NMAP PR #2397: IoTVAS connected device discovery and risk assessment script

[Behrang Fouladi <behrang () firmalyzer com>]

Hello,



I'd like to contribute a NSE script that enables nmap to perform accurate device discovery and risk assessment of 
IoT/connected devices such as IP cameras, printers and video conferencing devices. It does so by receiving the device 
network service banners (snmp, http, ftp, telnet and upnp) from nmap engine and submitting it to the Firmalyzer's 
IoTVAS API endpoint (link to the documentation and swagger UI : https://iotvas-api.firmalyzer.com/api/v1/docs) that 
provides the following data:



1- Device maker, model and firmware version

2- Device end of life status (discontinued by the vendor?)

3- Device firmware status (outdated firmware), along with current firmware and latest firmware release dates, name, 
download link and sha2 hash

4- List of CVEs associated with the device

5- Software Bill of material for the current (or latest) firmware version of the device, listing: component name (such 
as openssh, nginx, etc), version number and associated CVEs

6- List of default user accounts and password hashes of device firmware

7- List of crypto keys embedded in the device firmware

8- List of weak crypto keys (keys with short length) in the device firmware
9- List of weak or expired digital certificates in device firmware

10- List of weak default OS configuration settings in the firmware such as "telnet is enabled", etc



Please let me know if you require further information.


Thank you in advance,
Behrang Fouladi

CTO, Firmalyzer


Tel: +32470888909

Web: https://firmalyzer.com/

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/