• detect vulnerabilities in the firmware of IoT devices

  • no source code required

  • instant results, comprehensive reporting and alerting

  • covers a broad range of IoT devices, including IP cameras, routers, printers, and many more
  • ISP specific solution for CPE devices available

Get a free sample report
and find out more about
our demo portal:


in your FIRMWARE?

Want do dig deeper? Use the expert view and do additional manual analysis.

Stefan Viehböck
Senior Security Consultant, SEC Consult

Extensive metadata, tagging and commenting options allow you to keep track of products/firmware you have, no more spreadsheets!

Retrieve the analysis results and statistics via a web UI or download detailed PDF reports.

Access decades of IoT security know-how in a simple and easy to use package.

Data at your fingertips

Comes with comprehensive vulnerability detection capabilities, upload firmware images or update files, all the heavy lifting is 100% automated.

Easy to use



Invaluable help during firmware developmentquality assurance, penetration tests as well as supply chain validation.

You plan, build or run IoT devices? IoTInspector is just for you!

Trust, but verify!

IoTInspector allows us to search the firmware of thousands of products for vulnerabilities within seconds and was crucial for several SEC Consult publications.

Plugins detect

  • zero day (0day) vulnerabilities
  • 3rd party components (software composition analysis) and thousands of known vulnerabilities
  • hardcoded usernames/passwords (exploited by "Mirai-bots")
  • hardcoded cryptographic secrets (including certificates and private keys)
  • leftover development/backdoor accounts
  • vulnerable service configuration

Plugins check

  • implementation of secure software development guidelines

Plugins correlate

  • information embedded in firmware with Shodan. Find misconfigured devices and estimate impact of vulnerabilities.

...  much more to come!

Get continuous coverage for uploaded firmware, alerts are sent once new vulnerabilities are detected.

3rd party data providers

Multiply the "ROI" of your manual penetration tests by integrating vulnerabilities found in IoTInspector detection plugins.

Plugins, plugins, plugins ...

Find out more about IoT Inspector research results on our blog.