By DYAI2025
IoT security testing toolkit with skills for firmware analysis, network reconnaissance, UEFI security, and device exploitation
Android APK unpacking and resource extraction tool for reverse engineering. Use when you need to decode APK files, extract resources, examine AndroidManifest.xml, analyze smali code, or repackage modified APKs.
Static analysis of UEFI/BIOS firmware dumps using Intel's chipsec framework. Decode firmware structure, detect known malware and rootkits (LoJax, ThinkPwn, HackingTeam, MosaicRegressor), generate EFI executable inventories with hashes, extract NVRAM variables, and parse SPI flash descriptors. Use when analyzing firmware .bin/.rom/.fd/.cap files offline without requiring hardware access.
Advanced file finder with type detection and filesystem extraction for analyzing firmware and extracting embedded filesystems. Use when you need to analyze firmware files, identify file types, or extract ext2/3/4 or F2FS filesystems.
IoT network traffic analyzer for detecting IoT protocols and identifying security vulnerabilities in network communications. Use when you need to analyze network traffic, identify IoT protocols, or assess network security of IoT devices.
Android APK decompiler that converts DEX bytecode to readable Java source code. Use when you need to decompile APK files, analyze app logic, search for vulnerabilities, find hardcoded credentials, or understand app behavior through readable source code.
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimBased on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
Executables (bin/) — files in this plugin's bin/directory are added to the Bash tool's PATH while the plugin is enabled.
Open-source IoT security testing toolkit with integrated Claude Code skills for automated vulnerability discovery.
IoTHackBot is a collection of specialized tools and Claude Code skills designed for security testing of IoT devices, IP cameras, and embedded systems. It provides both command-line tools and AI-assisted workflows for comprehensive IoT security assessments.
chipsec (skill) - UEFI/BIOS firmware static analysis
ffind - Advanced file finder with type detection and filesystem extraction
apktool (skill) - APK unpacking and resource extraction
jadx (skill) - APK decompilation
picocom (skill) - IoT UART console interaction for hardware testing
telnetshell (skill) - IoT telnet shell interaction
# Python dependencies
pip install colorama pyserial pexpect requests
# System dependencies (Arch Linux)
sudo pacman -S nmap e2fsprogs f2fs-tools python python-pip inetutils
# For other distributions, install equivalent packages
git clone https://github.com/BrownFineSecurity/iothackbot.git
cd iothackbot
export PATH="$PATH:$(pwd)/bin"
echo 'export PATH="$PATH:/path/to/iothackbot/bin"' >> ~/.bashrc
wsdiscovery 192.168.1.0/24
onvifscan auth http://192.168.1.100
onvifscan brute http://192.168.1.100
# Analyze PCAP file
iotnet capture.pcap
# Live capture
sudo iotnet -i eth0 -d 60
# Identify file types
ffind firmware.bin
# Extract filesystems (requires sudo)
sudo ffind firmware.bin -e
IoTHackBot is available as a Claude Code plugin, providing AI-assisted security testing with specialized skills.
| Skill | Description |
|---|---|
| chipsec | UEFI/BIOS firmware static analysis - malware detection, EFI inventory |
| apktool | Android APK unpacking and resource extraction |
| jadx | Android APK decompilation to Java source |
| ffind | Firmware file analysis with filesystem extraction |
| iotnet | IoT network traffic analysis |
| nmap | Professional network reconnaissance |
| onvifscan | ONVIF device security testing |
| picocom | UART console interaction |
| telnetshell | Telnet shell enumeration |
| wsdiscovery | WS-Discovery device discovery |
Option 1: Use directly during development
claude --plugin-dir /path/to/iothackbot
Option 2: Install as local marketplace (persistent)
Add to ~/.claude/settings.json:
{
"extraKnownMarketplaces": {
"iothackbot-local": {
"source": {
"source": "directory",
"path": "/path/to/iothackbot"
}
}
},
"enabledPlugins": {
"iothackbot": true
}
}
Then restart Claude Code for the settings to take effect.
Option 3: Project-specific setup
For use within a specific project, the skills are also available via the .claude/skills/ symlink for backwards compatibility.
All tools follow a consistent design pattern:
tools/iothackbot/*.py) - Command-line interface with argparsetools/iothackbot/core/*_core.py) - Core functionality implementing ToolInterfacebin/*) - Executable wrapper scriptsnpx claudepluginhub dyai2025/iothackbot --plugin iothackbotMulti-tentacled orchestrator using Double Diamond methodology. (v7.19.0) NEW: ALL 10 performance fixes - 95% probe success (up from 25%), rich progress display, result caching, progressive synthesis, timeout preservation, graceful degradation, enhanced errors. Cost transparency, session state persistence, 94% validation compliance, phase discussion, stub detection, quick mode, design system extraction. 29 expert personas, 30 commands, 35 skills. Commands '/octo:*'. Run /octo:setup for guided setup.
Self-learning system for Claude Code that captures corrections and updates CLAUDE.md automatically
Claude + Obsidian knowledge companion. Sets up a persistent, compounding wiki vault. Covers memory management, session notetaking, knowledge organization, and agent context across projects. Based on Andrej Karpathy's LLM Wiki pattern.
Plugin that includes the Figma MCP server and Skills for common workflows
BDI mental state modeling and cognitive architecture patterns for building rational agents with formal belief-desire-intention representations
Comprehensive skill pack with 66 specialized skills for full-stack developers: 12 language experts (Python, TypeScript, Go, Rust, C++, Swift, Kotlin, C#, PHP, Java, SQL, JavaScript), 10 backend frameworks, 6 frontend/mobile, plus infrastructure, DevOps, security, and testing. Features progressive disclosure architecture for 50% faster loading.
Lazy senior dev mode. Forces the simplest, shortest solution that actually works: YAGNI, stdlib first, no unrequested abstractions.
Develop, test, build, and deploy Godot 4.x games with Claude Code. Includes GdUnit4 testing, web/desktop exports, CI/CD pipelines, and deployment to Vercel/GitHub Pages/itch.io.
Harness-native ECC plugin for engineering teams - 67 agents, 278 skills, 94 legacy command shims, reusable hooks, rules, MCP conventions, and operator workflows for Claude Code plus adjacent agent harnesses
Binary reverse engineering, malware analysis, firmware security, and software protection research for authorized security research, CTF competitions, and defensive security
Comprehensive feature development workflow with specialized agents for codebase exploration, architecture design, and quality review