Performed by attackers to identify the passwords, API tokens and endpoints, vulnerable services running, backdoor accounts, configuration files in use, private keys, stored data, etc.

Firmware analysis is the process of inspecting a device’s firmware image to uncover secrets and sensitive data embedded inside the software. Attackers perform this to map the device’s attack surface and find things like hard-coded passwords, API tokens, endpoints, backdoor accounts, configuration files, private keys, and stored data that could be abused after gaining access. This helps explain why protecting firmware and the software supply chain is crucial, since secrets can reside inside images long before deployment. Tools such as a Firmware Mod Kit are used to modify firmware, not the general discovery process; Binwalk helps extract and analyze embedded file systems within firmware as a supporting step, while Telnet is simply a remote access protocol and does not describe the analysis activity.