Updated on September 9, 2020 at 12:23 am

Just put out an early version of the tool Firmwalker. This initial version is meant to find things of interest in the extracted or mounted firmware file system. It will search for things like:

  • etc/shadow and etc/passwd
  • list out the etc/ssl directory
  • search for SSL related files such as .pem, .crt, etc.
  • search for configuration files
  • look for script files
  • search for other .bin files
  • look for keywords such as admin, password, remote, etc.
  • search for common web servers used on IoT devices
  • search for common binaries such as ssh, tftp, dropbear, etc.