IoT security testing and hacking tools for Claude Code
npx claudepluginhub brownfinesecurity/iothackbotIoT security testing toolkit with skills for firmware analysis, network reconnaissance, UEFI security, and device exploitation
Claude Code marketplace entries for the plugin-safe Antigravity Awesome Skills library and its compatible editorial bundles.
Production-ready workflow orchestration with 79 focused plugins, 184 specialized agents, and 150 skills - optimized for granular installation and minimal token usage
Curated collection of 141 specialized Claude Code subagents organized into 10 focused categories
Open-source IoT security testing toolkit with integrated Claude Code skills for automated vulnerability discovery.
IoTHackBot is a collection of specialized tools and Claude Code skills designed for security testing of IoT devices, IP cameras, and embedded systems. It provides both command-line tools and AI-assisted workflows for comprehensive IoT security assessments.
chipsec (skill) - UEFI/BIOS firmware static analysis
ffind - Advanced file finder with type detection and filesystem extraction
apktool (skill) - APK unpacking and resource extraction
jadx (skill) - APK decompilation
picocom (skill) - IoT UART console interaction for hardware testing
telnetshell (skill) - IoT telnet shell interaction
# Python dependencies
pip install colorama pyserial pexpect requests
# System dependencies (Arch Linux)
sudo pacman -S nmap e2fsprogs f2fs-tools python python-pip inetutils
# For other distributions, install equivalent packages
git clone https://github.com/BrownFineSecurity/iothackbot.git
cd iothackbot
export PATH="$PATH:$(pwd)/bin"
echo 'export PATH="$PATH:/path/to/iothackbot/bin"' >> ~/.bashrc
wsdiscovery 192.168.1.0/24
onvifscan auth http://192.168.1.100
onvifscan brute http://192.168.1.100
# Analyze PCAP file for IoT protocols
iotnet capture.pcap
# Live capture
sudo iotnet -i eth0 -d 60
# Extract flows from device with DNS resolution
netflows capture.pcap --source-ip 192.168.1.100
# Get just hostname:port list
netflows capture.pcap -s 192.168.1.100 --format quiet
# Identify file types
ffind firmware.bin
# Extract filesystems (requires sudo)
sudo ffind firmware.bin -e
IoTHackBot is available as a Claude Code plugin, providing AI-assisted security testing with specialized skills.
| Skill | Description |
|---|---|
| chipsec | UEFI/BIOS firmware static analysis - malware detection, EFI inventory |
| apktool | Android APK unpacking and resource extraction |
| jadx | Android APK decompilation to Java source |
| ffind | Firmware file analysis with filesystem extraction |
| iotnet | IoT network traffic analysis |
| netflows | Network flow extraction with DNS hostname resolution |
| nmap | Professional network reconnaissance |
| onvifscan | ONVIF device security testing |
| picocom | UART console interaction |
| telnetshell | Telnet shell enumeration |
| wsdiscovery | WS-Discovery device discovery |
Option 1: Use directly during development
claude --plugin-dir /path/to/iothackbot
Option 2: Install as local marketplace (persistent)
Add to ~/.claude/settings.json:
{
"extraKnownMarketplaces": {
"iothackbot-local": {
"source": {
"source": "directory",
"path": "/path/to/iothackbot"
}
}
},
"enabledPlugins": {
"iothackbot": true
}
}
Then restart Claude Code for the settings to take effect.
Option 3: Project-specific setup