Hacker’s toolbox 2020. Pentesting devices you should have at hand

HackMag selected fifteen devices enabling you to pentest everything: from mechanisms to contactless cards. This list does not include trivial tools, like screwdrivers and soldering irons, because everybody chooses them individually. Hopefully, this toolkit would be useful in your penetration testing endeavors.

Raspberry Pi 4

Price: starting from $35
Official website

The latest models of Raspberry Pi minicomputers are equipped with ARM quad-core chips, feature 1, 2, or 4 GB of RAM onboard, communicate via Wi-Fi and Bluetooth, and have two micro HDMI ports and four USB slots. In fact, such devices can effectively replace a low-cost office desktop PCs; they are often used in media centers and home servers, as well as in zillions of other projects: from musical instruments to robots. Most importantly, Raspberry Pi can be used as a portable pentesting system. The manufacturer offers a broad range of ready-to-use cases, displays, batteries, and other accessories. No doubt, this minicomputer is a ‘must have’ for a true hacker. And just FYI: the compatibility problem with some USB-C chargers has been fixed in revision 1.2.


Proxmark 3

Price: € 00-300
Kickstarter page

Proxmark 3 is your best assistant in attacks targeting contactless cards. It is available in several modifications:

  1. RDV1 – an old version. It has nearly disappeared from the market by now and has no significant advantages.
  2. RDV2 – this version has a slot for an external antenna.
  3. RDV3 – the most popular (and cheap) model on the market. Made-in-China clones are also available; they support the same functions but often malfunction.
  4. RDV4 – the latest (and most expensive) Proxmark version that includes hardware and software for interaction with smart cards.

Proxmark 3 effectively replaces all similar devices in your toolbox; however, if you intend to deal only with Mifare cards, you may opt to use Chameleon Mini.


APImote

Price: $150
Official website

If you had ever dealt with smart homes, you are likely aware of the ZigBee protocol. It was created many years ago, but the assortment of ready-to-use network testing devices supporting it is still pretty scarce. Among them, the APImote board preflashed with KillerBee firmware is the top league. The device is sold on the market fully assembled, but specially for soldering fans, the developers have published the KiCad schemes on GitHub.


E-Mate X

Price: $100
Official website

This kit will be very useful for hackers frequently dealing with embedded systems and smartphones. It consists of 13 adapters connecting nonvolatile memory in BGA cases to various programmers and even to an SD input (which sometimes allows to read the memory without a programmer). The cost of such adapters sold individually may exceed the cost of E-Mate X by several times.


MagSpoof

Price: $60
Official website

Hackers dealing with magnetic cards are aware that readers for three-stripe cards supporting the write function are five times more expensive than readers unable to write data. The MagSpoof board was designed specially for this purpose: you can write on it data from the three magnetic strips and spoof them. The device effectively replaces a real card. Combined with a magnetic card reader, it allows to test the security of pass entry systems and payment systems.


O.MG cable

Price: $120
Official website

The world has learned about the O.MG cable from a presentation delivered by its creators at DEFCON 2019. The cable includes a fully featured Rubber Ducky with the Wi-Fi function and makes it possible to remotely enter commands on the connected device from a keyboard. Most importantly, O.MG is visually undistinguishable from a standard power cable. The available modifications include Type-C, micro-USB, and Lightning.


DSLogic

Price: $60-150
Official website

The primary function of logical analyzers is debugging digital schemes. DSLogic analyzers are among the best based on the price to quality ratio. Furthermore, unlike Saleae products, they support open-source projects, e.g. PulseView. Three DSLogic models are available on the official website: Plus, U3Pro16, and U3Pro3 DSLogic 2. If you like soldering, you may search for DSLogic Basic on AliExpress. This model is similar to DSLogic Plus except for a lower price and smaller memory size. Upgrading it would be an excellent challenge for your technical skills.


FaceDancer21

Price: $85
Official website

FaceDancer21 is a mandatory tool for a security specialist frequently dealing with payment terminals. The device supports the following functions:

  1. Emulate various USB devices. For instance, you can create a device with a certain ID to circumvent the list of permitted connected devices.
  2. Identify what device types are supported by a specific USB port. This feature is useful when you deal with ATMs and wireless chargers (e.g. if a port of a small computer is used as a wireless charger).
  3. Fuzzing. This function is handy when you search for 0day vulnerabilities in USB drivers.
  4. Communication via USB using a Python library.

Because this is an open-source project, the prices may vary depending on the manufacturer’s greed.


Yard Stick One

Price: $100
Official website

If you had ever tried to unblock your locked car by replicating the unblocking signal, you will duly appreciate this device. Yard Stick One wireless test tool sends and receives traffic at popular frequencies up to 1 GHz. Its distinctive feature is the CC1111 chip that demodulates and modulates the signal at the hardware level, which increases the reception and transmission quality. To use Yard Stick One, you have to download and install a free utility called RFCat.


NFC Kill

Price: $180/250
Official website

NFC Kill is a truly outstanding gadget. Its primary purpose is testing of contactless readers, while its additional functions allow to disable both readers and contactless cards. The tool supports three frequency ranges: Low Frequency (125-134 KHz), High Frequency (13.56 MHz), and Ultra High Frequency (850-930 MHz). NFC Kill is offered in two versions: Standard and Professional. The main difference between them is the possibility to perform tests without physical interaction with the device.


Bash Bunny

Price: $100
Official website

Most probably, you are familiar with Rubber Ducky, a device that emulates a keyboard and automatically enters malicious commands on the victim’s computer. Bash Bunny is a more sophisticated version of Rubber Ducky designed for HID attacks. In addition to the keyboard, it can emulate serial port devices, file storage devices, and USB-Ethernet adapters. Bash Bunny is perfectly suited for Red Team tests and allows to save money and space in your suitcase.


HydraBus

Price: €75
Official website

HydraBus is a fully functional replacement for the obsolete BusPirate board. Its main features include:

  • an advanced user interface for work with popular hardware interfaces (I2C, SPI, UART, 1-3-wire, and JTAG/SWD);
  • combined with PulseView, HydraBus can operate in the logical analyzer mode;
  • a special library written in Python simplifies the usage;
  • a MicroSD slot allows to save information during work.

The board costs €40-75. You may also consider purchasing a HydraNFC module (€110) to interact with contactless cards or the open-source HydraLINCAN board to work with the CAN bus.


OpticSpy

Price: $65-100
Official website

Blinking LEDs of some devices (e.g. routers) transmit valuable information, especially during the startup. Sometimes LEDs are connected to data transfer lines (e.g. TX pin of UART bus). The OpticSpy board was developed to retrieve information from this transmission channel without a soldering iron or expensive logical analyzer. All you have to do is install the Python library, connect OpticSpy to your PC via USB, and put its photodiode against the light source. A demo is available on YouTube.


Hunter Cat

Price: $35
Official website

Hunter Cat hit the market in 2019. The device was developed to detect banking and other skimmers. It is very easy-to-use: you insert Hunter Cat into the ATM, then remove it and look at the LED. If it glows green, no skimmers were found; otherwise, it is better not to use this ATM. Hunter Cat is slightly bigger than a standard bank card; its cost is some $35.


nRF52840 dongle

Price: $18
Official website

USB dongle nRF52840 supports plenty of functions, but two of them deserve special attention. First, you can reflash this device and get a fully functional Bluetooth Low Energy sniffer with a nice plugin for Wireshark. Second, you can use LOGITacker open-source project to transform the dongle into a testing tool for wireless computer peripherals: mouse, keyboard, etc. Its price starts from $18, but you can find cheaper made-in-China clones on AliExpress.



Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">