Genzai. The IoT Security Toolkit
The GitHub repository for Genzai, developed by umair9747, is focused on enhancing IoT security by identifying IoT-related dashboards and scanning them for default passwords and vulnerabilities.
📌Purpose and Functionality: Genzai is designed to improve the security of IoT devices by identifying IoT dashboards accessible over the internet and scanning them for common vulnerabilities and default passwords (e.g., admin: admin). This is particularly useful for securing admin panels of home automation devices and other IoT products.
📌Fingerprinting and Scanning Process: The toolkit fingerprints IoT products using a set of signatures from signatures.json. After identifying the product, it utilizes templates stored in its databases (vendor-logins.json and vendor-vulns.json) to scan for vendor-specific default passwords and potential vulnerabilities.
📌Supported Devices and Features: As of the last update, Genzai supports fingerprinting over 20 different IoT-based dashboards. It also includes templates to check for default password issues across these dashboards. Additionally, there are 10 vulnerability templates available, with plans to expand this number in future updates. Some of the IoT devices that can be scanned include wireless routers, surveillance cameras, human-machine interfaces (HMI), smart power controls, building access control systems, climate controls, industrial automation systems, home automation systems, and water treatment systems.
📌Updates and Contact Information: The repository indicates that Genzai is an actively maintained project, with plans for adding more vulnerability templates in the coming updates.