HomePwn is a framework that provides features to audit and pentesting devices that company employees can use in their day-to-day work and inside the same working environment.
It is designed to find devices in the home or office, take advantage of certain vulnerabilities to read or send data to those devices. With a strong library of modules you can use this tool to load new features and use them in a vast variety of devices.
HomePwn has a modular architecture in which any user can expand the knowledge base about different technologies. Principally it has two different components:
Also Read – FOCA : Tool To Find Metadata & Hidden Information In The Documents
Installing All Requisites
To install all dependencies in Ubuntu 18.04 or derivatives use the file install.sh
> sudo apt-get update
> sudo ./install.sh
The script ask you if you want to create a virtualenv, if your answer is ‘y’ then it installs python libraries within the virtual environment, if not in the system itself
To run the script, if you chose a virtual environment in the installation follow execute the next command to activate the virtual environment:
> source homePwn/bin/activate
Launch the application:
> sudo python3 homePwn.py
Here are some videos to see how the tool works.
HomePwn. Bluetooth Low-Energy PoC & Hacking
HomePwn. Bluetooth Spoofing
HomePwn. NFC Clone
HomePwn. BLE capture on PCAP file (sniffing)
HomePwn. QR Options hack
HomePwn. Apple BLE Discovery
HomePwn. Xiaomi IoT Advertisement
Disclaimer!
THE SOFTWARE (for educational purpose only) IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
bomber is an application that scans SBOMs for security vulnerabilities. So you've asked a vendor…
Embed a payload within a PNG file by splitting the payload across multiple IDAT sections.…
Exploit-Street, where we dive into the ever-evolving world of cybersecurity with a focus on Local…
Shadow Dumper is a powerful tool used to dump LSASS (Local Security Authority Subsystem Service)…
shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…
Extract and execute a PE embedded within a PNG file using an LNK file. The…