Mobile Network Security and Pentesting: From 2G to 5G
Course Overview
This advanced training course equips participants with the knowledge and skills to analyze and exploit vulnerabilities across mobile networks, spanning legacy 2G/3G SS7/MAP, 4G Diameter, and modern 5G Core (5GC) architectures. With the rapid evolution of telecom infrastructures, mobile operators, regulators, and security professionals face growing challenges from sophisticated cyber threats.
Participants will gain hands-on experience using Kali Linux–based penetration testing frameworks customized for telecom environments, enabling them to perform attack simulations, signaling trace analysis, and exploitation of protocol weaknesses. The course emphasizes both offensive security techniques and defensive countermeasures, providing a balanced perspective on how adversaries exploit network flaws and how operators can strengthen network resilience, security compliance, and incident response.
Through practical labs and real-world scenarios, participants will build a strong foundation for detecting, analyzing, and mitigating threats such as subscriber tracking, SMS phishing (smishing), denial-of-service attacks (DDoS), and signaling-based data leakage. By the end of the course, participants will be equipped with actionable insights to enhance the security posture of multi-generation mobile networks in line with emerging 5G security standards and best practices.
Target Audience
- Experienced network engineers
- Core network tuning and optimization staff
- Telecom security specialists
- Professionals seeking to identify mobile network vulnerabilities and acquire practical pentesting skills
Duration & Training Format
- Classroom: 5 days
- LIVE Virtual: 35 hours
*Note:
- A minimum of 8 or more participants is required for a Classroom session to commence.
- A minimum of 6 or more participants is required for a LIVE Virtual session to commence.
- LIVE Virtual courses can be conducted for 5 hours or 7 hours daily. Please note that the number of training days will be extended if you opt for 5 hours daily.
Upcoming Course Dates
27 – 29 Apr 2026 (Mon – Wed), GMT +8
If you are keen on attending this course, please register your interest via our course enquiry form.
Course Outline
Module 1: SS7 and SIGTRAN Vulnerabilities
Overview: Explore legacy 2G/3G signaling protocols, their weaknesses, and how attackers exploit them
- Pentesting goals, mapping, and enumeration
- SS7/SIGTRAN stack: SCTP, M3UA, SCCP, TCAP, MAP, CAP
- Subscriber location tracking, profile manipulation, and Global Title attacks
- SMS spoofing, spamming, and CAMEL service exploitation
- GPRS data access vulnerabilities
Hands-on labs:
- Kali Linux pentesting environment setup
- Wireshark protocol analysis
- SCTP and Nmap scans against SIGTRAN nodes
Module 2: Diameter Vulnerabilities in LTE/4G
Overview: Deep dive into LTE signaling, Diameter protocol, and advanced attacks
- LTE architecture and roaming interconnect risks
- GSMA FS.19 attack categories (0–3)
- Real-world attack examples: session hijacking, subscriber impersonation
- IMSI catching and radio-level threats
Hands-on Labs:
- Diameter packet analysis with Wireshark
- Vulnerability exploitation scenarios
Module 3: Evolution to 5G Core Networks
Overview: Explore net-gen 5G Core Architecture, Service-based interfaces (SBI) and API security
- 5GC architecture: AMF, SMF, UDM, NRF, AUSF, PCF, SEPP
- NGAP, PFCP, GTP-C/U protocols
- Interworking between Diameter (LTE) and SBI (5G)
- API enumeration, fuzzing, and endpoint exploitation
- Privacy assessment: SUPI/IMSI exposure risks
Hands-on Labs:
- Deploying Open5GS and UERANSIM testbed
- NAS registration and session setup analysis
- PFCP fuzzing and GTP-U injection techniques
- Replaying and manipulating signaling messages
Module 4: Emerging Threats and IoT Security
- Multi-access Edge Computing (MEC) attack surface
- Network slicing vulnerabilities
- IoT integration risks in 5G ecosystems
- AI-driven threat detection in telecom
Module 5: Blue Team Defense and Mitigation
- SS7/Diameter/5G firewalls and intrusion detection
- Security-by-design principles for mobile networks
- Threat intelligence and proactive monitoring
- GSMA security guidelines and compliance
Hands-on Labs:
- Conduct a full-scope penetration test on a simulated 5G network environment:
- Map vulnerabilities
- Execute targeted exploits
- Document findings and propose mitigation strategies
Note: A Certificate of Completion will only be issued upon achieving at least 75% attendance for the course.
Pre-requisites
- Basic understanding of SS7/Sigtran protocols
- Familiarity with LTE/Diameter and 5G concepts
- Linux command-line basic knowledge
Testimonials
Be the first to add a review.
Related Courses
