Together, towards a better future

Identify Potential Vulnerabilities Using TROMMEL

1 min read
Identify Potential Vulnerabilities Using TROMMEL

TROMMEL is a python tool which will help you to check embedded device files for potential vulnerabilities. It also has integrated vFeed which allows for further in-depth vulnerability analysis of identified indicators to enrich the output.

TROMMEL identifies the following indicators related to:

  • Secure Shell (SSH) key files
  • Secure Socket Layer (SSL) key files
  • Internet Protocol (IP) addresses
  • Uniform Resource Locator (URL)
  • email addresses
  • shell scripts
  • web server binaries
  • configuration files
  • database files
  • specific binaries files (i.e. Dropbear, BusyBox, etc.)
  • shared object library files
  • web application scripting variables, and
  • Android application package (APK) file permissions.


  • Python-Magic – See documentation for instructions for Python3-magic installation
  • vFeed Database – For non-commercial use, register and download the Community Edition database


$ --help

Output TROMMEL results to a file based on a given directory. By default, only searches plain text files.

$ -p /directory -o output_file

Output TROMMEL results to a file based on a given directory. Search both binary and plain text files.

$ -p /directory -o output_file -b


  • The intended use of TROMMEL is to assist researchers during firmware analysis.
  • TROMMEL has been tested using Python3 on Kali Linux x86_64.
  • TROMMEL was written with the intent to help with identifying indicators that may contain vulnerabilities found in firmware of embedded devices.

Download Link

Get all the latest posts delivered straight to your inbox!
🎉 You've successfully subscribed to Hack Hex!