Why IoTSploit?

IoTSploit is a cybersecurity testing framework that modularizes testing scripts and hardware, enabling security assessments of various IoT devices. It provides a comprehensive suite of tools and features to identify vulnerabilities and ensure the robustness of IoT systems against potential threats.

Vulnerability Detection

Built-in tools to identify common IoT device vulnerabilities.

Smart

Intuitive and user-friendly interface for effortless security testing.

Modular Design

Flexibly integrate and swap out testing scripts and hardware.

Multi-Transport

Supports a variety of IoT protocols like UART, JTAG, and BLE

Community

Offers detailed documentation and strong community support.

Automation Features

Enables automated and repeatable testing processes.

Hardware Modularity

Leveraging the versatile M2 KEYE slot, IoTSploit enables seamless integration of diverse hardware modules. This adaptability ensures the toolkit evolves alongside emerging IoT technologies and security challenges.

Dual Interface

Power users get a Cmd2-powered REPL shell (scan devices, initialize devices, execute plugin, etc.) while makers and managers enjoy a Flutter-based dashboard on desktop or mobile.

Command Line Flutter UI

Plugin Management

IoTSploit features a powerful plugin system built on Python that lets you extend the platform with custom security testing modules. The intuitive management interface makes it easy to discover, execute, and develop plugins for testing IoT devices.

Modular design with pluggable interfaces
Extensive library of security testing plugins
Custom plugin development with Python API
Real-time results with execution status tracking

Focus on Python, Forget the UI

Write pure Python security testing plugins and let IoTSploit automatically generate beautiful user interfaces. No frontend code needed!

Automatic UI Generation

Define parameters in your Python plugin and watch IoTSploit automatically create input fields, toggles, and controls in the Flutter UI.

Real-time Result Visualization

Return structured data from your Python plugins and see it automatically rendered as tables, charts, and status indicators.

Seamless Integration

New plugins are instantly available in both command-line and Flutter interfaces without any additional configuration.

class AdbSecurityCheckPlugin(BasePlugin):
    def __init__(self):
        super().__init__({
            'Name': 'ADB Security Check',
            'Description': 'Performs security checks on an Android device',
            'License': 'GPL',
            'Author': ['iotsploit'],
            'Parameters': {
                'device_serial': {
                    'type': 'string',
                    'required': False,
                    'description': 'ADB device serial number',
                    'default': '2fd1f89'
                },
                'try_root': {
                    'type': 'bool',
                    'required': False,
                    'description': 'Attempt to gain root access',
                    'default': False
                }
            }
        })
    
    @hookimpl
    def execute(self, target=None, parameters=None) -> ExploitResult:
        # Your plugin logic here
        return ExploitResult(True, "Test completed", {"status": "success"})
                

IoTSploit Mobile App

Control & Monitor on the Go

The IoTSploit Mobile App provides a convenient and powerful interface to control your IoT security testing from anywhere. Connect to your IoTSploit devices remotely and monitor testing results in real-time.

iOS & Android Compatible

Real-time Analytics

Remote Device Control

Push Notifications

Hardware Technical Specifications

Motherboard

The IoTSploit motherboard is engineered for maximum flexibility and connectivity, providing the perfect foundation for your IoT security testing arsenal.

100M Ethernet Switch

High-speed network connectivity for testing and monitoring IoT devices

USB 2.0 HUB

Multiple USB ports for connecting peripherals and test modules

3 M.2 Key E Slots

Expandable architecture for adding specialized daughter boards

Daughter Boards

LPC4330 Board

Daughter Board A

Advanced microcontroller board utilizing the LPC4330 processor for USB simulation capabilities.

USB Simulation: HID, Mass Storage, CDC
Bad USB Attack: Built-in capability
Processing: Dual-core ARM Cortex-M4/M0

ESP32 Board

Daughter Board B

Wireless connectivity module powered by ESP32 for WiFi and Bluetooth-based IoT security assessments.

WiFi: 2.4GHz with monitor mode
Bluetooth: BLE 4.2 support
Antenna: External antenna connector

FPGA Board

Daughter Board C

Versatile FPGA-based logic analyzer for capturing and analyzing IoT device signals and protocols.

Logic Analyzer: 16 channel, 100MHz
Protocol Decoding: I2C, SPI, UART, CAN
Memory: 128MB DDR for signal capture

IoTSploit NXP Board

Powerful Hardware for IoT Security Testing

The IoTSploit NXP Board is a comprehensive hardware platform designed for advanced IoT security testing featuring USB simulation capabilities, Bad USB attacks, and integrated logic analyzer functionality.

USB Simulation & Bad USB

Integrated Logic Analyzer

Support GUI Control, Easy to Use

M.2 KEYE Expansion Slot