Skip to content

Latest commit

 

History

History
129 lines (99 loc) · 16.4 KB

wireless.md

File metadata and controls

129 lines (99 loc) · 16.4 KB
title description
Wireless
Discover tools and resources for exploiting Wi-Fi, bluetooth, RFID, and more.

Bluetooth

  • bettercap - Swiss army knife for WiFi, Bluetooth, HID, and ethernet network. last-commit
  • BLE Scanner 4.0 iOS Android - Scanner Utility for Bluetooth Low Energy, iBeacon and Eddystone devices.
  • BLE-Beacon-Scanner - Scan for BLE Beacons (iBeacon and Eddystone) last-commit
  • BLESuite - Python package that provides an easier way to test Bluetooth Low Energy (BLE) device. last-commit
  • Bluefruit LE Sniffer - Passively capture data exchanges between two BLE devices, pushing the data into Wireshark, where you can visualize things on a packet level.
  • Bluelog - Linux bluetooth scanner last-commit
  • BlueScanner - Windows tool to locate bluetooth devices and get to know its features.
  • BSS - Bluetooth Stack Smasher last-commit
  • BTcrack - Bluetooth PIN and Link-key cracker. last-commit
  • BtleJuice - BtleJuice Bluetooth Smart (LE) Man-in-the-Middle framework. last-commit
  • Btmon - Arduino bluetooth monitoring tool. last-commit
  • Btscanner - Scans for new devices and retrieves any information requested. last-commit
  • Crackle - Crack and decrypt BLE encryption. last-commit
  • Ellisys Bluetooth Explorer - All-In-One Wideband BR/EDR and Low Energy sniffer with concurrent capture of Wi-Fi 2x2 802.11 a/b/g/n, 2.4 GHz spectrum, HCI (USB, UART, SPI), WCI-2, logic signals, generic I2C/UART/SPI/SWD, and Audio I2S.
  • hcitool - Bluetooth host controller CLI tool for sending HCI commands on MacOS and Linux. last-commit
  • Sweyntooth - Captures a family of 18 vulnerabilities across different Bluetooth Low Energy (BLE) software development kits (SDKs) of six major system-on-a-chip (SoC) vendors. last-commit

Cellular

  • Crocodile Hunter - A tool to hunt fake eNodeBs, also known commonly as hailstorm, stingray, cell site simulators, or IMSI catchers. last-commit
  • Kalibrate - Scan for GSM base stations in a given frequency band and can use those GSM base stations to calculate the local oscillator frequency offset. last-commit

DECT

  • gr-dect2 - Real-time DECT voice channel decoding by Gnuradio. It allows to listen to a voice when encryption isn't applied.
  • re-DECTed - Tools for playing with DECT. last-commit

Hardware

  • HackRF One - HackRF One is a Software Defined Radio capable of transmission or reception of radio signals from 1 MHz to 6 GHz.
  • MultiBlue Dongle - Can be connected to another computer via a USB port and control the victims computer via bluetooth.
  • Pluggable BT Dongle - Survey on nearby bluetooth devices enumerate the services and even send simple data packet to them.
  • Ubertooth One - Ubertooth One is an open source 2.4 GHz wireless development platform suitable for Bluetooth experimentation.
  • Wi-fi Pineapple - Automate WiFi auditing with all new campaigns and get actionable results from vulnerability assessment reports.

NFC

  • ACR122U USB NFC Reader - Contactless smart card reader/writer developed based on 13.56 MHz Contactless (RFID) Technology
  • Keysy - Backup up to four RFID access credentials into a small keyfob form factor.
  • libnfc - Platform independent Near Field Communication (NFC) library. last-commit
  • MFCUK - MiFare Classic Universal toolKit. last-commit
  • MFOC - Mifare Classic Offline Cracker. last-commit
  • NFCGate - Android application meant to capture, analyze, or modify NFC traffic. last-commit
  • NFC Smart Card Info - Android App. Shows Java Card applet installed on a contact-less Smart Card and tag info.
  • NFC Tag Cloner - Android App. Clone NFC tags to another tag or to your phone
  • NFC TagInfo - Android App. The “Swiss Army knife” for NFC! Value checker, content viewer and analysis tool.
  • pcscd - PC/SC Smart Card Daemon. A resource manager that coordinates communications with smart card readers and smart cards and cryptographic tokens that are connected to the system.

RFID

  • ICopyX - Hardware to rapidly and easily clone RFID tags like an expert.
  • Proxmark - RFID swiss-army tool, allowing for both high and low level interactions with the vast majority of RFID tags and systems world-wide
  • RFIDOt - Python RFID / NFC library & tools.
  • Wiegotcha - Long Range RFID Thief. last-commit

SDR

  • Airspy - State of the art SDR hardware for HF and VHF.
  • bladeRF Micro 20.0 - Next-generation 2x2 MIMO, 47MHz to 6GHz frequency range, off-the-shelf USB 3.0 Software Defined Radio (SDR)
  • gqrx - Software defined radio receiver powered by GNU Radio and Qt. last-commit
  • gr-fosphor - GNURadio block for spectrum visualization using GPU. last-commit
  • inspectrum - Analysing captured signals, primarily from software-defined radio receivers. last-commit
  • LimeSDR - A low cost, open source, apps-enabled (more on that later) software defined radio (SDR) platform that can be used to support just about any type of wireless communication standard.
  • Multimon-NG - Successor of multimon. Decodes various digital transmission modes. last-commit
  • rtl_fm - Set of scripts that acts as a wrapper for rtl_fm and a few helper scripts for making listening to radio signals with SDR easy. last-commit
  • USRP B210 - A fully integrated, single-board, Universal Software Radio Peripheral (USRP™) platform with continuous frequency coverage from 70 MHz – 6 GHz.

Wi-Fi

  • AirCheck G3 Pro - Hardware-enabled site survey solution for Wi-Fi 6/6E networks.
  • Aircrack-NG - A complete suite of tools assess WiFi network security. last-commit
  • Airpwn - Packet injection for wifi; simplified. last-commit
  • Airstrike - Automatically grab and crack WPA-2 handshakes with distributed client-server architecture. last-commit
  • Alfa Card - The Atheros chipset supports all 6 WiFi modes. Best success rate of various injection attacks using this Wi-Fi adaptor.
  • AWSY - Are.We.Secure.Yet Framework aims to test the wifi security of a location, attempting to locate individual devices. last-commit
  • Beacongraph - Graph visualization of wireless client and access point relationships. last-commit
  • bettercap - Swiss army knife for WiFi, Bluetooth, HID, and ethernet network. last-commit
  • Chanalyzer - A powerful dual-band spectrum analyzer that measures Wi-Fi and non-Wi-Fi activity in both the 2.4 GHz and 5 GHz bands.
  • coWPAtty - WPA2-PSK Cracking last-commit
  • cpscam - Bypass captive portals by impersonating inactive users. last-commit
  • dBmonster - Track WiFi Devices With Their Recieved Signal Strength. last-commit
  • Ekahau HeatMapper - Perform wireless network analysis, optimization, and simulation with high-definition visual Wi-Fi heatmaps that take the guesswork out of network coverage and performance.
  • FruityWiFi - FruityWiFi is a wireless network auditing tool. last-commit
  • Giskismet - Wireless recon visualization tool. last-commit
  • iSniff-GPS - Passive sniffing tool for capturing and visualising WiFi location data disclosed by iOS devices. last-commit
  • inSSIDer - Helps to remove that frustration by showing you exactly how your network is configured, how neighboring Wi-Fi networks are impacting yours, and gives suggestions for fast, secure Wi-Fi.
  • Kismapping - A WiFi heatmapping tool which consumes Kismet output and produces a heatmap. last-commit
  • Kismet - A sniffer, WIDS, and wardriving tool for Wi-Fi, Bluetooth, Zigbee, RF, and more. last-commit
  • KRACK - Scripts to test if clients or access points (APs) are affected by the KRACK attack against WPA2. last-commit
  • Kr00k - Allows to decrypt some WPA2 CCMP data in vulnerable devices (Access Point or Clients). last-commit
  • MDK4 - MDK is a proof-of-concept tool to exploit common IEEE 802.11 protocol weaknesses. last-commit
  • Netsh - CLI utility that allows you to display or modify the network configuration of a computer that is currently running.
  • PixieWPS - An offline Wi-Fi Protected Setup brute-force utility. last-commit
  • Reaver - Brute force attack against Wi-Fi Protected Setups (WPS) last-commit
  • r00kie-kr00kie - This is a PoC exploit for the CVE-2019-15126 kr00k vulnerability. last-commit
  • SniffAir - Wireless security framework which provides the ability to easily parse passively collected wireless data as well as launch sophisticated wireless attacks. last-commit
  • tonic - Provides a reliable process for troubleshooting Wi-Fi devices (endpoints) on-site.
  • Wifi Analyzer - Turns your android phone into a Wi-Fi analyzer! Shows the Wi-Fi channels around you.
  • Wifiphisher - The Rogue Access Point Framework last-commit
  • Wifite2 - Rewrite of the popular wireless network auditor, wifite. last-commit
  • WiGLE - All the networks. Found by Everyone. Wi-fi wardrving database.
  • WirelessKeyView - Recovers all wireless network security keys/passwords (WEP/WPA) stored in your computer.

Zigbee

  • Killerbee - IEEE 802.15.4/ZigBee Security Research Toolkit last-commit

Z-Wave

  • Killerzee - Tools for Attacking and Evaluating Z-Wave Networks last-commit