Man
Professional
- Messages
- 3,077
- Reaction score
- 614
- Points
- 113
Contents of the article
- The Best Hacker Gadgets
We have selected fifteen of the best hacker's devices that can be used to pentest anything from physical devices to contactless cards. We have not included more common tools like screwdrivers and soldering irons - they are easier to choose according to your taste. We hope you will find something interesting in our list of the best hacker's gadgets.
Official website
The latest Raspberry Pi mini-computers run on quad-core Arm chips, come with 1, 2, or 4 GB of RAM, support Wi-Fi and Bluetooth, and have two micro HDMI ports and four USB ports. They can almost replace an inexpensive office desktop, and are often used to create media centers and home servers, as well as in a variety of projects, from musical instruments to robots.
But we are interested in something else: Raspberry can become a portable system for pentests. And there are a great many ready-made cases, displays, batteries and other accessories for them. By the way, in revision 1.2 they solved the problem of compatibility with some USB-C chargers, keep that in mind.
Kickstarter page
One of the best assistants for carrying out attacks on contactless cards was and remains a hacker device called Proxmark3. It is available in several versions.
Official website
If you have ever encountered a smart home, you have probably heard of the ZigBee protocol. It has been around for many years, but there are not many ready-made devices for testing network security. Among them, we can highlight the APImote board, which works in conjunction with the killerbee framework. The device is supplied ready-made, but for those who like to solder, the developers have posted the KiCad schemes on GitHub.
Official website
The E-Mate X kit will be a useful gift for those who often work with embedded systems or smartphones. It consists of thirteen adapters from non-volatile memory chips in a BGA case to various programmers and even to an SD input (which allows in some cases to read memory without a programmer).
The cost of analogs with only one of the adapters can exceed the cost of E-Mate X by two times, or even more.
Official website
When working with magnetic cards, many people face the same problem: a three-striped card reader with recording capability sometimes costs five times more than the same reader without recording capability.
The MagSpoof board was developed for exactly such tasks. It can record data from three magnetic stripes and spoof them. Thus, the device replaces a real card. And in combination with a magnetic card reader, you will save half the money and get a full-fledged device for testing the security of a pass or payment system.
Official website
The O.MG hacker cable became famous mainly thanks to its developers' presentation at DEFCON 2019. This cable has a full-fledged Rubber Ducky with Wi-Fi, allowing you to remotely enter keyboard commands into the connected device. And the main advantage of O.MG is that its appearance is indistinguishable from a regular charging cable. There are several options: Type-C, micro-USB and Lightning.
Official website
A logic analyzer helps debug digital circuits. And the DSLogic series analyzers have proven themselves to be among the best in terms of price and quality. Moreover, unlike Saleae products, they support open source projects, such as PulseView.
There are three DSLogic models available on the official website: Plus, U3Pro16, and U3Pro32. And if you're into soldering, you can look for DSLogic Basic on AliExpress. This model is no different from DSLogic Plus, except for a lower price and memory capacity. By the way, there will be an additional challenge if you want to upgrade.
Official website
The FaceDancer21 hacking device is a must-have tool for a payment terminal tester. It can do the following things.
Official website
If you have ever tried to unlock your car by repeating the unlock signal, you might appreciate this device. Yard Stick One allows you to send and receive traffic on popular frequencies (up to 1 GHz). Its distinctive feature is the use of the CC1111 chip, which allows hardware demodulation or modulation of the signal, which improves the quality of reception and transmission. To work with Yard Stick, you will need to install the free utility RFCat .
Official website
Few people can be surprised by devices for testing contactless cards. But the hacker device NFC Kill will definitely interest you: first of all, it is designed for fuzz testing contactless reading systems. And additional functions allow you to disable both readers and contactless cards themselves.
The device operates at three frequencies: Low Frequency (125–134 kHz), High Frequency (13.56 MHz) and Ultra High Frequency (850–930 MHz). It comes in two versions: Standard and Professional. The difference between them is the ability to run tests without physical interaction with the device.
Official website
You're probably already familiar with the Rubber Ducky, a device that emulates a keyboard and automatically injects malicious commands into a victim's computer. The Bash Bunny is a more sophisticated version of the HID attack device.
In addition to the keyboard, it can emulate any serial port devices, file storage, and USB-to-Ethernet adapters. This device is perfect for Red Team testing and saves money and space in your travel kit.
Official website
HydraBus was originally developed as a full replacement for the outdated BusPirate board. Here is a list of the main advantages of HydraBus:
Official website
Devices like routers often transmit a lot of valuable information using blinking LEDs, especially when turned on. Sometimes these LEDs are connected to a data line, such as the TX pin of a UART bus.
To get information from this data channel without soldering and expensive logic analyzers, a board called OpticSpy was developed. To work, you need to install a Python library, connect OpticSpy to a computer via USB and bring its photodiode to a light source. You can see the hacker device in action on YouTube.
Official website
In 2019, an interesting hacker gadget appeared on the market — Hunter Cat. Although it is more for protection than for hacking and pentesting. It was developed to search for bank and other skimmers. Its essence is simple: insert it into the card reader, pull it out and look at the LED. If it glows green, then the skimmer is not detected, otherwise it is better not to use this ATM. The size of Hunter Cat is slightly larger than a bank card, and the cost is about $35.
Official website
And finally, the nRF52840 USB dongle. It has a lot of features, two of which are worth highlighting. Firstly, you can reflash it and get a full-fledged Bluetooth Low Energy sniffer with a nice plugin for Wireshark. Secondly, using the open source LOGITacker project, you can turn this dongle into a device for testing wireless computer peripherals: mice, keyboards, etc.
The device starts at $18, but you can find cheaper Chinese clones on AliExpress.
- The Best Hacker Gadgets
- Raspberry Pi 4
- Proxmark 3
- APImote
- E-Mate X
- MagSpoof
- O.MG cable
- DSLogic
- FaceDancer21
- Yard Stick One
- NFC Kill
- Bash Bunny
- HydraBus
- OpticSpy
- Hunter Cat
- nRF52840 dongle
We have selected fifteen of the best hacker's devices that can be used to pentest anything from physical devices to contactless cards. We have not included more common tools like screwdrivers and soldering irons - they are easier to choose according to your taste. We hope you will find something interesting in our list of the best hacker's gadgets.
The Best Hacker Gadgets
Raspberry Pi 4
Price: from 35 dollarsOfficial website
The latest Raspberry Pi mini-computers run on quad-core Arm chips, come with 1, 2, or 4 GB of RAM, support Wi-Fi and Bluetooth, and have two micro HDMI ports and four USB ports. They can almost replace an inexpensive office desktop, and are often used to create media centers and home servers, as well as in a variety of projects, from musical instruments to robots.
But we are interested in something else: Raspberry can become a portable system for pentests. And there are a great many ready-made cases, displays, batteries and other accessories for them. By the way, in revision 1.2 they solved the problem of compatibility with some USB-C chargers, keep that in mind.
Proxmark 3
Price: 100–300 eurosKickstarter page
One of the best assistants for carrying out attacks on contactless cards was and remains a hacker device called Proxmark3. It is available in several versions.
- RDV1 is an old version of the device, rarely found on the market and does not have any special advantages.
- RDV2 - the advantage of this version is the presence of a connector for an external antenna.
- RDV3 is the most popular (and cheapest) model on the market, there are Chinese clones available with the same features, but not always stable operation.
- RDV4 is the latest version of Proxmark, which also includes hardware and software for working with smart cards. The most expensive model on the list.
APImote
Price: $150Official website
If you have ever encountered a smart home, you have probably heard of the ZigBee protocol. It has been around for many years, but there are not many ready-made devices for testing network security. Among them, we can highlight the APImote board, which works in conjunction with the killerbee framework. The device is supplied ready-made, but for those who like to solder, the developers have posted the KiCad schemes on GitHub.
E-Mate X
Price: $100Official website
The E-Mate X kit will be a useful gift for those who often work with embedded systems or smartphones. It consists of thirteen adapters from non-volatile memory chips in a BGA case to various programmers and even to an SD input (which allows in some cases to read memory without a programmer).
The cost of analogs with only one of the adapters can exceed the cost of E-Mate X by two times, or even more.
MagSpoof
Price: $60Official website
When working with magnetic cards, many people face the same problem: a three-striped card reader with recording capability sometimes costs five times more than the same reader without recording capability.
The MagSpoof board was developed for exactly such tasks. It can record data from three magnetic stripes and spoof them. Thus, the device replaces a real card. And in combination with a magnetic card reader, you will save half the money and get a full-fledged device for testing the security of a pass or payment system.
O.MG cable
Price: $120Official website
The O.MG hacker cable became famous mainly thanks to its developers' presentation at DEFCON 2019. This cable has a full-fledged Rubber Ducky with Wi-Fi, allowing you to remotely enter keyboard commands into the connected device. And the main advantage of O.MG is that its appearance is indistinguishable from a regular charging cable. There are several options: Type-C, micro-USB and Lightning.
DSLogic
Price: $60-$150Official website
A logic analyzer helps debug digital circuits. And the DSLogic series analyzers have proven themselves to be among the best in terms of price and quality. Moreover, unlike Saleae products, they support open source projects, such as PulseView.
There are three DSLogic models available on the official website: Plus, U3Pro16, and U3Pro32. And if you're into soldering, you can look for DSLogic Basic on AliExpress. This model is no different from DSLogic Plus, except for a lower price and memory capacity. By the way, there will be an additional challenge if you want to upgrade.
FaceDancer21
Price: $85Official website
The FaceDancer21 hacking device is a must-have tool for a payment terminal tester. It can do the following things.
- Emulate different USB devices. For example, you can create a device with a specific ID and bypass the list of allowed connected devices.
- Determine what types of devices a USB port supports. Useful when working with ATMs and wireless chargers (if the wireless charger is a small computer port).
- Fuzzify: useful for finding 0day in USB drivers.
- Interact via USB using a Python library.
Yard Stick One
Price: $100Official website
If you have ever tried to unlock your car by repeating the unlock signal, you might appreciate this device. Yard Stick One allows you to send and receive traffic on popular frequencies (up to 1 GHz). Its distinctive feature is the use of the CC1111 chip, which allows hardware demodulation or modulation of the signal, which improves the quality of reception and transmission. To work with Yard Stick, you will need to install the free utility RFCat .
NFC Kill
Price: $180/$250Official website
Few people can be surprised by devices for testing contactless cards. But the hacker device NFC Kill will definitely interest you: first of all, it is designed for fuzz testing contactless reading systems. And additional functions allow you to disable both readers and contactless cards themselves.
The device operates at three frequencies: Low Frequency (125–134 kHz), High Frequency (13.56 MHz) and Ultra High Frequency (850–930 MHz). It comes in two versions: Standard and Professional. The difference between them is the ability to run tests without physical interaction with the device.
Bash Bunny
Price: $100Official website
You're probably already familiar with the Rubber Ducky, a device that emulates a keyboard and automatically injects malicious commands into a victim's computer. The Bash Bunny is a more sophisticated version of the HID attack device.
In addition to the keyboard, it can emulate any serial port devices, file storage, and USB-to-Ethernet adapters. This device is perfect for Red Team testing and saves money and space in your travel kit.
HydraBus
Price: 75 euroOfficial website
HydraBus was originally developed as a full replacement for the outdated BusPirate board. Here is a list of the main advantages of HydraBus:
- provides a full-fledged user interface for working with popular hardware interfaces (I2C, SPI, UART, 1–3-wire, JTAG/SWD);
- HydraBus can be used in conjunction with PulseView to operate in logic analyzer mode;
- There is a Python library which makes it easier to use;
- There is a MicroSD slot for saving information as you work.
OpticSpy
Price: $65-$100Official website
Devices like routers often transmit a lot of valuable information using blinking LEDs, especially when turned on. Sometimes these LEDs are connected to a data line, such as the TX pin of a UART bus.
To get information from this data channel without soldering and expensive logic analyzers, a board called OpticSpy was developed. To work, you need to install a Python library, connect OpticSpy to a computer via USB and bring its photodiode to a light source. You can see the hacker device in action on YouTube.
Hunter Cat
Price: $35Official website
In 2019, an interesting hacker gadget appeared on the market — Hunter Cat. Although it is more for protection than for hacking and pentesting. It was developed to search for bank and other skimmers. Its essence is simple: insert it into the card reader, pull it out and look at the LED. If it glows green, then the skimmer is not detected, otherwise it is better not to use this ATM. The size of Hunter Cat is slightly larger than a bank card, and the cost is about $35.
nRF52840 dongle
Price: $18Official website
And finally, the nRF52840 USB dongle. It has a lot of features, two of which are worth highlighting. Firstly, you can reflash it and get a full-fledged Bluetooth Low Energy sniffer with a nice plugin for Wireshark. Secondly, using the open source LOGITacker project, you can turn this dongle into a device for testing wireless computer peripherals: mice, keyboards, etc.
The device starts at $18, but you can find cheaper Chinese clones on AliExpress.
Conclusion
That's all for now. The next list of the best hacker gadgets will be next year!
Last edited:
