Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/akamai-threat-research/mqtt-pwn
MQTT-PWN intends to be a one-stop-shop for IoT Broker penetration-testing and security assessment operations.
https://github.com/akamai-threat-research/mqtt-pwn
exploitation iot mqtt mqtt-broker mqtt-client python reconnaissance
Last synced: about 2 months ago
JSON representation
MQTT-PWN intends to be a one-stop-shop for IoT Broker penetration-testing and security assessment operations.
- Host: GitHub
- URL: https://github.com/akamai-threat-research/mqtt-pwn
- Owner: akamai-threat-research
- License: gpl-3.0
- Created: 2018-08-02T08:36:34.000Z (almost 6 years ago)
- Default Branch: master
- Last Pushed: 2023-02-23T14:45:14.000Z (over 1 year ago)
- Last Synced: 2024-02-07T00:56:24.309Z (5 months ago)
- Topics: exploitation, iot, mqtt, mqtt-broker, mqtt-client, python, reconnaissance
- Language: Python
- Size: 319 KB
- Stars: 315
- Watchers: 16
- Forks: 52
- Open Issues: 17
-
Metadata Files:
- Readme: README.rst
- License: LICENSE
Lists
- awesome-stars - akamai-threat-research/mqtt-pwn - MQTT-PWN intends to be a one-stop-shop for IoT Broker penetration-testing and security assessment operations. (Python)
- awesome-hacking-lists - akamai-threat-research/mqtt-pwn - MQTT-PWN intends to be a one-stop-shop for IoT Broker penetration-testing and security assessment operations. (Python)
- awesome-hacking-lists - mqtt-pwn - MQTT-PWN intends to be a one-stop-shop for IoT Broker penetration-testing and security assessment operations. (Python (1887))
- awesome-hacking-lists - mqtt-pwn - MQTT-PWN intends to be a one-stop-shop for IoT Broker penetration-testing and security assessment operations. (Python)
- IoTSecurity101 - MQTT-PWN
README
MQTT-PWN
========
.. image:: https://readthedocs.org/projects/ansicolortags/badge/?version=latest
:target: http://mqtt-pwn.readthedocs.io/?badge=latest
.. image:: https://img.shields.io/github/license/akamai-threat-research/mqtt-pwn.svg
:target: https://github.com/akamai-threat-research/mqtt-pwn/blob/master/LICENSE
.. image:: https://img.shields.io/badge/python-3%2E6-green.svg
:target: https://github.com/akamai-threat-research/mqtt-pwn/
.. image:: https://img.shields.io/badge/docker-friendly-blue.svg
:target: https://github.com/akamai-threat-research/mqtt-pwn/
MQTT is a machine-to-machine connectivity protocol designed as an extremely lightweight publish/subscribe
messaging transport and widely used by millions of IoT devices worldwide. MQTT-PWN intends to be a one-stop-shop
for IoT Broker penetration-testing and security assessment operations, as it combines enumeration,
supportive functions and exploitation modules while packing it all within command-line-interface
with an easy-to-use and extensible shell-like environment.
.. image:: https://raw.githubusercontent.com/akamai-threat-research/mqtt-pwn/master/docs/_static/images/another-logo-trans-bg-small.png
:target: https://github.com/akamai-threat-research/mqtt-pwn
Authors
-------
- `Daniel Abeles `_
- `Moshe Zioni `_
Feature Support
---------------
- Credential Brute-Forcer - configurable brute force password cracking to bypass authentication controls
- Topic Enumerator - establishing comprehensive topic list via continuous sampling over time
- Useful Information Grabber - obtaining and labeling data from an extensible predefined list containing known topics of interest
- GPS tracker - plotting routes from devices using OwnTracks app and collecting published coordinates
- Sonoff Exploiter – design to extract passwords and other sensitive information
- Extensibility - the framework was designed to add new custom plugins with ease
- Shodan - search through `Shodan.io` API for available vulnerable MQTT brokers
Documentation
-------------
Documentation is available at https://mqtt-pwn.readthedocs.io/.