heathen

HEATHEN – Internet Of Things Pentesting Framework.

Heathen IoT of Things Penetration Testing Framework developed as a research project, which automatically help developers and manufacturers build more secure products in the Internet of Things space based on the Open Web Application Security Project (OWASP) by providing a set of features in every fundamantal era.

heathen

HEATHEN – Internet Of Things Pentesting Framework.

Main Menu:
* Insecure Web Interface
* Insufficient Authentication/Authorization
[-] Ensure that any access requiring authentication requires strong passwords
[-] Ensure that user roles can be properly segregated in multi-user environments
[-] Implement two-factor authentication where possible
[-] Ensure password recovery mechanisms are secure
[-] Ensure that users have the option to require strong passwords
[-] Ensure that users have the option to force password expiration after a specific period
[-] Ensure that users have the option to change the default username and password
* Insecure Network Services
* Lack of Transport Encryption
* Privacy Concerns
* Insecure Cloud Interface
* Insecure Mobile Interface
* Insufficient Security Configurability
* Insecure Software/Firmware
* Poor Physical Security
[-] Ensure the device is produced with a minimal number of physical external ports (e.g. USB ports)
[-] Ensure the firmware of Operating System can not be accessed via unintended methods such as through an unnecessary USB port
[-] Ensure the product is tamper resistant
[-] Ensure the product has the ability to limit administrative capabilities in some fashion, possibly by only connecting locally for admin functions
[-] Ensure the product has the ability to disable external ports such as USB

Usage and download:

Source: https://github.com/chihebchebbi