HomePWN: IoT device security check

The HomePwn is an open source program that aims to control both home and business devices for security gaps.



The HomePwn it has a modular architecture so that the user can expand its database on different techniques. It is divided into different categories:

Discovery modules: These modules provide functions related to the network discovery stage, regardless of the technology to be used. For example, it can be used to scan WiFi through an adapter in monitoring, the realization of BLE, Bluetooth Low-Energy device detection, but what other devices are near us. It can also be used to discover IoT services in the home or office that use protocols such as SSDP or Simple Service Discovery Protocol and MDNS or Multicast DNS.

Specific modules: Today, HomePwn can perform pentests on technologies such as WiFi, NFC or BLE. In other words, there are modules for each of these technologies in which different known ones are applied or different techniques to assess its security level s that implements and communicates with these types of technologies.

Installation and use

git clone https://github.com/Telefonica/HomePWN

cd HomePWN


source homePwn/bin/activate

sudo python3 homePwn.py


Application snapshots

HomePwn. Bluetooth Low-Energy PoC & Hacking



HomePwn. Bluetooth Spoofing



HomePwn. NFC Clone


HomePwn. BLE capture on PCAP file ()


HomePwn. Apple BLE Discovery



Video guides






You can download the program from here.

iGuRu.gr The Best Technology Site in Greecefgns

HomePWN, iot, iguru

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).