a pi-zero powered hacking tool, with badusb capabilities, on the fly hoaxshell payload generation, 802.11 deauthing, bettercap support, and (crude) duckyscript support, all in the size of a flipper zero (or raspberry pi depending on your setup)
some of it's features:
- duckyscript's iconic keystroke reflection
- remote control
- jinja2 enabled duckyscript support (WIP, but enough to use most scripts)
- deauthing and sniffing attacks (EAPOL supported (thanks bettercap)), access point spamming, evil portal
- usb mass storage emulation, mouse emulation
BLE hackingwork in progress- infinite amount of plugins
- reverse shell hosting
- literal entire kali linux system in your pocket
with the shim (WIP, not released to public yet)
- RF hacking (rolljam, sniffing, jamming, replay)
- IR hacking (replay, jamming)
- wireless charging
- pin fuzzing (SPI, IIC/I2C, UART)
nfcspace constrained and also very hard to make
i am not responsible for what you do with this thing; this can actually be used for really bad purposes in the right hands
this also isn't meant to be better than the p4wnp1-aloa - the aloa has way more support for everything than me
if support/something you want isn't implemented yet, look at making plugins
unless its something else, like a bug - in that case, PLEASE make an issue
- deauthing works, but can sometimes go silent (see evilsocket/pwnagotchi#267)
- this is in the middle of a rewrite, bugs are to be expected
- a raspberry pi zero w (can also be a 2)
-
note: you could use a tiny micro-usb cable with sync support and plug that in to the victim
if you try to use your pi as a ducky usb, it will take (minimum) 25 seconds to boot up and start pwnhyve, and a couple of minutes to start everything else up; not very stealthy
you could use it without a battery though, just not reccomended
- 98% of this was made by me
- some of it was from pwnagotchi for deauthing