OpenSecAtlas
OPENSECATLAS
Library/SDK
Library
Firmware Security

python-client

by onekey-sec

6stars
2forks
2watchers
Updated about 1 year ago
About

An official Python client library and CLI tool for interacting with the ONEKEY firmware security platform API to automate vulnerability scanning and firmware analysis.

Official Python API client for ONEKEY

Primary Use Case

This tool is designed for firmware security professionals and developers who need to automate the uploading, analysis, and retrieval of firmware vulnerability scan results on the ONEKEY platform. It facilitates integration into CI/CD pipelines and programmatic access to firmware security data via a Python SDK or CLI.

Key Features
  • Python library and CLI for accessing the ONEKEY public API
  • Supports authentication via email/password or API token
  • Upload firmware images for security analysis
  • Query firmware, product groups, and analysis configurations via GraphQL
  • Fetch CI analysis results programmatically
  • Manage tenants and obtain tenant-specific tokens
  • Environment variable support for seamless CI/CD integration

Installation

  • Clone the repository from https://github.com/onekey-sec/python-client
  • Alternatively, install the package via pip: pip install onekey-client

Usage

>_ onekey --email "<email>" --tenant "<tenant-name>" --password "<password>" get-tenant-token

Authenticate and retrieve a tenant-specific Bearer token.

>_ onekey list-tenants

List all available tenants on the ONEKEY platform.

>_ onekey upload-firmware

Upload a firmware image to the ONEKEY platform for analysis.

>_ onekey ci-result

Fetch analysis results for continuous integration workflows.

>_ Python Client login and tenant selection

Use the Python Client to login with email/password or API token and select a tenant for API queries.

>_ client.query(<GraphQL query>)

Execute GraphQL queries to retrieve firmware, product groups, or analysis configurations.

>_ client.upload_firmware(metadata, firmware_path, enable_monitoring=True)

Upload firmware with metadata and enable monitoring for security analysis.

Security Frameworks
Reconnaissance
Discovery
Collection
Defense Evasion
Execution
Usage Insights
  • Integrate the ONEKEY Python client into CI/CD pipelines for automated firmware vulnerability scanning and early detection.
  • Use the API token authentication method to securely automate firmware uploads and analysis without exposing credentials.
  • Leverage GraphQL queries to customize and fine-tune firmware security data retrieval for targeted threat hunting and incident response.
  • Combine with firmware reverse engineering tools to enrich vulnerability context and improve remediation prioritization.
  • Develop custom alerting and reporting scripts using the client library to enhance situational awareness for blue and purple teams.

Docs Take 2 Hours. AI Takes 10 Seconds.

Ask anything about python-client. Installation? Config? Troubleshooting? Get answers trained on real docs and GitHub issues—not generic ChatGPT fluff.

This tool hasn't been indexed yet. Request indexing to enable AI chat.

Admin will review your request within 24 hours

Security Profile
Red Team60%
Blue Team70%
Purple Team65%
Details
LicenseMIT License
LanguagePython
Open Issues9
Topics
iot
iot-security
iot-security-testing
security-audit

Related Tools

FACT_core

fkie-cad/FACT_core

Tool

Firmware Analysis and Comparison Tool

1.4K
6 months ago

owasp-fstm

scriptingxss/owasp-fstm

Documentation

The Firmware Security Testing Methodology (FSTM) is composed of nine stages tailored to enable security researchers, software developers, consultants, and Information Security professionals with conducting firmware security assessments.

434
4 months ago