Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/anirudhduggal/medaudit

A tool for auditing medical devices and healthcare infrastructure
https://github.com/anirudhduggal/medaudit

Last synced: about 2 months ago
JSON representation

A tool for auditing medical devices and healthcare infrastructure

Host: GitHub
URL: https://github.com/anirudhduggal/medaudit
Owner: anirudhduggal
License: apache-2.0
Created: 2019-03-23T13:30:00.000Z (almost 6 years ago)
Default Branch: master
Last Pushed: 2023-05-02T21:26:38.000Z (over 1 year ago)
Last Synced: 2024-08-05T17:38:34.957Z (5 months ago)
Language: Python
Size: 228 KB
Stars: 19
Watchers: 2
Forks: 5
Open Issues: 13
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

awesome-hacking-lists - anirudhduggal/medaudit - A tool for auditing medical devices and healthcare infrastructure (Python)

README

# MedAudit - 1.0
A tool for auditing medical devices and healthcare infrastructure. I wrote this tool becuase I could not find any tool that would help me assist in medical device auditing / pentesting.

I also added the support for web API so we can use the skill set of web application testing to test medical devices.

The tool is written to audit networks, protocols and infrastructure that runs in hospitals. At the time of writing this, the tools supports HL7 protocol.
The tool will support FHIR auditing in the near future.

Here are the features of the tool:
* HL7 message sender
* HL7 Scanner
* DOS Testing
* Traffic Analysis
* API Support for using Proxies (Burp, ZAP) and REST client (e.g. Postman)
* Fuzzer - Written by Adwait Joshi (https://github.com/AdvaitJ)

To understand Pen testing medical devices, these talks will help -
Blackhat Talk
HITB Talk
Nullcon Talk

A Screenshot of network analysis, the tool extracts HL7 traffic from a network capture file and point the message flow

**Installation**
The project runs on python 3 and uses Django, Bootstrap 2.

For using the tool, install python 3 first and then install pip.

Download the project/ unzip it.

cd src/

pip install –r requirements.txt

python manage.py runserver 8082

Open your browser and navigate to

http://127.0.0.1:8082/about/

You should see the GUI now.

A Screenshot of the interface

Using Postman

Postman is a client tool which can be used to send REST API requests. To use postman, install the software - https://www.getpostman.com/ . Then import the JSON collections in the Postman tool. You can then modify the parameters in a JSON format and send it forward to the device you are testing.