hardsploit 2.0.0

API for Hardsploit HW access

The essential security auditing tool for Internet of Things devices you'll need in your toolbox

---

Table of contents

1. About the project
2. Getting Started
   • Prerequisites
   • Installation
   • Add permission for non root user to use USB
3. Graphical User Interface
4. Technologies used
5. License

About the project Hardsploit is an innovative hardware security testing platform designed to aid security researchers, engineers, and auditors in analyzing and evaluating the security of hardware devices. Featuring a modular design, Hardsploit supports various interfaces like JTAG, SPI, I2C, and UART, allowing for extensive hardware testing and reverse engineering. Main security audit functions: Sniffer (Real-time communication monitoring) Scanner (Automatic detection of JTAG, SPI, I2C, and UART interfaces on target devices.) Injection (Data injection to test device responses.) Memory dumping (Extracting the contents of a chip memory) ... Features: Advanced Firmware Analysis: Detects and analyzes vulnerabilities in firmware. Hardware Exploit Tools: Tools to exploit detected vulnerabilities. Secure Firmware Update: Updates firmware while ensuring security and integrity. Enhanced User Interface: More intuitive and interactive interface. ... Supported communication protocols: UART (Universal Asynchronous Receiver-Transmitter) SPI (Serial Peripheral Interface) I2C (Inter-Integrated Circuit) JTAG (Joint Test Action Group) SWD (Serial Wire Debug) NRF24L01 (Work in progress) ...

Getting Started

This guide will help you quickly get started with Hardsploit, covering the necessary prerequisites and installation steps.

Pre-requisites

To be able to start using Hardsploit, make sure that you have the following prerequisites installed:

• Python v3.9 or later
• A Linux machine (tested on Ubuntu, Kali and Raspberry Pi OS)

Installation

1. Install the hardsploit API.

   pip install hardsploit



2. To learn more about how to use the API, check our Wiki

Add permission for non root user to use USB

1. Copy file in data folder to udevadm system folder /lib/udev/rules.d/.

   sudo cp data/50-Hardsploit.rules /lib/udev/rules.d/.



2. Verify that user is in plugdev group

   groups "user"



3. Else add user to plugdev groupe

   adduser "user" plugdev



4. Force system context reload

   sudo udevadm control --reload
sudo udevadm trigger
   

If this does not work then reboot.

Graphical User Interface

A more user friendly way to use Hardsploit!

You can find our GUI here!

Technologies used

This project has been developed using the following technologies:

• Python (Programming language used for project development.)
• Poetry (Dependency management tool for Python projects.)
• Pyusb (Library for USB access on Python, allowing easy communication with USB devices.)
• Colorama (Library for colored terminal text in Python, enhancing readability of console output.)

License

Hardsploit is licensed under *LGPLv3*. See the LICENSE file for more information.