Tweet
Tool or Project Name: Cotopaxi
Short Abstract:
Cotopaxi is a set of tools for security testing of Internet of Things devices using specific network IoT/IIoT/M2M protocols (AMQP, CoAP, DTLS, gRPC, HTTP/2, HTCPCP, KNX, mDNS, MQTT, MQTT-SN, QUIC, RTSP, SSDP).
Short Developer Bio:
Jakub Botwicz, Ph.D. works as a security researcher in one of global investment banks. He has more than 17 years of experience in information security and previously worked in: one of the world's leading payment card service providers, Big4 consulting company and vendor of network encryption devices. Jakub holds a Ph.D. degree from Warsaw University of Technology. During the last 3 years he has reported more than 50 CVEs (security vulnerabilities) in publiccomponents - mainly IoT libraries.
URL to any additional information:
https://github.com/Samsung/cotopaxi/...aster/cotopaxi
Detailed Explanation of Tool:
Currently available tools used for security testing, like nmap or OpenVAS, do not support all new IoT protocols (e.g. CoAP, DTLS, HTCPCP, QUIC). So possibilities to test IoT products and discover such devices in tested networks are limited. We are working to fill this gap with the Cotopaxi toolkit.
New features in the release for DEF CON 2021 are:
Supporting Files, Code, etc:
https://pypi.org/project/cotopaxi/
Target Audience:
Offense, Defense, AppSec, IoT
Short Abstract:
Cotopaxi is a set of tools for security testing of Internet of Things devices using specific network IoT/IIoT/M2M protocols (AMQP, CoAP, DTLS, gRPC, HTTP/2, HTCPCP, KNX, mDNS, MQTT, MQTT-SN, QUIC, RTSP, SSDP).
Short Developer Bio:
Jakub Botwicz, Ph.D. works as a security researcher in one of global investment banks. He has more than 17 years of experience in information security and previously worked in: one of the world's leading payment card service providers, Big4 consulting company and vendor of network encryption devices. Jakub holds a Ph.D. degree from Warsaw University of Technology. During the last 3 years he has reported more than 50 CVEs (security vulnerabilities) in publiccomponents - mainly IoT libraries.
URL to any additional information:
https://github.com/Samsung/cotopaxi/...aster/cotopaxi
Detailed Explanation of Tool:
Currently available tools used for security testing, like nmap or OpenVAS, do not support all new IoT protocols (e.g. CoAP, DTLS, HTCPCP, QUIC). So possibilities to test IoT products and discover such devices in tested networks are limited. We are working to fill this gap with the Cotopaxi toolkit.
New features in the release for DEF CON 2021 are:
- Integration with Metasploit
- Extended set of corpuses for fuzzing and traffic classification
- Mutation-based features for server and client fuzzing
- New vulnerabilities in the database
- Checking availability of network services for supported IoT protocols at given IPs and port ranges ("service ping")
- Recognizing the software used by remote network server ("software fingerprinting") based on responses for given messages using machine learning classifier,
- Analysis of network traffic to identify network protocols used.
- Classification of IoT devices based on captured traffic samples.
- Discovering resources identified by given URLs ("dirbusting" of URLs or services)
- Performing black-box fuzzing of IoT protocols based on corpus of packets prepared using coverage-based fuzzer.
- Identifying known vulnerabilities.
- Detecting network traffic amplification (cases where network servers are responding with larger network messages than received requests).
Supporting Files, Code, etc:
https://pypi.org/project/cotopaxi/
Target Audience:
Offense, Defense, AppSec, IoT