■ CVE CORRELATION ACTIVE   MASSCAN · RUSTSCAN · NMAP · NAABU · WIRESHARK   PHASE 1 → PHASE 6 PIPELINE   NETWORK THREAT INTELLIGENCE   IOT_SENTINEL v1.0   CREDENTIAL ABUSE · CLEARTEXT PROTOCOLS · DEFAULT CREDS   INDUSTRIAL PROTOCOL EXPOSURE DETECTION   ■ CVE CORRELATION ACTIVE   MASSCAN · RUSTSCAN · NMAP · NAABU · WIRESHARK   PHASE 1 → PHASE 6 PIPELINE   NETWORK THREAT INTELLIGENCE   IOT_SENTINEL v1.0   CREDENTIAL ABUSE · CLEARTEXT PROTOCOLS · DEFAULT CREDS   INDUSTRIAL PROTOCOL EXPOSURE DETECTION  
新発売!— Advanced IoT Security

IOT_
SENTI
NEL

銀河ネットワーク監視

Advanced IoT network security scanner.
Unified multi-tool intelligence platform
integrating Wireshark · Nmap · RustScan · Naabu · Masscan.

Python 96.6%
FastAPI
CVE Correlation
Docker
Kubernetes
★ GitHub Repo View Pipeline →
SCANNING
5
Scanner Integrations
6
Pipeline Phases
10K
Packets / Sec (Masscan)
4
API Endpoints
SCAN
01

Scan Pipeline

1
Masscan
Fast wide-area
discovery
10K pps
2
RustScan
Full port
enumeration
4500 batch
2
Naabu
SYN scan +
service detection
parallel
3
Nmap
Deep OS,
version, NSE
scripts
4
Wireshark
Passive traffic
capture
30 seconds
5+
Analysis
Fingerprint
CVE correlation
HTML report
02

Intelligence Modules

Fingerprinting

Device Identification

Automatic device type and vendor identification across the entire IoT landscape. Correlates OS signatures, banner grabs, and behavioral patterns.

Vulnerability

CVE Correlation

Real-time correlation against known CVEs for Hikvision, D-Link, GoAhead, Netgear and other IoT firmware. Prioritized risk scoring.

Traffic

Flow Analysis

Deep packet inspection and flow analysis. Anomaly detection for cleartext protocols, abnormal beacon intervals, and data exfiltration patterns.

Reporting

Multi-Format Reports

Generates HTML, JSON, and PDF outputs automatically after each scan. Full audit trail with timestamped event persistence.

API

FastAPI REST Server

Async REST API with scan orchestration, status polling, and report retrieval. Designed for integration into CI/CD security pipelines.

Infrastructure

Cloud-Native Deploy

Docker Compose for development, Kubernetes manifests and Terraform IaC for production. Scales horizontally across distributed scan nodes.

脅威
03

Detected Threat Categories

01
Credential Abuse
Over-permissioned IoT identities, token abuse via STS/OIDC/Workload identity chains.
02
Cleartext Protocols
Detection of Telnet, unencrypted MQTT, and other plaintext data-in-transit risks.
03
Default Credentials
Automated checks for admin/admin, root/root and other factory-default login pairs.
04
Known CVEs
Hikvision, D-Link, GoAhead, Netgear — firmware vulnerability database correlation.
05
Industrial Protocols
Exposed Modbus, BACnet, DNP3 endpoints in OT/ICS environments on public networks.
06
Token Abuse
STS/OIDC/Workload identity chain analysis to detect privilege escalation vectors.
04

API Endpoints

Method Path Description
POST /api/v1/scan/start Start async scan
GET /api/v1/scan/status/{id} Poll scan status
GET /api/v1/reports/{id} Get scan report
GET /health Health check
05

Quick Start

# 1. Bootstrap the environment
python scripts/bootstrap_env.py

# 2. Quick scan a subnet
python main.py scan --target 192.168.1.0/24 --mode quick

# 3. Full IoT audit (requires sudo)
sudo python main.py scan --target 192.168.1.0/24 --mode full

# 4. Passive traffic capture
python main.py capture --interface eth0 --duration 60

# 5. Launch REST API server
python main.py api --port 8080
06

Architecture

Core
core/
Models, config, constants, and shared utilities across the platform.
Scanners
scanners/
Wireshark, Nmap, RustScan, Naabu, Masscan adapters.
Integrations
integrations/
Scanner bridge normalization layer. Unifies output formats.
Engine
engine/
Orchestrator powering the 6-phase scanning pipeline.
Analysis
analysis/
Fingerprinting, CVE correlation, traffic flow analysis.
Reports
reports/
HTML + JSON + PDF generation from scan results.
API
api/
FastAPI REST server with async scan orchestration.
Infra
infra/
Docker, Kubernetes, Terraform IaC configurations.