🔧 Hardware Hacking Tools

Hardware Hacking Tools! 🚀 lists various tools used in hardware hacking, categorized by attack methods. Whether you're a security researcher, penetration tester, or just curious about hardware security, this repo is for you! 🔍💻

---

Firmware Analysis & Extraction 🖥️

🛠️ JTAG/SWD Debugging

• JTAGulator – Identifies JTAG pinouts on embedded devices.
• OpenOCD – Open-source debugging and programming tool for embedded devices.
• UrJTAG – Universal JTAG library supporting multiple devices.
• Segger J-Link – A commercial JTAG/SWD debugger with high-speed debugging.
• Xilinx Platform Cable USB II – Used for debugging and programming Xilinx devices.
• STM32 ST-Link – Debugging and flashing STM32 microcontrollers.
• Black Magic Probe – Open-source JTAG debugger supporting SWD.

🔌 UART/SPI/I2C Debugging

• Bus Pirate – Universal interface for SPI, I2C, and UART debugging.
• Logic Analyzers – Capture and analyze signals (Saleae, Sigrok, etc.).
• FTDI Adapters – Convert USB to UART/SPI/I2C for debugging.
• Beagle I2C/SPI Protocol Analyzer – Monitors I2C and SPI traffic.
• TI MSP-FET – Debugger for MSP430 microcontrollers.

📥 Firmware Dumping

• CH341A Programmer – Reads and writes SPI flash chips.
• Flashrom – Open-source tool for reading, writing, and erasing firmware.
• Dediprog SF100 – High-speed SPI Flash programmer.
• Shikra – Debug and communicate with UART, JTAG, and SPI devices.
• RT809H – Universal programmer for dumping firmware from EEPROMs.
• Teensy – Custom DIY method for SPI flash dumping.

📂 Reverse Engineering Firmware

• Ghidra – NSA’s open-source reverse engineering framework.
• IDA Pro – Industry-standard tool for disassembling firmware binaries.
• Binwalk – Extracts and analyzes firmware images.
• Firmware-Mod-Kit – Extracts and modifies firmware.
• Unblob – Extracts and analyzes binary blobs.
• GDB (GNU Debugger) – Debugging firmware in real-time.
• Radare2 – Open-source framework for binary analysis.
• Capstone – Disassembly framework for analyzing instruction sets.
• Angr – Python-based binary analysis tool.
• Cutter – GUI-based alternative to Radare2 for reverse engineering.

---

🔨 Physical Attacks Toolkit

🛠️ Side-Channel Attacks & Fault Injection

• ChipWhisperer – Open-source side-channel analysis and fault injection tool.
• ChipSHOUTER – Advanced electromagnetic fault injection (EMFI) tool.
• GlitchKit – Tool for voltage glitching on embedded devices.
• Raspberry Pi Pico + PicoEMP – DIY EM fault injection tool.
• OpenQASM – Side-channel vulnerability analysis tool for quantum computing.
• Riscure Inspector – Commercial side-channel analysis tool.

🔥 Voltage & Clock Glitching

• GlitchKit – Software/hardware glitching toolkit.
• ChipWhisperer-Lite – Hardware fault injection tool for glitching.
• Proxmark3 – RFID/NFC analysis and glitching attacks.
• HackRF One – SDR for RF glitching.

🔩 Hardware Debugging & Tampering

• JTAGulator – Finds JTAG pinouts for debugging.
• Shikra – Works with JTAG, UART, and SPI.
• Bus Pirate – Multi-protocol debugging interface.
• GoodFET – Open-source JTAG debugging tool.
• OpenOCD – Open-source JTAG/SWD debugging tool.
• Black Magic Probe – Open-source debugging tool.

🏴‍☠️ Chip Decapping & Microprobing

• Chemical Decapping Kits – Removes IC protective layers.
• FIB (Focused Ion Beam) Tools – Modifies IC internals.
• Probe Stations – Allows direct electrical contact with microchips.

📡 RFID/NFC Cloning & Attacks

• Proxmark3 – RFID/NFC cloning and hacking device.
• ChameleonMini – Open-source NFC emulation tool.
• Flipper Zero – Multi-tool for RFID, NFC, and other hardware hacking.
• MFCUK – Cracks Mifare Classic RFID cards.
• MFOC – Dumps and cracks Mifare Classic keys.

🧲 Electromagnetic Attacks & TEMPEST

• TempestSDR – Reads screen emissions via radio signals.
• Van Eck Phreaking Kits – Exploits electromagnetic leaks.
• USBKill – Physically destroys hardware via high-voltage USB.

---

Wireless & Radio Hacking Tools

📡 Wi-Fi Hacking Tools

• Aircrack-ng – Suite for Wi-Fi penetration testing.
• Wifite – Automated Wi-Fi cracking tool.
• Fern Wi-Fi Cracker – GUI tool for Wi-Fi auditing.
• Reaver – WPS attack tool.
• PixieWPS – Offline WPS attack tool.
• Bettercap – Powerful network attack tool, including Wi-Fi attacks.
• MDK3 – Wi-Fi testing and deauthentication tool.
• Kismet – Wireless network detection and monitoring.
• Wigle.net – Database for mapping Wi-Fi networks.

📶 Bluetooth & BLE Hacking

• Blue Hydra – Bluetooth device scanner.
• Bluesniff – Bluetooth packet sniffer.
• BtleJack – Bluetooth Low Energy hijacking tool.
• BLE CTF – Bluetooth attack training tool.
• Bleah – Bluetooth hacking framework.
• BlueRanger – Detect Bluetooth device distances.
• Ubertooth One – Open-source Bluetooth monitoring tool.

📻 Software-Defined Radio (SDR) Hacking

• GNU Radio – Signal processing toolkit for SDR.
• HackRF One – Software-defined radio device for hacking.
• RTL-SDR – Cheap USB SDR receiver.
• SDR# (SDRSharp) – Popular SDR software.
• GQRX – Open-source SDR software.
• BladeRF – USB 3.0 SDR device for signal analysis.
• Red Pitaya – SDR and signal processing platform.
• OsmoSDR – Open-source SDR framework.
• RFExplorer – Portable RF spectrum analyzer.
• GR-GSM – GSM signal analysis tool.

📡 RFID/NFC Hacking

• Proxmark3 – RFID/NFC research tool.
• ChameleonMini – RFID emulator and cloning device.
• Flipper Zero – Multi-tool for wireless attacks, RFID cloning, and more.
• MFCUK – Tool for MIFARE Classic card attacks.
• MFOC – MIFARE Classic offline cracking tool.
• NFC Tools – Mobile app for NFC analysis.
• RFIDler – Software-defined RFID tool.
• Libnfc – Library for NFC communication.
• ICopy-X – RFID cloning and hacking device.

📞 GSM & Mobile Network Hacking

• OsmocomBB – Open-source GSM baseband software.
• OpenBTS – Build your own GSM network.
• IMSI Catcher – Detect IMSI catchers and rogue cell towers.
• Stingray Detector – Mobile IMSI catcher detection.
• SIMtrace – Intercept SIM card communication.

---

🔬 Chip-Level Attack Tools

🏴‍☠️ 1. Chip Decapping & Microscopy

• Razor Blade & Nitric Acid – Basic method for removing chip packaging.
• FIB (Focused Ion Beam) – High-end method for modifying IC structures.
• Delayering Kits – Chemical solutions for peeling off IC layers.
• Optical Microscopes – Inspecting chips post-decapping.
• Scanning Electron Microscope (SEM) – Advanced chip imaging.

⚡ 2. Fault Injection & Glitching

• ChipWhisperer – Side-channel analysis and fault injection tool.
• ChipSHOUTER – Electromagnetic fault injection (EMFI).
• GlitchKit – Glitching framework for embedded systems.
• VoltageGlitcher – Fault injection via voltage control.
• SPIDriver – SPI communication and glitching.

🔑 3. Power Analysis & Side-Channel Attacks

• ChipWhisperer-Nano – Low-cost power analysis tool.
• Riscure Inspector – Commercial side-channel attack framework.
• OpenADC – ADC-based power analysis module.
• EM Probe – Captures electromagnetic signals from chips.
• Kocher’s DPA Toolkit – Differential Power Analysis (DPA) framework.

🛡 4. Secure Chip Extraction & Key Recovery

• Glitching AES Chips – Bypassing AES protection via fault injection.
• Voltage EMIF Fault Injection – Extracting keys via voltage spikes.
• X-Ray Chip Inspection – Identifying hidden security fuses.
• Laser Fault Injection – Disrupting chip execution to leak data.

📥 5. Firmware & ROM Dumping

• JTAGulator – Identifying JTAG pinouts on unknown chips.
• Flashrom – Dumping flash memory from ICs.
• Bus Pirate – Dumping firmware from SPI/I2C/UART chips.
• Dediprog SF100 – High-speed SPI Flash programmer.
• EEPROM Dumper – Extracting EEPROM contents.

---

🔌 USB & Peripheral Attack Tools

🏴‍☠️ 1. USB Exploitation & HID Attacks

• Rubber Ducky – HID-based keystroke injection tool.
• Bash Bunny – Advanced automation & attack payloads.
• OMG Cable – Malicious USB cable for remote access.
• Evil Crow Cable – Open-source keystroke injection.
• Cactus WHID – USB HID injection with WiFi.
• PHUKD/URFUKED – HID-based payload execution.

💾 2. USB Data Extraction & Exfiltration

• USBHarpoon – Data exfiltration via USB.
• USaBUSe – Automated USB data theft.
• USBExfil – Auto-copy data from plugged-in devices.

🎭 3. USB Impersonation & Spoofing

• P4wnP1 A.L.O.A. – USB attack framework (HID, WiFi, storage).
• USBProxy – Man-in-the-Middle (MitM) for USB devices.
• USBDriveBy – USB device emulation for bypassing security.
• BadUSB – Create malicious USB payloads.

📡 4. USB Network Attacks

• LAN Turtle – USB network implant for remote access.
• Packet Squirrel – USB network sniffing and payload execution.
• WiFi Pineapple – Rogue WiFi access point for network MITM.

🔥 5. USB Firmware & Debugging Exploits

• USBKill – Automatically disable a system when a USB device is removed.
• USBlyzer – USB protocol analyzer for debugging.
• USBGuard – Policy-based USB protection.
• FaceDancer – USB attack framework for fuzzing & reversing.
• GreatFET One – USB debugging and analysis tool.

---

🛠 Hardware Modification & Implantation

🏴‍☠️ 1. Hardware Backdoor Implants

• NSA COTTONMOUTH – USB implant for covert data exfiltration.
• NSA IRONCHEF – Malicious BIOS/firmware modification for persistence.
• NSA DEITYBOUNCE – BIOS-level malware for remote access.
• BadUSB – USB firmware modification for keystroke injection.
• USBNinja – Wireless USB payload injector for remote attacks.
• OMG Cable – Malicious USB cable for payload execution.

🎛 2. BIOS & Firmware Modification

• Flashrom – Reads, writes, erases, and verifies BIOS firmware.
• UEFI Tool – Analyzes and modifies UEFI firmware.
• CH341A Programmer – USB flash programmer for BIOS modifications.
• Bus Pirate – SPI/I2C interface for firmware modifications.
• Dediprog SF100 – SPI flash programmer for BIOS recovery.
• Intel ME Cleaner – Disables Intel Management Engine.

🔌 3. Hardware Keyloggers & Data Interceptors

• KeyGrabber – Hardware keylogger that records keystrokes invisibly.
• WiFi Keylogger – Wirelessly transmits keystroke logs over WiFi.
• USB Keylogger – Plug-and-play keylogger for USB keyboards.
• LAN Tap – Passive network traffic sniffer.
• PS/2 Hardware Keylogger – Keystroke logger for older PS/2 keyboards.

🔩 4. Covert Implants & Surveillance Devices

• PwnPlug – Covert network implant disguised as a power adapter.
• Pwnagotchi – AI-driven WiFi hacking device.
• HackRF One – Wireless SDR for sniffing and modifying radio signals.
• Flipper Zero – Multi-functional hacking device for RFID/NFC access.
• NSA RAGEMASTER – Covert RF implant that transmits monitor data remotely.
• WiFi Pineapple – Wireless network penetration testing device.

⚡ 5. Peripheral Device Hijacking

• USB Rubber Ducky – Keystroke injection tool disguised as a USB drive.
• MalDuino – Open-source BadUSB keystroke injection tool.
• ESPloitV2 – ESP8266-based WiFi HID attack device.
• MouseJack – Exploits vulnerabilities in wireless mice.
• AirDrive Forensic Keylogger – Wireless keylogger with real-time keystroke transmission.

🔬 6. Chip-Level Hardware Trojans

• ChipWhisperer – Power analysis and fault injection tool.
• ChipSHOUTER – Electromagnetic fault injection for security bypassing.
• JTAGulator – Identifies JTAG interfaces on unknown chips.
• GlitchKit – Firmware glitching and fault injection framework.
• X-Ray Chip Inspection – Scans chips for hidden implants and modifications.

---

⚡ Power & Battery Attack Tools

🔋 1. Power Analysis & Side-Channel Attacks

• ChipWhisperer – Side-channel power analysis and fault injection.
• Riscure Inspector – Commercial tool for Differential Power Analysis (DPA).
• OpenADC – Analog-to-digital converter for power monitoring.
• Kocher’s DPA Toolkit – Used for differential power analysis.
• Langer EM Probe – Captures electromagnetic emissions from chips.

⚡ 2. Voltage Fault Injection & Glitching

• ChipSHOUTER – Electromagnetic fault injection (EMFI).
• VoltageGlitcher – Injects voltage glitches to bypass security.
• GlitchKit – Framework for hardware glitching.
• SPIDriver – SPI-based power glitching tool.
• EMFI Kit – Voltage and electromagnetic fault injection toolkit.

🔌 3. Power Consumption & Tampering Attacks

• USBKill – Kills power to devices via USB ports.
• Proxmark3 – RFID power analysis tool.
• Flipper Zero – Multi-functional device for power manipulation.
• Lab Power Supplies – Precision voltage control for attacks.
• Raspberry Pi Pico – Can be used for power analysis and manipulation.

🔥 4. Battery-Based Attacks

• Supercapacitor Surge – Disrupts devices with sudden power bursts.
• Battery Spoofing – Modifies power reports to bypass security.
• DC Power Attack – Manipulates voltage to damage components.
• Inductive Coupling – Extracts data through power fluctuations.
• Battery Overload – Overcharges or overheats batteries for attack vectors.

---

🏴‍☠️ Supply Chain Attack Tools

🔩 1. Hardware Supply Chain Attacks

• NSA Cottonmouth – Covert USB implant with espionage capabilities.
• NSA IRATEMONK – Hard drive firmware injection.
• NSA JETPLOW – Persistent backdoors in Cisco devices.
• NSA SURLYSPAWN – Secure chip manipulation.
• NSA FEEDTHROUGH – BIOS-level malware persistence.

🔗 2. Firmware & BIOS Manipulation

• UEFI Implant – UEFI firmware analysis and modification.
• Thunderstrike – Exploiting MacBook boot ROM.
• BIOS Implant Tools – BIOS dumping and modification.
• Coreboot – Open-source firmware alternative.
• Heads – Secure boot with tamper detection.

🎭 3. Software Supply Chain Attacks

• Poisoned Dependencies – Detecting malicious npm/PyPI packages.
• Typosquatting Malware – Identifying typo-based dependency attacks.
• Dependency Confusion Attack – Checking for dependency confusion vulnerabilities.
• BadUSB Firmware – Exploiting firmware on USB devices.
• Firmware Patching – Extract and modify firmware images.

🏗 4. Hardware Implantation

• Rogue Raspberry Pi – Concealed MITM attack device.
• Malicious USB Keylogger – USB-based keystroke logging.
• Trojanned ICs – Compromised microchips.
• Intercepted Shipment Attacks – Tampering with hardware in transit.

🛡 5. Detection & Prevention

• SigMF – Spectrum analysis to detect implants.
• Osquery – Querying firmware for anomalies.
• YARA Rules – Malware detection in software supply chains.
• Binwalk – Firmware backdoor analysis.
• Firmware Integrity Checker – Comparing firmware to clean versions.