# Discover WS-Discovery Devices

Unknown WS-Discovery devices can create unmanaged exposure on local networks. This skill helps Claude, Codex, and Claude Code run authorized discovery and explain device details.

## Install

```bash
npx skillstore add brownfinesecurity/wsdiscovery
```

## Metadata

- - Slug: brownfinesecurity-wsdiscovery
- - Version: 1.0.0
- - Author: BrownFineSecurity
- - GitHub username: BrownFineSecurity
- - License: MIT
- - Repository: https://github.com/BrownFineSecurity/iothackbot/tree/master/skills/wsdiscovery
- - Ref: master
- - Supported tools: Claude, Codex, Claude Code
- - Risk level: medium
- - Risk factors: external\_commands, network
- - Quality score: 71
- - Public page: https://skillstore.pages.dev/skills/brownfinesecurity-wsdiscovery
- - Manifest: https://skillstore.pages.dev/api/skills/brownfinesecurity-wsdiscovery/manifest

## Capabilities

- Guides use of the wsdiscovery command for a hostname or IP address.
- Supports text, JSON, quiet, and verbose output modes described by the skill.
- Explains discovered IP addresses, ports, device UUIDs, and service endpoints.
- Identifies ONVIF-related metadata such as manufacturer, model, serial number, and firmware version.
- Suggests WS-Discovery multicast scanning for authorized device discovery.

## Use Cases

- Audit Network Cameras: Find ONVIF cameras and review exposed device metadata during an approved site assessment.
- Inventory IoT Devices: Discover WS-Discovery devices and collect basic identification details for asset records.
- Troubleshoot Discovery Issues: Compare standard and verbose discovery output when cameras or NVRs are missing from management tools.

## Prompt Templates

### Discover One Host

```
Use wsdiscovery to check this authorized host for WS-Discovery devices: [host]. Summarize any devices found.
```

### Review Device Metadata

```
Run wsdiscovery against [host] and explain the device type, model, firmware, serial number, and service endpoints.
```

### Collect Machine-Readable Results

```
Use wsdiscovery with JSON output for [host]. Convert the result into a concise asset inventory summary.
```

### Investigate Discovery Failures

```
Run verbose WS-Discovery against [host] and compare the full response with the expected ONVIF metadata fields.
```

## Limitations

- Only finds devices that support and respond to WS-Discovery.
- Requires network access to the target host or multicast segment.
- Does not perform authentication, exploitation, or vulnerability validation.
- Can produce sensitive inventory data and should be used only with authorization.

## Best Practices

- Confirm authorization before scanning any host or multicast segment.
- Start with one known device before scanning a wider discovery address.
- Treat serial numbers, firmware versions, and service endpoints as sensitive inventory data.

## Anti Patterns

- Do not scan public or third-party networks without written permission.
- Do not assume missing results mean no devices exist on the network.
- Do not publish raw device identifiers or service endpoints in public reports.

## Security Audit

- - Safe to publish: true
- - Audited at: 2026-06-28T17:18:12.825\+00:00
- - Summary: The static external-command findings are partly true because the skill instructs an agent to run the wsdiscovery command against user-provided hosts. The hardcoded IP addresses are documentation examples, and the weak-cryptography alert at SKILL.md line 3 is a false positive with no matching cryptographic code. This is a legitimate but dual-use network discovery skill and should be published with an authorization warning.

## Stats

- - Views: 200
- - Downloads: 6
- - Favorites: 0
- - Popularity score: 0
