Gallery
About
Hi HN,I’ve been working on pwneye, a CLI tool for interacting with IP cameras exposing ONVIF and RTSP services.During penetration tests and red team engagements, I kept running into the same friction, with discovery, authentication testing, enumeration and stream validation spread across different tools or quick one-off scripts.pwneye was built to handle that workflow end-to-end, from discovery to actually accessing and validating streams.Current features include:- ONVIF discovery and authentication testing (wordlists, multithreading)- Post-auth enumeration (device info, users, network config, media profiles)- RTSP extraction via ONVIF- RTSP port detection and basic vendor identification- Vendor-aware RTSP bruteforce- Stream validation, preview and recording- ONVIF reboot supportIt’s still early, but already usable in real-world engagements.Would be interested in feedback, especially from people who have dealt with ONVIF/RTSP cameras or IoT security in general.Repo: https://github.com/hackerest/pwneye
Comments (0)
No comments yet. Be the first to comment!
Related Products
Open-source private home security camera system (end-to-end encryption)
Logatory – local-first log analysis and threat detection, no SIEM
Osint Arena – GeoGuessr for OSINT
Auto-identity-remove – Automated data broker opt-out runner for macOS
How to Kill the Dead Internet
Mezz, a curl-able WiFi sandbox for IoT pentesting