We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

Demo Labs - Cotopaxi

83
 Cite
 Share
 Download
 Purchase
No logo availableDEF CON
 Botwicz, Jakub

Formal Metadata

Title
Demo Labs - Cotopaxi
Subtitle
IoT protocols testing toolkit
Title of Series
Number of Parts
374
Author
License
CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
Cotopaxi is a set of tools for security testing of Internet of Things devices using specific network IoT/IIoT/M2M protocols (e.g. AMQP, CoAP, MQTT, DTLS, mDNS, QUIC). These tools will be used by penetration testers and/or security researchers to identify IoT services and verify security vulnerabilities or misconfigurations. Based on recent publications, including a report from Trend Micro (https://www.trendmicro.com/vinfo/us/...tion-protocols), new IoT protocols are widely used both in public networks and in industrial environments. Unfortunately, in most cases those servers are not configured properly or use outdated components. Currently available tools used for security testing, like nmap or OpenVAS, do not support all new IoT protocols (e.g. AMQP, CoAP, MQTT, DTLS, mDNS, QUIC). So possibilities to test IoT products and discover such devices in tested networks are limited. We are working to fill this gap with Cotopaxi toolkit.