MCP.directory

iotnet

by BrownFineSecurity
0
0
Source

IoT network traffic analyzer for detecting IoT protocols and identifying security vulnerabilities in network communications. Use when you need to analyze network traffic, identify IoT protocols, or assess network security of IoT devices.

Install

mkdir -p .claude/skills/iotnet && curl -L -o skill.zip "https://mcp.directory/api/skills/download/6087" && unzip -o skill.zip -d .claude/skills/iotnet && rm skill.zip

Installs to .claude/skills/iotnet

About this skill

IoTNet - IoT Network Traffic Analyzer

You are helping the user analyze network traffic to detect IoT protocols and identify security vulnerabilities using the iotnet tool.

Tool Overview

IoTNet analyzes network packet captures (PCAPs) or performs live traffic capture to:

  • Detect IoT-specific protocols (MQTT, CoAP, Zigbee, etc.)
  • Identify security vulnerabilities in network traffic
  • Analyze protocol distribution
  • Find unencrypted communications
  • Detect weak authentication mechanisms
  • Identify insecure IoT device behaviors

Instructions

When the user asks to analyze network traffic, capture IoT traffic, or assess network security:

  1. Determine input type:

    • PCAP file analysis (offline)
    • Live network capture (requires interface)

  2. Gather requirements:

    • For PCAP: Get file path(s)
    • For live capture: Get network interface name and duration
    • Ask about filtering needs (specific IPs, protocols)
    • Check if custom detection rules are needed

  3. Execute the analysis:

    • Use the iotnet command from the iothackbot bin directory

Usage Modes

PCAP Analysis (Offline)

Analyze one or more existing packet capture files:

iotnet capture1.pcap capture2.pcap

Live Capture

Capture and analyze traffic in real-time:

sudo iotnet -i eth0 -d 30

Parameters

Input Options:

  • pcap_files: One or more PCAP files to analyze
  • -i, --interface: Network interface for live capture

Filtering Options:

  • --ip: Filter traffic by IP address
  • -c, --capture-filter: BPF syntax filter for live capture
  • --display-filter: Wireshark display filter for PCAP analysis

Live Capture Options:

  • -d, --duration: Capture duration in seconds (default: 30)

Analysis Options:

  • --config: Custom IoT detection rules configuration file
    • Default: config/iot/detection_rules.json in the iothackbot directory

Output Options:

  • --format text|json|quiet: Output format (default: text)
  • -v, --verbose: Detailed output

Examples

Analyze a packet capture file:

iotnet /path/to/capture.pcap

Live capture for 60 seconds on wifi interface:

sudo iotnet -i wlan0 -d 60

Analyze traffic for specific IP:

iotnet capture.pcap --ip 192.168.1.100

Live capture with BPF filter:

sudo iotnet -i eth0 -c "port 1883 or port 5683" -d 45

Multiple PCAPs with custom config:

iotnet file1.pcap file2.pcap --config custom-rules.json

Filter by display filter (Wireshark syntax):

iotnet capture.pcap --display-filter "mqtt or coap"

Detected IoT Protocols

The tool can identify:

  • MQTT: Message Queue Telemetry Transport
  • CoAP: Constrained Application Protocol
  • Zigbee: Low-power mesh networking
  • Z-Wave: Home automation protocol
  • ONVIF: IP camera protocol
  • UPnP/SSDP: Universal Plug and Play
  • Modbus: Industrial control protocol
  • And many more (configurable)

Security Checks

IoTNet identifies vulnerabilities such as:

  • Unencrypted MQTT traffic
  • Missing TLS/encryption
  • Weak or no authentication
  • Plaintext credentials
  • Insecure protocol versions
  • Known vulnerable implementations

Output Information

Results include:

  • Total packets analyzed
  • Protocol distribution with percentages
  • IoT findings with protocol details and packet info
  • Vulnerabilities with severity levels (high/medium/low)
  • Recommendations for remediation

Important Notes

  • Live capture requires root/sudo privileges
  • Requires network access to specified interface
  • PCAP analysis does not require elevated privileges
  • Detection rules can be customized in config file
  • Supports standard PCAP format from tcpdump, Wireshark, etc.

More by BrownFineSecurity

View all skills by BrownFineSecurity

apktool

BrownFineSecurity

Android APK unpacking and resource extraction tool for reverse engineering. Use when you need to decode APK files, extract resources, examine AndroidManifest.xml, analyze smali code, or repackage modified APKs.

32

onvifscan

BrownFineSecurity

ONVIF device security scanner for testing authentication and brute-forcing credentials. Use when you need to assess security of IP cameras or ONVIF-enabled devices.

220

picocom

BrownFineSecurity

Use picocom to interact with IoT device UART consoles for pentesting operations including device enumeration, vulnerability discovery, bootloader manipulation, and gaining root shells. Use when the user needs to interact with embedded devices, IoT hardware, or serial consoles.

00

ffind

BrownFineSecurity

Advanced file finder with type detection and filesystem extraction for analyzing firmware and extracting embedded filesystems. Use when you need to analyze firmware files, identify file types, or extract ext2/3/4 or F2FS filesystems.

10

telnetshell

BrownFineSecurity

Use telnet to interact with IoT device shells for pentesting operations including device enumeration, vulnerability discovery, credential testing, and post-exploitation. Use when the user needs to interact with network-accessible shells, IoT devices, or telnet services.

20

wsdiscovery

BrownFineSecurity

WS-Discovery protocol scanner for discovering and enumerating ONVIF cameras and IoT devices on the network. Use when you need to discover ONVIF devices, cameras, or WS-Discovery enabled equipment on a network.

50

You might also like

flutter-development

aj-geddes

Build beautiful cross-platform mobile apps with Flutter and Dart. Covers widgets, state management with Provider/BLoC, navigation, API integration, and material design.

641968

drawio-diagrams-enhanced

jgtolentino

Create professional draw.io (diagrams.net) diagrams in XML format (.drawio files) with integrated PMP/PMBOK methodologies, extensive visual asset libraries, and industry-standard professional templates. Use this skill when users ask to create flowcharts, swimlane diagrams, cross-functional flowcharts, org charts, network diagrams, UML diagrams, BPMN, project management diagrams (WBS, Gantt, PERT, RACI), risk matrices, stakeholder maps, or any other visual diagram in draw.io format. This skill includes access to custom shape libraries for icons, clipart, and professional symbols.

590705

godot

bfollington

This skill should be used when working on Godot Engine projects. It provides specialized knowledge of Godot's file formats (.gd, .tscn, .tres), architecture patterns (component-based, signal-driven, resource-based), common pitfalls, validation tools, code templates, and CLI workflows. The `godot` command is available for running the game, validating scripts, importing resources, and exporting builds. Use this skill for tasks involving Godot game development, debugging scene/resource files, implementing game systems, or creating new Godot components.

338397

ui-ux-pro-max

nextlevelbuilder

"UI/UX design intelligence. 50 styles, 21 palettes, 50 font pairings, 20 charts, 8 stacks (React, Next.js, Vue, Svelte, SwiftUI, React Native, Flutter, Tailwind). Actions: plan, build, create, design, implement, review, fix, improve, optimize, enhance, refactor, check UI/UX code. Projects: website, landing page, dashboard, admin panel, e-commerce, SaaS, portfolio, blog, mobile app, .html, .tsx, .vue, .svelte. Elements: button, modal, navbar, sidebar, card, table, form, chart. Styles: glassmorphism, claymorphism, minimalism, brutalism, neumorphism, bento grid, dark mode, responsive, skeuomorphism, flat design. Topics: color palette, accessibility, animation, layout, typography, font pairing, spacing, hover, shadow, gradient."

318395

nano-banana-pro

garg-aayush

Generate and edit images using Google's Nano Banana Pro (Gemini 3 Pro Image) API. Use when the user asks to generate, create, edit, modify, change, alter, or update images. Also use when user references an existing image file and asks to modify it in any way (e.g., "modify this image", "change the background", "replace X with Y"). Supports both text-to-image generation and image-to-image editing with configurable resolution (1K default, 2K, or 4K for high resolution). DO NOT read the image file first - use this skill directly with the --input-image parameter.

450339

fastapi-templates

wshobson

Create production-ready FastAPI projects with async patterns, dependency injection, and comprehensive error handling. Use when building new FastAPI applications or setting up backend API projects.

304231

Related MCP Servers

Browse all servers
WebScoutWebScout

WebScout automates chat API analysis using Selenium for software testing and packet analyzer tools to reveal hidden endp

114 tools
Cloudflare ObservabilityCloudflare Observability

Cloudflare Observability offers advanced network monitoring software, delivering insights and trends for smarter network

3,5190 tools
Chrome ToolsChrome Tools

Control Chrome remotely, capture screenshots, and monitor network traffic using Chrome Tools with seamless remote access

520 tools
Protocols.ioProtocols.io

Protocols.io server lets you manage scientific protocols with CRUD features, simplifying tasks with simple network manag

160 tools
NetskopeNetskope

Integrate Netskope for automated zero trust network access (ZTNA), policy creation, and secure private app management vi

60 tools
Knowledge Graph MemoryKnowledge Graph Memory

Build persistent semantic networks for enterprise & engineering data management. Enable data persistence and memory acro

80,5279 tools

Stay ahead of the MCP ecosystem

Get weekly updates on new skills and servers.