Posts
I’m actually not a fan of loud statements like “the best framework for IoT pentesting,” b…
August 2, 2025 at 8:11 PM•Max Knyazev is typing…Telegram mirror
I’m actually not a fan of loud statements like “the best framework for IoT pentesting,” because usually behind this lies either another list of not very well-thought-out scripts, or a Python crutch with three commands. But here I came across a framework that I really want to highlight -
IoT-PT v1
The guys from IoT-PTv have put together a tool that helps test the security of IoT devices at different levels. From regular fingerprinting to exploiting firmware, scanning services, analyzing protocols and reverse binaries. All this is wrapped in a logical architecture, with separate modules for each type of testing. And it really works. Doesn't look like a conference demo, but feels like something you've been sitting on for a really long time
💯
Everything runs on Linux, uses Python and Bash, and depends on a dozen classic utilities such as nmap, tshark, binwalk, gqrx and others. The documentation describes examples, flow, you can expand it to suit your tasks - and most importantly, everything is open source
Personally, I liked that the framework does not just collect existing tools, but makes them part of a single pipeline. That is, you don’t switch between a million tools manually, but can build a sequence of actions within one system. It saves time and nerves
⏱
IoT-PT v1 looks like a case where you don't have to jump through 20 different repositories to find the tools you need. I just downloaded one and went to break the hardware. And that's cool
#information_security
#internet_things
Open original post on TelegramThe guys from IoT-PTv have put together a tool that helps test the security of IoT devices at different levels. From regular fingerprinting to exploiting firmware, scanning services, analyzing protocols and reverse binaries. All this is wrapped in a logical architecture, with separate modules for each type of testing. And it really works. Doesn't look like a conference demo, but feels like something you've been sitting on for a really long time
Everything runs on Linux, uses Python and Bash, and depends on a dozen classic utilities such as nmap, tshark, binwalk, gqrx and others. The documentation describes examples, flow, you can expand it to suit your tasks - and most importantly, everything is open source
Personally, I liked that the framework does not just collect existing tools, but makes them part of a single pipeline. That is, you don’t switch between a million tools manually, but can build a sequence of actions within one system. It saves time and nerves
IoT-PT v1 looks like a case where you don't have to jump through 20 different repositories to find the tools you need. I just downloaded one and went to break the hardware. And that's cool
#information_security
#internet_things
Discussion
Comments
Comments are available only to confirmed email subscribers. No separate registration or password is required: a magic link opens a comment session.
Join the discussion
Enter the same email that you already used for your site subscription. We will send you a magic link to open comments on this device.
There are no approved comments here yet.