Skip to main content

IoT-PT(Internet of Things Penetration Testing OS)

I would like to share a Virtual environment to Pentesting IoT devices in an easy way.Most of the questions that I got from Telegram group < https://t.me/iotsecurity1011 >. 

How to start IoT Security and any good resources 

I have made 3rd Opensource learning gift  from my side to learners and enthusiast it is IoT-PT Virtual OS 



---------------------------------------------------------------
/                                                             /
/    OS info and Requirements :  https://github.com/IoT-PTv   /
/    Base OS     : Lubuntu 18.04 LTS                          /
/    Processors  : 2 (By default 4)                           /
/    RAM         : 3GB (By default 8)                         /
/    VirtualBox 6+                                            /
/                                                             /
/    username : iotpt ; password : iot1                       /
---------------------------------------------------------------

why i created this VM?

Well IoT is coming to the new picture and unique way even the tools also major difference is there for pentesting the IoT devices. well the main problem is dependencies because multiple architectures which not support without proper dependencies.



Tools got installed in the OS please go through this link (tools link). Mainly we concentrated on the basis of the requirement like exploitation frameworks for IoT, and BLE hacking tools, Reverse engineering firmware (automated and dynamic), apk and iOS Application analysis, network related tools. 




List of the tools which is installed in the OS Version 1


Software Tools
Version
Link
IoT Penetration Testing Frameworks


Expliot Framework
v0.7.2
IoTSecFuzz
v1.0
Routersploit
v3.4.1
Firmware Reverse engineering Tools


binwalk
v2.2.0
firmwalker

FACT-core
v3.1-dev
flawfinder
v1.31
firmware modkit

r2ghidra-dec

trommel

Firmwareslap

angr

Dynamic Analysis Tools :


Qemu
v2.11.1
Qiling
v1.0-rc1
Firmadyne

Reverse Engineering Tools


Cutter
v1.10.0
ghidra
v9.0.4
radare2
v4.2.0
Bluetooth Tools


Bluez
v5.48
gattacker

bettercap
v2.26.1
btlejuice
v1.1.11
nrfconnect
v3.0.0
sniffle

Hardware Tools:


flashrom
v0.9.9-r1954
openocd
0.10.0
screen
v4.06.02
putty
v0.70
Android and iOS Analyzer Tools:


MobSF
v3.0
QARK
v4.0.0
Objection
v0.0.1
frida
v12.8.7
burpsuite
v2.1.07
Vulnerability Assessment Tools_


Openvas
v9
Radio Assessment Tool


rtl_433
19.08-159-gfd815c7
Network assessment Tools


Nmap
v7.60
masscan
v1.0.3
tshark
v2.6.10
Requirements


capstone

unicorn engine
v1.0.2rc3


Video Tutorials






Comments

Post a Comment

Popular posts from this blog

Dumping the Firmware from the device Using buspirate - SPI

One of the best way to get the firmware from the hardware While doing penetration testing there are scenarios in which we need to dump the firmware from the devices.This method is typically used when there are no firmware’s available from vendor site. Today we are going to show you how to dump the firmware from an Wireless router Binatone DT 850W Software and hardware Requirements: Buspirate Ubuntu 16.04 or any other Linux machine Flashrom tool SOIC cable pin 8 Buspirate connectors               This is a Wireless router from Binatone DT 850W which will be used as an example for dumping the firmware. Let’s us Analyze the Inside Device.You can see IC chips like  EEPROM, UART  pins and Ralink  CPU  and also some Other   IC  chips Let us focus mainly on the  EEPROM chip (winbond W25Q16). What is EEPROM : EEPROM (also written E2PROM and pronounced “e-e-prom”, “double-e-prom” or “e-squared-prom”) stands for electrically erasable program

VR Model P1 - 360 degree camera

This article is one of my very old assessment for fun i did (and it is done 2017) got it by recovering hard disk and assigned CVE ID - (CVE-2020-23512) . Here my target to  test 360 degree camera which trending in the IP camera world recently, what we going test model P1 VR camera. What is VR camera..? In photography, an omnidirectional camera (from "Omni", meaning all) is a camera with a 360-degree field of view in the horizontal plane, or with a visual field that covers (approximately) the entire sphere. Omnidirectional cameras are important in areas where large visual field coverage is needed, such as in panoramic photography and robotics. VR CAM P1 Proxy Eye Fisheye Camera IP 3D Vr 360 Degree Panoramic 960P Wi-Fi CCTV Camera With Sd Memory Card Slot Multi Viewing Mode Features of this VR CAMERA:    Brand VR CAM Model P1 Product Dimension 15 x 15 x 5 cm Resolution 960p Android/iOS Devices Additional Featur