Expliot v0.10 releases: Internet Of Things Exploitation Framework

Internet Of Things Exploitation Framework

Expliot is a framework for security testing IoT and IoT infrastructure. It provides a set of plugins (test cases) and can be extended easily to create new plugins.

Changelog v0.10

  • Added plugin for generating CycloneDX SBOM from give firmware directory


  • sudo gem install bundler
  • sudo apt-get install ruby-dev
  • git clone https://gitlab.com/expliot_framework/expliot.git
  • cd expliot
  • bundle install


  • cd expliot
  • ./efconsole.rb
  • ef> run -h

There is obviously no silver bullet (read tool) that can cover(test) the whole IoT eco-system attack surface. Our aim with EXPLIoT is to reach as close as possible i.e. to cover as many IoT protocols, hardware platforms and products as possible. We will explain the coverage of the framework based on protocols and technologies including the what, why and how of each plugin.


Source: https://gitlab.com/expliot_framework/