| IoT Penetration testing Framework |
|---|
| 1.IoTSecFuzz |
| 2.Expliot Framework |
| 3.Routersploit |
| Firmware Reverse engineering : |
|---|
| 1. binwalk |
| 2. firmwalker |
| 3. FACT-core |
| 4. radare2 |
| 5. capstone |
| 6. angr |
| 7. flawfinder |
| 8. firmware modkit |
| 9. r2ghidra-dec |
| Firmware emulating: |
|---|
| 1. FAT tool |
| 2. Qemu |
| 3. Qiling |
| 4. Firmadyne |
| BluetoothTool | Hardware Requirements |
|---|---|
| Gattacker | CSR 4.0 |
| Bluez | CSR 4.0 |
| bettercap | CSR 4.0 |
| btlejuice | CSR 4.0 |
| nrfconnect | NRF52840 |
| sniffle | TI CC1352R |
| Hardware: |
|---|
| 1.flashrom |
| 2.openocd |
| Apk Analyzers: |
|---|
| 1.MobSF |
| 2.QARK |
| 3.Objection |
https://owasp.org/www-project-embedded-application-security/migrated_content
-
Gattacker
Description:A Node.js package for BLE (Bluetooth Low Energy) Man-in-the-Middle & more.
-
Running Gattacker
-
Running Gattacker
- Btlejuice
Description:BtleJuice is a complete framework to perform Man-in-the-Middle attacks on Bluetooth Smart devices (also known as Bluetooth Low Energy)"BtleJuice is composed of two main components: an interception proxy and a core. These two components are required to run on independent machines in order to operate simultaneously two bluetooth 4.0+ adapters"
-
Running btlejuice
-
btlejuice-proxy (in vm)
-
btlejuice -u (ip address) -w (host linux)
-
localhost:8080 (in any web browser - host machine)
-
bettercap
Description:The Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and MITM attacks
- bettercap
- ble.recon on (recon the devices)
- ble.recon off (stopr the recon)
- ble.show (to see all scanned devices surrounded by us)
- ble enum (bd addr)
-
sudo bettercap -caplet https-ui (for web ui)
- FACT Tool (Firmware analysis comparison toolkit)
Description: Firmware Analysis and Comparison Tool (formerly known as Fraunhofer's Firmware Analysis Framework (FAF)) is intended to automate most of the firmware analysis process. It unpacks arbitrary firmware files and processes several analysis. Additionally, it can compare several images or single files.
- FACT UI (after running script ui will load at https://127.0.0.1:5000)
Flashrom
Desscription: Flashrom is a utility for detecting, reading, writing, verifying and erasing flash chips. It is often used to flash BIOS/EFI/coreboot/firmware images in-system using a supported mainboard, but it also supports flashing of network cards (NICs), SATA controller cards, and other external devices which can program flash chips
Openocd
Description: OpenOCD is a free software on-chip debugging, in-system programming and boundary-scan testing tool for various ARM, MIPS and RISC-V
expliot framework
Description: 'Expliot is a framework for security testing IoT and IoT infrastructure. It provides a set of plugins (test cases) and can be extended easily to create new plugins. The name expliot is a pun on exploit and explains the purpose of the framework i.e. IoT exploitation. It is developed in python3'
IoTSecFuzz
Description: IoTSecFuzz(ISF) was created with the aim of combining the maximum number of utilities for comprehensive testing of IoT device security at all levels of implementation. It has a convenient console in order to use it as a stand-alone application, as well as the ability to import it as a library.The key aspects of the tool has become a flexible modular system with the ability to add your own modules and combine them.
Routersploit
Description: The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices.
