Smart devices have become part of our daily lives—helping us save time, automate tasks, and improve convenience. But with these benefits comes risk. Just as you’d be cautious when trusting a new friend, it’s important to ensure that the smart devices you bring home are safe and secure.
This blog introduces EXPLIoT, a security testing framework built specifically for IoT devices and infrastructure. Think of it as a digital detective—helping you assess whether your smart device is secure or vulnerable to exploitation.
By the end, you’ll gain an understanding of EXPLIoT, common IoT vulnerabilities, and how this framework can be used to strengthen IoT security.
EXPLIoT is a modular framework for security testing and exploitation of IoT products and the infrastructure they connect to.
It comes with a collection of plugins (test cases) for performing security assessments.
It’s extensible, allowing you to add new plugins based on evolving IoT attack surfaces.
The name EXPLIoT (pronounced expl-aa-yo-tee) is a pun on the word “exploit” and highlights its core purpose: IoT exploitation for security testing.
IoT devices are notorious for weak security. Here are some of the most common flaws:
Weak or Default Passwords
Many IoT devices ship with easily guessable factory-set passwords, leaving them wide open to attackers.
Lack of Encryption
Data transmitted between IoT devices and servers often lacks proper encryption, allowing attackers to intercept or tamper with it.
Firmware Vulnerabilities
Outdated or poorly written firmware can contain exploitable flaws, enabling attackers to gain control of the device.
To install the EXPLIoT framework, follow these steps: The command git clone https://gitlab.com/expliot_framework/expliot.git creates a local copy of the EXPLIoT framework’s repository from GitLab.
git clone https://gitlab.com/expliot_framework/expliot.git
The command cd expliot changes the current directory to the “exploit” directory, which is the local repository of the EXPLIoT framework.
cd expliot
The command sudo python3 setup.py install installs the Python package in the current directory system-wide using the setup script provided.
sudo python3 setup.py install
The command sudo systemctl status nix-daemon checks and displays the current status of the Nix daemon service.
sudo systemctl status nix-daemon
The command sudo systemctl start nix-daemon initiates the Nix daemon service, enabling it to manage system processes related to Nix.
sudo systemctl start nix-daemon
The command sudo nix-channel –add https://nixos.org/channels/nixos-unstablenixos-unstable adds the NixOS unstable channel to the Nix package manager for access to the latest packages.
sudo nix-channel --add https://nixos.org/channels/nixos-unstable nixos-unstable
The command sudo nix-channel –update refreshes the list of packages available from the channels that the Nix package manager is subscribed to.
sudo nix-channel --update
The command sudo nix-env -iA nixos-unstable.expliot installs the EXPLIoT package from the NixOS unstable channel using the Nix package manager.
sudo nix-env -iA nixos-unstable.expliot
Begin the exploit framework by configuring the necessary modules laying the groundwork for targeted security assessments and vulnerability analysis.
exploit
In this framework, we can see a list of plugins and command-line interfaces that can be utilized. Below is the command to list them:
To perform the baud rate scan, we’re utilizing an Arduino Mega microcontroller board interfaced with the UART pins of the router. This setup allows us to execute EXPLIoT commands for analyzing the communication baud rates between the router and external devices. The Arduino Mega acts as a versatile hardware platform with ample digital pins, facilitating seamless integration with the router’s UART interface for robust data transmission and reception. This hardware configuration enables precise assessment of baud rates, ensuring comprehensive testing and analysis within the EXPLIoT framework.
Execute a specific plugin within the EXPLIoT framework by using the syntax run [plugin_name]. In this case, we are considering the command for a plugin is baud rate detection, as shown below in the picture.
Execute a specific plugin within the EXPLIoT framework by using the syntax run [plugin_name]. In this case, we are considering the command for a plugin is baud rate detection, as shown below in the picture.
run [plugin_name]
The exit command in the EXPLIoT framework allows you to exit or terminate the current session.
exit
Or refer to the official documentation: https://expliot.readthedocs.io/en/latest/installation/intro.html
EXPLIoT is a modular framework for exploiting and testing IoT devices.
It helps identify common flaws like weak passwords, lack of encryption, and firmware vulnerabilities.
Its plugin-based design makes it flexible and extensible for modern IoT ecosystems.
At Redfox Security, our team of global security consultants specializes in uncovering vulnerabilities across IoT, web, cloud, and enterprise systems. If you’re looking to strengthen your organization’s security posture, contact us today.
And if you want to skill up in cybersecurity, join us for hands-on training through our comprehensive courses at Redfox Academy.
Redfox Cyber Security Inc.
8 The Green, Ste. A, Dover,
Delaware 19901,
United States.
info@redfoxsec.com
©️2025 Redfox Cyber Security Inc. All rights reserved.
