This tool aims to bring together a range of UPnP assessment features, enabling quick assessment with minimal configuration and set-up. It has been developed to aid security consultants in exploring, spoofing and manipulating of UPnP devices and the underlying protocols at work. It is intended as a proof of concept to be used for research purposes in a trusted environment.
Released as open source by NCC Group Plc - http://www.nccgroup.com/
Developed by David.Middlehurst (@dtmsecurity), david dot middlehurst at nccgroup dot com
https://github.com/nccgroup/UPnP-Pentest-Toolkit
Released under AGPL see LICENSE for more information
13/11/2014 Version 1.1
Download: https://github.com/nccgroup/UPnP-Pentest-Toolkit/raw/master/WinUPnPFun/bin/Release/UPT_1.1.zip
Simply launch the GUI. The tool should begin to identify UPnP devices on your network immediately. Click on a device node in the tree to enumerate services exposed by that device. Clicking 'Enumerate All Devices' will enumerate all services for all identified devices.
- .NET Framework 4 - https://www.microsoft.com/en-gb/download/details.aspx?id=17851
- ManagedUPnP Library - https://managedupnp.codeplex.com/
- PcapDotNet Library - https://pcapdotnet.codeplex.com/
- WinPcap - https://www.winpcap.org/