umair9747/Genzai: The IoT security toolkit to help identify IoT related dashboards and scan them for default passwords and vulnerabilities

Genzai helps you identify IoT or Internet of Things related dashboards across a single or set of targets provided as an input and furthermore scan them for default password issues and potential vulnerabilities based on paths and versions.

An example would be an admin panel for a home automation device acceessible over the internet. The tool will firstly fingerprint the IoT (product) based on a set of signatures from signatures.json and then based on the product identified, and the relevant templates in its DBs (vendor-logins.json and vendor-vulns.json), scan it for vendor-specific default passwords like admin:admin as well as look for any potential vulnerabilities.

Genzai currently supports fingerprinting over 20 IoT-based dashboards and has the same amount of templates to look for default password issues across them. It currently has a total of 10 vulnerability templates which will increase with coming updates.

With Genzai, you can fingerprint the IoT Product running over a target based on the HTTP response received through it. With a support of 20 templates and counting, Genzai can look for categories such as:

• Wireless Router
• Surveillance Camera
• HMI or Human Machine Interface
• Smart Power Control
• Building Access Control System
• Climate Control
• Industrial Automation
• Home Automation
• Water Treatment System

Based on the IoT product identified and the presence of a relevant template in Vendor Logins DB, Genzai will also check if the target is still using a vendor-specific default password considering how several devices across the internet still use a default password letting anyone to log in as an administrative user.

Genzai has been or will be noticed at,

• Black Hat Asia 2024 [Arsenal]
• GISEC Armory Edition 1 Dubai 2024

If you have any questions or feedback about Genzai or just want to connect with me, feel free to reach out via LinkedIn or Email.