PENIOT is a pentesting tool for Internet of Things (IoT) devices. It helps you test/penetrate your devices by targeting their internet connection with different types attacks security.
In other words, you can expose your device to active and passive security attacks. Once you have decided on the target device and the necessary information (or parameters) of this device, you can perform active security attacks, such as changing / consuming system resources, playing valid communication modules, and so on.
You can also carry out passive security attacks, such as breaching the confidentiality of important information or achieving traffic analysis.
Thanks to PENIOT, all these operations can be semi-automated or even fully automated. Briefly, PENIOT is a package / framework to target IoT devices with protocol-based security attacks.
It also gives you a basic structure for your further penetrations for new security attacks or new IoT protocols.
One of the most important features of PENIOT is that it is scalable. By default, it has many common IoT protocols and many security attacks associated with these protocols. But, it can be further expanded by exporting the basic structure of components used internally, so that you can develop your attacks in harmony with the internal structure of PENIOT.
What does PENIOT provide?
First of all, PENIOT provides innovation. It is one of the first examples of pentesting tools in the IoT class. There are only one or two similar tools that are specialized in IoT, but are still in development, so they are not yet complete.
Since the number of IoT devices is increasing drastically, IoT devices are becoming more and more common in our daily lives. The smart ones homea, smart bicycles, medical sensors, fitness trackers, smart locks and connected factories are just a few examples of IoT products. With this in mind, we felt the need to select some of the most commonly used IoT protocols to install in PENIOT by default.
We have selected the following protocols as the default IoT protocols included in PENIOT.
Currently supported:
- Advanced Message Queue Protocol ( AMQP)
- Low Bluetooth power ( CORN)
- Restriction Implementation Protocol ( CoAP)
- Transfer telemetrymessage queue ( MQTT)
Installation instructions
$ git clone git@github.com: yakuza8 / peniot.git $ cd peniot $ python setup.py install