Skip to content
This repository has been archived by the owner. It is now read-only.
master
Switch branches/tags
Go to file
Code
This branch is 52 commits behind CERTCC:master.

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
lib
 
 
 
 
 
 
 
 
 
 

README.md

TROMMEL

TROMMEL sifts through embedded device files to identify potential vulnerable indicators.

TROMMEL identifies the following indicators related to:

  • Secure Shell (SSH) key files
  • Secure Socket Layer (SSL) key files
  • Internet Protocol (IP) addresses
  • Uniform Resource Locator (URL)
  • email addresses
  • shell scripts
  • web server binaries
  • configuration files
  • database files
  • specific binaries files (i.e. Dropbear, BusyBox, etc.)
  • shared object library files
  • web application scripting variables, and
  • Android application package (APK) file permissions.

TROMMEL has also integrated vFeed which allows for further in-depth vulnerability analysis of identified indicators.

Dependencies

Usage

$ trommel.py --help

Output TROMMEL results to a file based on a given directory

$ trommel.py -p /directory -o output_file

Notes

  • The intended use of TROMMEL is to assist researchers during firmware analysis.
  • TROMMEL has been tested using Python 2.7 on macOS Sierra and Kali Linux x86_64.
  • TROMMEL was written with the intent to help with identifying indicators that may contain vulnerabilities found in firmware of embedded devices.

References

About

This fork has been superseded by https://github.com/CERTCC/trommel

Resources

License

Releases

No releases published

Packages

No packages published

Languages