Skip to content

Latest commit

 

History

History
73 lines (60 loc) · 3.42 KB

v2.md

File metadata and controls

73 lines (60 loc) · 3.42 KB

Genzai

The IoT Security Toolkit

DescriptionFeaturesSetup & UsageAcknowledgementsContact Me

Buy Me A Coffee

v2 is here!

API Mode

The API mode lets you seamlessly integrate Genzai into your existing tools or pipelines, harnessing its power without the effort of writing any parsers.
The usage here is fairly simple. All you have to do is use the -api through the binary in order to deploy an API server on port 8585.

Example:

./genzai -api

The tool expects a JSON input in the request body in order to process the targets. Below is a cURL request which can help you in understanding the input format (please note that the targets expects an array, so you can provide as many assets as you want to scan):

curl -X POST http://localhost:8585/scan \
-H "Content-Type: application/json" \
-d '{"targets":["http://192.168.100.1/"]}'

The tool in-turn would have the following response body in case of a successful run with an actively discovered IoT product.

{
    "Results": [
        {
            "Target": "http://127.0.0.1:20080/",
            "IoTidentified": "Tenda WiFi Router",
            "category": "Router",
            "Issues": null
        }
    ],
    "Targets": [
        "http://127.0.0.1:20080/"
    ]
}

GUI Mode

Harnessing the power of Streamlit, we have developed a web-based GUI which provides the same level of reliability and power as the CLI!

All you have to do is run pip3 install -r requirements.txt in the Genzai-UI folder and then execute the run.sh file from the root folder and bang! Your GUI is ready to be used! 🚀

Recon Mode

Level up your game and run Genzai over a network using our Recon mode. This mode would look for active hosts over a network / subnet by pinging each IP and then run the tool agains the active ones. This feature has 3 flags associated with it.
  • -recon
    This bool flag is required whenever this mode has to be utilised.
  • -reconports
    By default the tool would run against port 80 on all the active hosts discovered over a network. If you'd like to go above and beyond and scan for custom ports as well, provide all ports separated by commas to this flag.
    Example:
    -reconports 8080,8443,8585
  • -subnet
    This flag lets you specify the subnet you'd like to scan. By default it scans for 192.169.1., but this can easily be modified by providing a custom one using this flag.
    Example:
    -subnet 10.0.0.