
Product
Announcing Precomputed Reachability Analysis in Socket
Socket’s precomputed reachability slashes false positives by flagging up to 80% of vulnerabilities as irrelevant, with no setup and instant results.
Set of tools for security testing of Internet of Things devices using specific network protocols.
.d8888b. 888 d8b
d88P Y88b 888 Y8P
888 888 888
888 .d88b. 888888 .d88b. 88888b. 8888b. 888 888 888
888 d88""88b 888 d88""88b 888 "88b "88b 'Y8bd8P' 888
888 888 888 888 888 888 888 888 888 .d888888 X88K 888
Y88b d88P Y88..88P Y88b. Y88..88P 888 d88P 888 888 .d8""8b. 888
"Y8888P" "Y88P" "Y888 "Y88P" 88888P" "Y888888 888 888 888
888
888
888
Set of tools for security testing of Internet of Things devices using protocols: AMQP, CoAP, DTLS, HTCPCP, HTTP, HTTP/2, gRPC, KNX, mDNS, MQTT, MQTT-SN, QUIC, RTSP, SSDP.
Cotopaxi uses GNU General Public License, version 2: https://www.gnu.org/licenses/old-licenses/gpl-2.0.en.html
Cotopaxi toolkit is intended to be used only for authorized security testing!
Some tools (especially vulnerability tester and protocol fuzzer) can cause some devices or servers to stop acting in the intended way -- for example leading to crash or hang of tested entities or flooding with network traffic another entities.
Make sure you have permission from the owners of tested devices or servers before running these tools!
Make sure you check with your local laws before running these tools!
To install minimal Cotopaxi version (without Machine Learning and development tools):
pip install cotopaxi
Almost complete installation (without scapy-ssl_tls required for DTLS support):
pip install cotopaxi[all]
For more detailed documentation about installation see: Installation Guide
If you want to use Cotopaxi tools from Metasploit see: Metasploit integration
Machine learning classificator used in the device_identification tool was trained using corpus "IMC 2019 payload dataset" provided by authors of the following paper:
Title: Information Exposure for Consumer IoT Devices: A Multidimensional, Network-Informed Measurement Approach Authors: Jingjing Ren, Daniel J. Dubois, David Choffnes, Anna Maria Mandalari, Roman Kolcun, Hamed Haddadi Venue: Internet Measurement Conference (IMC) 2019 URL: https://moniotrlab.ccis.neu.edu/imc19dataset/
We would like to thank above listed authors for sharing this corpus!
Protocols supported by different tools (left box describes working implementation in Python 2 and right one for Python 3):
Tool | AMQP | CoAP | DTLS | HTCPCP | HTTP/2 | gRPC | KNX | mDNS | MQTT | MQTT-SN | QUIC | RTSP | SSDP |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
service_ping | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ |
server_fingerprinter | ☐☐ | ☑☑ | ☑☑ | ☐☐ | ☐☐ | ☐☐ | ☐☐ | ☐☐ | ☐☐ | ☐☐ | ☐☐ | ☐☐ | ☐☐ |
device_identification | ☐☑ | ☐☑ | ☐☑ | ☐☑ | ☐☐ | ☐☐ | ☐☐ | ☐☑ | ☐☑ | ☐☑ | ☐☑ | ☐☑ | ☐☑ |
traffic_analyzer | ☐☑ | ☐☑ | ☐☑ | ☐☑ | ☐☑ | ☐☑ | ☐☑ | ☐☑ | ☐☑ | ☐☑ | ☐☑ | ☐☑ | ☐☑ |
resource_listing | ☐☐ | ☑☑ | N/A | ☐☐ | ☐☐ | ☐☐ | ☐☐ | ☑☑ | ☐☐ | ☐☐ | N/A | ☑☑ | ☑☑ |
protocol_fuzzer | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ |
client_proto_fuzzer | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ |
vulnerability_tester | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ |
client_vuln_tester | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ | ☑☑ |
amplifier_detector | N/A | ☑☑ | ☑☑ | N/A | N/A | N/A | N/A | ☑☑ | N/A | ☑☑ | ☑☑ | N/A | ☑☑ |
active_scanner | ☐☐ | ☐☐ | ☑☑ | ☐☐ | ☐☐ | ☐☐ | ☐☐ | ☐☐ | ☐☐ | ☐☐ | ☐☐ | ☐☐ | ☐☐ |
For more detailed documentation of each tool see: Tools
Vulnerabilities identified by Cotopaxi team, that can be tested using Cotopaxi:
Other vulnerabilities supported by Cotopaxi:
New vulnerabilities can be easily added to the database in vulnerabilities.yaml and payloads in cotopaxi/vulnerabilities//<payload.raw>.
There are some known issues or limitations caused by using scapy as network library:
See more at: https://scapy.readthedocs.io/en/latest/troubleshooting.html#
For more detailed information about development of Cotopaxi see: Development guide
FAQs
Set of tools for security testing of Internet of Things devices using specific network protocols.
We found that cotopaxi demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Socket’s precomputed reachability slashes false positives by flagging up to 80% of vulnerabilities as irrelevant, with no setup and instant results.
Product
Socket is launching experimental protection for Chrome extensions, scanning for malware and risky permissions to prevent silent supply chain attacks.
Product
Add secure dependency scanning to Claude Desktop with Socket MCP, a one-click extension that keeps your coding conversations safe from malicious packages.