Find out more

  • detect vulnerabilities in the firmware of IoT devices

  • no source code required

  • instant results, comprehensive reporting and alerting

  • covers a broad range of IoT devices, including IP Cameras, Routers, Printers and many more
  • ISP specific solution for CPE devices available


in your FIRMWARE?

IoTInspector allows us to search the firmware of thousands of products for vulnerabilities within seconds and was crucial for several SEC Consult publications.

Want do dig deeper? Use the expert view and do additional manual analysis.

Extensive metadata, tagging and commenting options allow you to keep track of products/firmware you have, no more spreadsheets!

3rd party data providers



Retrieve the analysis results and statistics via a web UI or download detailed PDF reports.

Data at your fingertips

Comes with comprehensive vulnerability detection capabilities, upload firmware images or update files, all the heavy lifting is 100% automated.

Easy to use

Access decades of IoT security know-how in a simple and easy to use package.

Invaluable help during firmware developmentquality assurance, penetration tests as well as supply chain validation.

You plan, build or run IoT devices? IoTInspector is just for you!

Trust, but verify!

Stefan Viehböck
Senior Security Consultant, SEC Consult

Plugins detect

  • zero day (0day) vulnerabilities
  • 3rd party components (software composition analysis) and thousands of known vulnerabilities
  • hardcoded usenames/passwords (exploited by "Mirai-bots")
  • hardcoded cryptographic secrets (including certificates and private keys)
  • leftover development/backdoor accounts
  • vulnerable service configuration

Plugins check

  • implementation of secure software development guidelines

Plugins correlate

  • information embedded in firmware with Censys and Shodan. Find misconfigured devices and estimate impact of vulnerabilities.

...  much more to come!

Get continuous coverage for uploaded firmware, alerts are sent once new vulnerabilities are detected.

Multiply the "ROI" of your manual penetration tests by integrating vulnerabilities found in IoTInspector detection plugins.

Plugins, plugins, plugins ...

Find out more about IoT Inspector research results on our blog.