cotopaxi: Set of tools for security testing of Internet of Things devices

by do son · August 19, 2019

Cotopaxi

Set of tools for security testing of Internet of Things devices using protocols like CoAP, DTLS, HTCPCP, mDNS, MQTT, SSDP.

Tools in this package:

service_ping
server_fingerprinter
resource_listing
server_fingerprinter
protocol_fuzzer (for fuzzing servers)
client_proto_fuzzer (for fuzzing clients)
vulnerability_tester (for testing servers)
client_vuln_tester (for testing clients)
amplifier_detector

Protocols supported by different tools:

Tool	CoAP	DTLS	HTCPCP	mDNS	MQTT	SSDP
service_ping	☑	☑	☑	☑	☑	☑
server_fingerprinter	☑	☑
resource_listing	☑			☑		☑
protocol_fuzzer	☑	☑	☑	☑	☑	☑
client_proto_fuzzer	☑	☑	☑	☑	☑	☑
vulnerability_tester	☑	☑	☑	☑	☑	☑
client_vuln_tester	☑	☑	☑	☑	☑	☑
amplifier_detector	☑	☑		☑		☑

cotopaxi.service_ping

Tool for checking availability of network service at given IP and port ranges.

cotopaxi.server_fingerprinter

Tool for software fingerprinting of network servers at given IP and port ranges

Currently supported servers:

CoAP:
- aiocoap,
- CoAPthon,
- FreeCoAP,
- libcoap,
- MicroCoAP,
- Mongoose
- Wakaama (formerly liblwm2m)
DTLS:
- GnuTLS,
- Goldy,
- LibreSSL,
- MatrixSSL,
- mbed TLS,
- OpenSSL,
- TinyDTLS

cotopaxi.resource_listing

Tool for checking availability of resource named url on the server at given IP and port ranges. Sample URL lists are available in the urls directory

cotopaxi.protocol_fuzzer

Black-box fuzzer for testing protocol servers

cotopaxi.client_proto_fuzzer

Black-box fuzzer for testing protocol clients

cotopaxi.vulnerability_tester

Tool for checking vulnerability of network service at given IP and port ranges

cotopaxi.client_vuln_tester

Tool for checking vulnerability of network clients connecting to the server provided by this tool

cotopaxi.amplifier_detector

Tool for detection of network devices amplifying reflected traffic by observing the size of the incoming and outgoing size of packets