https://github.com/nsm-barii/framework
IoT Explotation Framework
https://github.com/nsm-barii/framework
ble bluetooth iot mobile uart wifi
Last synced: 2 months ago
JSON representation
IoT Explotation Framework
- Host: GitHub
- URL: https://github.com/nsm-barii/framework
- Owner: NSM-Barii
- Created: 2025-12-16T19:30:55.000Z (6 months ago)
- Default Branch: main
- Last Pushed: 2026-04-13T22:22:43.000Z (2 months ago)
- Last Synced: 2026-04-14T00:29:06.037Z (2 months ago)
- Topics: ble, bluetooth, iot, mobile, uart, wifi
- Language: Python
- Homepage:
- Size: 5.91 MB
- Stars: 4
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# IoT Exploitation Framework
A comprehensive toolkit for security testing and vulnerability research on IoT devices through BLE, WiFi, and UART attack surfaces.
> ⚠️ **This project is actively in development.** New features and modules are being added regularly. Expect frequent updates and improvements.
---
## Features
- **BLE Exploitation**
- Wardriving with automatic data logging
- Device enumeration and GATT service dumping
- Connection spam attacks
- Fuzzing with customizable payloads
- **WiFi Attacks**
- SSID scanning and enumeration
- Client discovery from specific SSIDs
- Deauthentication attacks
- Beacon flooding with fake APs
- Evil twin / captive portal attacks
- WiFi wardriving mode
- **Network Security**
- Telnet bruteforce attacks
- **Hardware Protocols** *(Coming Soon)*
- UART interface testing
---
## Installation
### Quick Setup
```bash
# Clone the repository
git clone github.com/NSM-Barii/framework
cd framework/src
# Create and activate virtual environment
python3 -m venv venv
source venv/bin/activate
# Install Python dependencies
pip install -r requirements.txt
```
### Running the Framework
```bash
# Must run with sudo for BLE/WiFi access
sudo venv/bin/python3 main.py
# View help menu
sudo venv/bin/python3 main.py -h
```
---
## Dependencies
### BLE Modules
The BLE modules require BlueZ drivers for Bluetooth Low Energy support.
**Debian/Ubuntu:**
```bash
sudo apt-get install bluez bluez-tools libbluetooth-dev
```
**Arch Linux:**
```bash
sudo pacman -S bluez bluez-utils
```
### Evil Twin Attack
The Evil Twin module requires `hostapd` and `dnsmasq` for creating fake access points and captive portals.
**Debian/Ubuntu:**
```bash
sudo apt update && sudo apt install hostapd dnsmasq -y
```
**Arch Linux:**
```bash
sudo pacman -Syu && sudo pacman -S hostapd dnsmasq
```
---
## Usage
Run the framework without arguments to see the help menu:
```bash
sudo venv/bin/python3 main.py -h
```
### Command Structure
All commands use a **prefix system** to organize modules:
- **`-b*`** = BLE operations
- **`-w*`** = WiFi operations
- **Generic flags**: `-t`, `-m`, `-i`, `--channel`
---
### BLE Commands
**BLE Scanning:**
```bash
sudo venv/bin/python3 main.py -bs # Basic BLE scan
sudo venv/bin/python3 main.py -bsv -t 20 # Scan with vendor lookup, 20s timeout
```
**BLE Wardriving:**
```bash
sudo venv/bin/python3 main.py -bw # Wardriving mode
sudo venv/bin/python3 main.py -bwv # Wardriving with verbose output
```
**BLE Exploitation:**
```bash
sudo venv/bin/python3 main.py -bd -m # Dump GATT services
sudo venv/bin/python3 main.py -bc -m # Connection spam
sudo venv/bin/python3 main.py -bcp -m # Connection + pairing spam
sudo venv/bin/python3 main.py -bf -m # Fuzz all characteristics
```
**Advanced BLE Fuzzing:**
```bash
sudo venv/bin/python3 main.py -bft -m --send write --response 1
```
---
### WiFi Commands
**WiFi Scanning:**
```bash
sudo venv/bin/python3 main.py -ws -i wlan0 # SSID scan on wlan0
sudo venv/bin/python3 main.py -ws --channel 11 # SSID scan on channel 11
```
**WiFi Client Discovery:**
```bash
sudo venv/bin/python3 main.py -wc -i wlan0 # Sniff clients from specific AP
```
**WiFi Deauth Attack:**
```bash
sudo venv/bin/python3 main.py -wd --channel 6 # Deauth all clients
sudo venv/bin/python3 main.py -wd --dst # Deauth specific client
sudo venv/bin/python3 main.py -wd --reasons 1,6,7 # Custom reason codes
```
**WiFi Beacon Flood:**
```bash
sudo venv/bin/python3 main.py -wb 1 --channel 6 # Beacon flood (portal choice 1-3)
```
**WiFi Evil Twin:**
```bash
sudo venv/bin/python3 main.py -we 5 --channel 6 # Evil twin (portal 1-20)
```
**WiFi Wardriving:**
```bash
sudo venv/bin/python3 main.py -ww -i wlan0 # Wardrive mode (APs only)
sudo venv/bin/python3 main.py -ww --mode 2 # Wardrive mode (clients + non-beacon)
```
---
### Other Commands
**Telnet Bruteforce:**
```bash
sudo venv/bin/python3 main.py --telnet
```
---
### Generic Options
```bash
-t # Scan timeout (default: 10)
-m # Target MAC address
-i, --iface # Network interface (default: wlan1)
--channel # WiFi channel (default: 6)
--mode <1|2> # Wardrive mode: 1=APs only, 2=clients+non-beacon
--dst # Deauth destination MAC (default: broadcast)
--inter # Packet send interval
--loop # Packet send loop count
--count # Number of packets to send
--realtime # Enable realtime packet sending
--reasons # Deauth reason codes (comma-separated, default: 4,5,7,15)
```
---
## Project Structure
```
framework/
├── py_modules/
│ ├── main.py # Main entry point
│ ├── nsm_vars.py # Centralized configuration
│ ├── nsm_ble.py # BLE exploitation modules
│ ├── nsm_wifi.py # WiFi attack modules
│ ├── nsm_telnet.py # Telnet bruteforce
│ ├── nsm_database.py # Database operations
│ └── requirements.txt # Python dependencies
└── README.md
```
---
## Requirements
### Hardware
- Linux (Ubuntu/Debian/Arch recommended)
- Bluetooth adapter (for BLE testing)
- WiFi adapter with monitor mode support (for WiFi attacks)
### Software
- Python 3.8+
- BlueZ drivers (for BLE - see Dependencies)
- hostapd & dnsmasq (for Evil Twin - see Dependencies)
- Root/sudo access (required for low-level network operations)
---
## Disclaimer
This tool is intended for **authorized security research and testing only**. Unauthorized access to devices or networks is illegal. The author is not responsible for misuse of this framework.
---
## Author
**NSM-Barii**
---
## License
[Specify your license here]