We get it: Ads are not what you are here for. But ads help us keep the lights on. So, add us to your adblock's whitelist or register for free to remove this notice. Either way, you are supporting our journalism. We'd really appreciate it.
TROMMEL is a python tool which will help you to check embedded device files for potential vulnerabilities. It also has integrated vFeed which allows for further in-depth vulnerability analysis of identified indicators to enrich the output.
TROMMEL identifies the following indicators related to:
- Secure Shell (SSH) key files
- Secure Socket Layer (SSL) key files
- Internet Protocol (IP) addresses
- Uniform Resource Locator (URL)
- email addresses
- shell scripts
- web server binaries
- configuration files
- database files
- specific binaries files (i.e. Dropbear, BusyBox, etc.)
- shared object library files
- web application scripting variables, and
- Android application package (APK) file permissions.
- Python-Magic – See documentation for instructions for Python3-magic installation
- vFeed Database – For non-commercial use, register and download the Community Edition database
$ trommel.py --help
Output TROMMEL results to a file based on a given directory. By default, only searches plain text files.
$ trommel.py -p /directory -o output_file
Output TROMMEL results to a file based on a given directory. Search both binary and plain text files.
$ trommel.py -p /directory -o output_file -b
- The intended use of TROMMEL is to assist researchers during firmware analysis.
- TROMMEL has been tested using Python3 on Kali Linux x86_64.
- TROMMEL was written with the intent to help with identifying indicators that may contain vulnerabilities found in firmware of embedded devices.