on our means!

Behaviors of targets are also filmed with a camera for the participants to have kind of the same feedback as it was performed in the same room.


For videoconferences, many solutions exist including open-source as commercial. By following the advice and feedback of many people, PentHertz gave a try on each relevant solution for its own services but also performed a few experiments allowing the company to build a complete and autonomous architecture.

To prevent, as much as possible, attendees from installing "crappy" and intrusive software, TEACHertz videoconference part uses WebRTC that has the advantage to run natively in a browser that supports HTML5. We are also aware of WebRTC limits when it comes to use multiple cameras in the same channel. That's why only the camera of the trainer will be displayed to the public, and separate channels will be created on the fly to follow attendees' progress.

TEACHertz visio conference
TEACHertz integrated videoconference

Every needed feature are already here:

  • access code per invitation;
  • user management;
  • presentation download and upload;
  • drawing boards;
  • screen(s) and camera(s) sharing;
  • individual rooms to see attendees' progression;
  • polling features for quizzes.

This part is based on BigBlueButton API, and contained in a template VM that is spawned, isolated, and configurated on the fly with all settings to secure the communication, but also to secure as much as possible the server (SIP default configurations, firewall, etc.). An optional backup Virtual Server is also spawned to directly forward attendees in case the main videoconference server is broken. Anyway, with or without backup server, a snapshot of the virtual machine is also created to restore the working state of the videoconference virtual machines if something happens.

Data privacy

The communication is performed with secure SSL and SSH tunnels (optionally VPN). Each virtual machine is generated at the start and deleted after each training session per day. So all information including personal files, conversation, and connection logs are automatically cleaned in our process.

Some sessions could be partially or fully recorded. Even if these records are not public, participants can choose to tell us if they want to share their screen and if they want it to be recorder or not.


The price of online training session is a bit more attractive, as all expenses relative to the location and services around. Moreover, you save the cost of your stay and your are also assured to make the course even if no one else took its ticket comparing to physical events where a course can happen only if a precise number person (depending of location and venue costs) attends the course.

Being able to predict the price, we can also provide you with early bird tickets for our grouped remote Live training events as it is the case for our RF Hacking with SDR for physical intrusion systems 3 days course in June, which is currently at a very attractive price (1 900€ without VAT) until the end of this month.

Our online trainings

We have actually one training that was made for online and in-person sessions: RF Hacking with SDR for physical intrusion systems. But as some people are also asking for it, we will also create an RF Hacking with Software-Defined Radio full-course of 4 days for an remote live format.

Other online video courses for teaching special parts will be also published online. It is not decided yet on which platform these recordings will be available, but we are also listening to your proposals.

Tailor-made trainings

Tailor mode trainings are available in person as in remote. So if you need more content than listed in our course, or want to pick just a few parts, you are welcome to contact us on

As a company specialized in radiocommunications and hardware, we can provide content for:

  • GPS: decoy attacks, limits, and defenses;
  • Bluetooth: attacks, fuzzing, and defenses;
  • Wi-Fi: attacking the differents protocols, fuzzing the protocol stack and analyzing the radio signal;
  • RFID/NFC: additional content and advanced techniques with SDR;
  • Hardware: additional content in hardware and practice to attack embedded systems;
  • Fuzzing and vulnerability research in embedded equipments in general;
  • etc.

Skills developpement

PentHertz is a consultancy firm, but also a training center registered in France under the number #11922328592 which aims help people finding or changing their job by developping new skills. The company delivers a certificate at the end of a training to award attendees after the successful completion a the taken program.

Will TEACHertz be accessible to other professionals?

TEACHertz is actually tested inside the company, but we will be able to share it with other professionals. You can already contact PentHertz with the following address to ask us for details:

Conclusion: TEACHertz, the infra that almost makes coffee

As you explained in this article, PentHertz has also been busy recently to experiment with new ways of providing services and adapt existing blocks of tools to integrate them into one autonomous solution. I hope this little post can help customers to choose their preferred format, and at the end, whether it is in person or in remote, PentHertz aims to provide high-quality services including consultancy and trainings. You can also contact the company with the following address if you have something in mind: