FirmaBKS

FirmaBKS

Local
Статус
Offline
Joined
7/10/21
Messages
30
Reaction score
0
We have selected fifteen of the best hacker devices with which you can pentest anything: from physical devices to contactless cards. This does not include more common tools like screwdrivers and soldering irons - they are easier to choose according to your taste. We hope you'll find something interesting in our list of the best hacker gadgets.

Best Hacker Gadgets​

Raspberry Pi 4​

Raspberry Pi mini-computers from the latest model range run on quad-core Arm chips, are equipped with 1, 2 or 4 GB of RAM, support Wi-Fi and Bluetooth communications, and have two micro HDMI ports and four USB ports. They can almost replace an inexpensive office desktop; they are often used to create media centers and home servers, as well as in a host of different projects - from musical instruments to robots.

But we are interested in something else: Raspberry can become a portable system for pentests. And there are a great many ready-made cases, displays, batteries and other accessories for them. By the way, in revision 1.2 they solved the problem of compatibility with some USB-C chargers, keep that in mind.

850042fe48cc139a67dbd.png



Proxmark 3​

One of the best assistants for carrying out attacks on contactless cards was and remains a hacker device called Proxmark3. It is available in several variants.

  1. RDV1 is an old version of the device, rarely found on the market and does not have any special advantages.
  2. RDV2 - the advantage of this version is the presence of a connector for an external antenna.
  3. RDV3 is the most popular (and cheapest) model on the market; Chinese clones are available with the same functions, but not always stable operation.
  4. RDV4 is the latest version of Proxmark, which also includes hardware and software for working with smart cards. The most expensive model on the list.
Proxmark will replace all similar devices for you, but it is worth noting that if you are going to study only Mifare cards, then it is better to look towards Chameleon Mini.

8d128bcce649cab9595ba.png



APImote​

If you have encountered a smart home, you have probably heard about the ZigBee protocol. It has been around for many years, but there are not many ready-made devices for testing network security. Among them is the APImote board, which works in conjunction with the killerbee framework. The device is supplied ready-made, but for those who like soldering, the developers have posted KiCad diagrams on GitHub KiCad.

7290a82d20a5b5633230c.png



E-Mate X​

The E-Mate X set will be a useful gift for those who often work with embedded systems or smartphones. It consists of thirteen adapters from non-volatile memory chips in a BGA package to various programmers and even to an SD input (which allows, in some cases, to read memory without a programmer).

a4e56e8c5e20148ffe74b.png



MagSpoof​

When working with magnetic cards, many people face the same problem: a three-lane card reader with write capability sometimes costs five times more than the same reader without write capability.

It is for such tasks that the MagSpoof board was developed, on which data from three magnetic stripes can be recorded and spoofed. Thus, the device replaces the real card.

5af8ba814aa37668c4acf.png


O.MG cable​

Хакерский кабель O.MG стал известен в основном благодаря выступлению его разработчиков на DEFCON 2019. В этот кабель зашит полноценный Rubber Ducky с Wi-Fi, позволяющий удаленно вводить команды клавиатуры в подключенное устройство. А главный плюс O.MG — его внешность неотличима от обычного кабеля для зарядки. Есть несколько вариантов: Type-C, micro-USB и Lightning.

9be5733a1ebd3450dff30.png



DSLogic​

A logic analyzer helps you debug digital circuits. And the DSLogic series analyzers have established themselves as one of the best in terms of price and quality ratio. Moreover, unlike Saleae products, they support working with open source projects, such as PulseView.

In total, three DSLogic models are available on the official website: Plus, U3Pro16 and U3Pro32. And if you are into soldering, you can look for DSLogic Basic on AliExpress. This model is no different from the DSLogic Plus, except for a lower price and memory capacity. By the way, there will be an additional challenge if you want to upgrade.

22c4573c77027765fe79a.png



FaceDancer21​

The FaceDancer21 hacker device is a must-have tool for a payment terminal tester. With its help you can do the following things.

  1. Emulate different USB devices. You can, for example, create a device with a specific ID and bypass the list of allowed connected devices.
  2. Determine what types of devices the USB port supports. Useful when working with ATMs and wireless chargers (if the wireless charger is a port on a small computer).
  3. Fuzz: useful for searching for 0day in USB drivers.
  4. Interact via USB using a Python library.
4360718cf13f8e77f6e4f.png



Yard Stick One​

If you've tried unlocking your car by repeating the unlock signal, you might appreciate this device. Yard Stick One allows you to send and receive traffic on popular frequencies (up to 1 GHz). Its distinctive feature is the use of the CC1111 chip, which allows hardware to demodulate or modulate the signal, which improves the quality of reception and transmission. To work with Yard Stick, you will need to install the free utility RFCat.

92ae289854ba8baa53df6.png



NFC Kill​

Few people can now be surprised by devices for testing contactless cards. But the hacker device NFC Kill will definitely interest you: first of all, it is intended for fuzz testing of contactless reading systems. And additional functions allow you to disable both the readers and the contactless cards themselves.

The device operates at three frequencies: Low Frequency (125–134 kHz), High Frequency (13.56 MHz) and Ultra High Frequency (850–930 MHz). It comes in two versions: Standard and Professional. The difference between them is the ability to run tests without physical interaction with the device.

5094d308490bc5ebf1a34.png



Bash Bunny​

Most likely, you are already familiar with Rubber Ducky, a device that emulates a keyboard and automatically enters malicious commands into the victim’s computer. The Bash Bunny device is a more sophisticated version of the device for HID attacks.

In addition to the keyboard, it can emulate any serial port devices, file storage devices, and USB to Ethernet adapters. This device is perfect for conducting Red Team tests and allows you to save money and space in your travel kit.

519da759fefc8a8b2b1fa.png



HydraBus​

HydraBus was originally developed as a full replacement for the outdated BusPirate board. Here is a list of the main advantages of HydraBus:

  • provides a full-fledged user interface for working with popular hardware interfaces (I2C, SPI, UART, 1–3-wire, JTAG/SWD);
  • HydraBus can be used in conjunction with PulseView to work in logic analyzer mode;
  • there is a library in Python, which makes it easier to use;
  • there is a MicroSD slot for saving information as you work.
e9a87d146d2d1bddf49c0.png



OpticSpy​

Devices such as routers often convey a lot of valuable information through blinking LEDs, especially when turned on. It happens that such LEDs are connected to a data line, for example to the TX pin of the UART bus.

To receive information from this data channel without soldering and expensive logic analyzers, we developed a board called OpticSpy. To work, you will need to install the Python library, connect OpticSpy to your computer via USB and bring its photodiode to a light source. You can see the operation of the hacker device on YouTube.

22f3287241ed4c698f2eb.png



Hunter Cat​

In 2019, an interesting hacker gadget appeared on the market - Hunter Cat. Although it is more for protection than for hacking and pentesting. It was developed to search for banking and other skimmers. Its essence is simple: we insert it into the card reader, pull it out and look at the LED. If it glows green, then the skimmer has not been detected, otherwise it is better not to use this ATM.

79346b2655183fd31639d.png



nRF52840 dongle​

Well, at the end of the list - USB-dongle nRF52840. It has a lot of possibilities, among which two are worth highlighting. First, you can reflash it and get a full-fledged Bluetooth Low Energy sniffer with a nice plugin for Wireshark. Secondly, using the open source project LOGITacker, you can turn this dongle into a device for testing wireless computer peripherals: mice, keyboards, etc.



b425238aac07ac99647a6.png
 
Top