Identify Potential Vulnerabilities Using TROMMEL

1 min read
Identify Potential Vulnerabilities Using TROMMEL

TROMMEL is a python tool which will help you to check embedded device files for potential vulnerabilities. It also has integrated vFeed which allows for further in-depth vulnerability analysis of identified indicators to enrich the output.

TROMMEL identifies the following indicators related to:

  • Secure Shell (SSH) key files
  • Secure Socket Layer (SSL) key files
  • Internet Protocol (IP) addresses
  • Uniform Resource Locator (URL)
  • email addresses
  • shell scripts
  • web server binaries
  • configuration files
  • database files
  • specific binaries files (i.e. Dropbear, BusyBox, etc.)
  • shared object library files
  • web application scripting variables, and
  • Android application package (APK) file permissions.


  • Python-Magic – See documentation for instructions for Python3-magic installation
  • vFeed Database – For non-commercial use, register and download the Community Edition database


$ --help

Output TROMMEL results to a file based on a given directory. By default, only searches plain text files.

$ -p /directory -o output_file

Output TROMMEL results to a file based on a given directory. Search both binary and plain text files.

$ -p /directory -o output_file -b


  • The intended use of TROMMEL is to assist researchers during firmware analysis.
  • TROMMEL has been tested using Python3 on Kali Linux x86_64.
  • TROMMEL was written with the intent to help with identifying indicators that may contain vulnerabilities found in firmware of embedded devices.

Download Link


🎉 You've successfully subscribed to Hack Hex!