# Introduction

While analyzing the network communication of an IoT device we may identify services, obtain information or even gain access to the device.

Use tools like `nmap` and `Wireshark` to passively monitor or actively test network and wireless communications (e.g., HTTP, MQTT, CoAP). Sometimes we also encounter proprietary network protocols, which need to be analyzed in depth.

We are looking for information like the used operating system, program versions or known vulnerabilities. If we find web applications such as a web server, we should also examine these, as they could allow us to execute code if they are not configured correctly. Learn more about web pentesting on dedicated websites [Hacktricks](https://book.hacktricks.xyz/pentesting-web/web-vulnerabilities-methodology). If we can login to the device, we may also check configuration settings and access control management.

Goals: Exploit vulnerabilities (RCE, LFI), gain information, firmware extraction\
Things to look for: Protocols (SSH, Telnet, FTP), web


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://www.hardbreak.wiki/network-analysis/introduction.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.