Genzai. The IoT Security Toolkit

The GitHub ‎repository‏ ‎for ‎Genzai, developed ‎by ‎umair9747, ‎is‏ ‎focused ‎on‏ ‎enhancing‏ ‎IoT ‎security ‎by‏ ‎identifying ‎IoT-related‏ ‎dashboards ‎and ‎scanning ‎them‏ ‎for‏ ‎default ‎passwords‏ ‎and ‎vulnerabilities.

📌Purpose‏ ‎and ‎Functionality: ‎Genzai ‎is ‎designed‏ ‎to‏ ‎improve ‎the‏ ‎security ‎of‏ ‎IoT ‎devices ‎by ‎identifying ‎IoT‏ ‎dashboards‏ ‎accessible‏ ‎over ‎the‏ ‎internet ‎and‏ ‎scanning ‎them‏ ‎for‏ ‎common ‎vulnerabilities‏ ‎and ‎default ‎passwords ‎(e.g., ‎admin:‏ ‎admin). ‎This‏ ‎is‏ ‎particularly ‎useful ‎for‏ ‎securing ‎admin‏ ‎panels ‎of ‎home ‎automation‏ ‎devices‏ ‎and ‎other‏ ‎IoT ‎products.

📌Fingerprinting‏ ‎and ‎Scanning ‎Process: The ‎toolkit ‎fingerprints‏ ‎IoT‏ ‎products ‎using‏ ‎a ‎set‏ ‎of ‎signatures ‎from ‎signatures.json. ‎After‏ ‎identifying‏ ‎the‏ ‎product, ‎it‏ ‎utilizes ‎templates‏ ‎stored ‎in‏ ‎its‏ ‎databases ‎(vendor-logins.json‏ ‎and ‎vendor-vulns.json) ‎to ‎scan ‎for‏ ‎vendor-specific ‎default‏ ‎passwords‏ ‎and ‎potential ‎vulnerabilities.

📌Supported‏ ‎Devices ‎and‏ ‎Features: As ‎of ‎the ‎last‏ ‎update,‏ ‎Genzai ‎supports‏ ‎fingerprinting ‎over‏ ‎20 ‎different ‎IoT-based ‎dashboards. ‎It‏ ‎also‏ ‎includes ‎templates‏ ‎to ‎check‏ ‎for ‎default ‎password ‎issues ‎across‏ ‎these‏ ‎dashboards.‏ ‎Additionally, ‎there‏ ‎are ‎10‏ ‎vulnerability ‎templates‏ ‎available,‏ ‎with ‎plans‏ ‎to ‎expand ‎this ‎number ‎in‏ ‎future ‎updates.‏ ‎Some‏ ‎of ‎the ‎IoT‏ ‎devices ‎that‏ ‎can ‎be ‎scanned ‎include‏ ‎wireless‏ ‎routers, ‎surveillance‏ ‎cameras, ‎human-machine‏ ‎interfaces ‎(HMI), ‎smart ‎power ‎controls,‏ ‎building‏ ‎access ‎control‏ ‎systems, ‎climate‏ ‎controls, ‎industrial ‎automation ‎systems, ‎home‏ ‎automation‏ ‎systems,‏ ‎and ‎water‏ ‎treatment ‎systems.

📌Updates‏ ‎and ‎Contact‏ ‎Information:‏ ‎The ‎repository‏ ‎indicates ‎that ‎Genzai ‎is ‎an‏ ‎actively ‎maintained‏ ‎project,‏ ‎with ‎plans ‎for‏ ‎adding ‎more‏ ‎vulnerability ‎templates ‎in ‎the‏ ‎coming‏ ‎updates.