Claude Skill
BrownFineSecurity/iothackbot
IoT HackBot 提供用于混合物联网渗透测试的 Claude Skill 与定制 Python 工具集。使用这套专业集合对联网设备进行安全评估。
概览
仓库信息
安装这个 Skill
pip install colorama pyserial pexpect requestsRegistry 信息
pip install colorama pyserial pexpect requestsgit clone https://github.com/BrownFineSecurity/iothackbot.git
项目简介
IoT HackBot 是一个基于 Python 的仓库,提供了一套用于混合物联网渗透测试的 Claude Skill 集合与定制工具集,旨在对联网设备进行安全评估。
IoT HackBot: A collection of Claude Skills and custom tooling for hybrid IoT pentesting
要点
- 用于物联网安全的 Claude Skill 集合
- 用于渗透测试的定制工具
- 针对物联网设备的混合测试方法
- 基于 Python 实现
使用场景
- 物联网设备的安全评估
- 混合渗透测试工作流
- 自动化物联网安全检查
- 物联网渗透测试教育资源
README 摘要
# IoTHackBot Open-source IoT security testing toolkit with integrated Claude Code skills for automated vulnerability discovery. ## Overview IoTHackBot is a collection of specialized tools and Claude Code skills designed for security testing of IoT devices, IP cameras, and embedded systems. It provides both command-line tools and AI-assisted workflows for comprehensive IoT security assessments. ## Tools Included ### Network Discovery & Reconnaissance - **wsdiscovery** - WS-Discovery protocol scanner for discovering ONVIF cameras and IoT devices - **iotnet** - IoT network traffic analyzer for detecting protocols and vulnerabilities - **netflows** - Network flow extractor with DNS hostname resolution from pcap files - **nmap** (skill) - Professional network reconnaissance with two-phase scanning strategy ### Device-Specific Testing - **onvifscan** - ONVIF device security scanner - Authentication bypass testing - Credential brute-forcing ### Firmware & File Analysis - **chipsec** (skill) - UEFI/BIOS firmware static analysis - Detect known rootkits (LoJax, ThinkPwn, HackingTeam) - Generate EFI executable inventories with hashes - Decode firmware structure and extract NVRAM - **ffind** - Advanced file finder with type detection and filesystem extraction - Identifies artifact file types - Extracts ext2/3/4 and F2FS filesystems - Designed for firmware analysis ### Android Analysis - **apktool** (skill) - APK unpacking and resource extraction - Decode AndroidManifest.xml - Extract resources, layouts, strings - Disassemble to smali code - **jadx** (skill) - APK decompilation - Convert DEX to readable Java source - Search for hardcoded credentials - Analyze app logic ### Hardware & Console Access - **jtagprobe** - SWD/JTAG debug interfac
话题
暂无话题