├── .github └── FUNDING.yml ├── LICENSE └── README.md /.github/FUNDING.yml: -------------------------------------------------------------------------------- 1 | # These are supported funding model platforms 2 | 3 | github: Shlucus # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2] 4 | patreon: # Replace with a single Patreon username 5 | open_collective: # Replace with a single Open Collective username 6 | ko_fi: # Replace with a single Ko-fi username 7 | tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel 8 | community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry 9 | liberapay: # Replace with a single Liberapay username 10 | issuehunt: # Replace with a single IssueHunt username 11 | lfx_crowdfunding: # Replace with a single LFX Crowdfunding project-name e.g., cloud-foundry 12 | polar: # Replace with a single Polar username 13 | buy_me_a_coffee: # Replace with a single Buy Me a Coffee username 14 | thanks_dev: # Replace with a single thanks.dev username 15 | custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2'] 16 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2024 Lucas Lalumière 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | 2 |
3 |
4 | 5 | ![PwnPalVideo_Banner](https://github.com/Shlucus/ThePwnPal/assets/111912000/ceb6b3aa-dacb-4e9c-8449-2380e0ed763e) 6 | 7 |
8 |

9 | Creating a standalone and pocket-sized pentesting device for on-the-go ethical hacking procedures.

10 | 11 | Awesome 12 | Powered by Raspberry Pi 13 | Developed by Shlucus 14 | Hack the planet 15 | Version 1.1 16 | 17 | 18 |
19 | 20 | [!["Buy Me A Coffee"](https://www.buymeacoffee.com/assets/img/custom_images/orange_img.png)](https://buymeacoffee.com/Shlucus) 21 | 22 |
23 |

24 |
25 | 26 | 27 | 28 | 29 | ## 📚 Table of Contents: 30 | - [Overview](https://github.com/Shlucus/TheRaspberryPwn?tab=readme-ov-file#-overview) 31 | - [Features](https://github.com/Shlucus/TheRaspberryPwn?tab=readme-ov-file#-features) 32 | - [Components](https://github.com/Shlucus/TheRaspberryPwn?tab=readme-ov-file#-components) 33 | - [Guide](https://github.com/Shlucus/TheRaspberryPwn?tab=readme-ov-file#%EF%B8%8F-guide) 34 | 35 | ## 📝 Overview 36 | This project transforms a Raspberry Pi into a portable penetration testing device, combining the versatility of Kali Linux with the compact form factor of the Raspberry Pi. It enables security professionals and enthusiasts to tactically conduct mobile pentesting and ethical hacking activities on-the-go. Inspired by the [Pwnagotchi Project](https://pwnagotchi.ai/), my goal was to create my own pocket-sized pentesting or 'pwning' device but offering the same tools and capabilities of a complete linux desktop. Not only does it allow mobile pentesting, but also remote attacks thanks to Secure Shell (SSH) and it's small size, allowing you to easily plant the device in a target organization and monitor network traffic by running commands from anywhere in the world. 37 |
38 | 39 |
40 | PwnPal Pic 41 | PwnPal GIF 42 |
43 | 44 | ## ✨ Features 45 | - Raspberry Pi Integration: Utilizes the Raspberry Pi for its compact size and portability. 46 | - Standalone Power: Includes a battery with 5000mAh and output current of 3A, providing 8 - 10 hours of consistant power. 47 | - Integrated Display: Compact touchscreen display for improved user interface. 48 | - Extensive range: Supports both 2.4 Ghz and 5 Ghz bands with packet injection and monitor mode. 49 | - Mobile Accessibility: Conduct security assessments and penetration tests from a stealthy handheld device. 50 | - Kali Linux: Configured with Kali Linux tools for a comprehensive penetration testing environment. 51 | 52 | ## 🔧 Components 53 | 54 | | Component | Purchase Link | Image | 55 | |-------------------|-------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------| 56 | | Board | [Raspberry Pi 4 Model B (8GB)](https://www.amazon.ca/Raspberry-Pi-Model-Bluetooth-Enabled/dp/B09TTKT94J/ref=sr_1_11?keywords=Raspberry+pi+4&sr=8-11&ufe=app_do%3Aamzn1.fos.b06bdbbe-20fd-4ebc-88cf-fa04f1ca0da8) | Board | 57 | | Display | [Waveshare 3.5inch Touch Screen RPi LCD (C)](https://www.waveshare.com/3.5inch-rpi-lcd-c.htm) | Display (Top)Display (Bottom) | 58 | | Battery | [PiSugar S Plus](https://www.tindie.com/products/pisugar/pisugar-s-plus-battery-for-raspberry-pi-3b3b4b/) | Battery | 59 | | Network Adapter | [ALPHA AWUS036ACS](https://www.amazon.ca/ALFA-NETWORK-AWUS036ACS-Alfa-Adapter/dp/B0752CTSGD/ref=sr_1_2?keywords=ALPHA+AWUS036ACS&sr=8-2) | ALPHA Adapter | 60 | | Heatsink (optional) | [Aluminum Alloy Cooling Case by WEIYIXING](https://www.amazon.ca/dp/B0BBPPYV76?ref=ppx_yo2ov_dt_b_product_details&th=1) | Heatsink | 61 | 62 | 63 | ## 🗺️ Guide 64 | 65 | - Youtube video coming soon! 66 | 67 | ### Step 1: Flashing Kali Linux 68 | 69 | The first thing to do is flash the Kali Linux ARM image into your designated Micro SD. Any Imaging software can be used (I suggest the offical [Raspberry Pi Imager](https://www.raspberrypi.com/software/)). 70 | You can download the Kali Linux ARM image here -> [Kali Linux ARM](https://www.kali.org/get-kali/#kali-arm) 71 | 72 | Make sure you have: 73 | - a) Selected Raspberry Pi 4 as the Device. 74 | - b) Operating System > Use Custom > *Kali Linux ARM Image* 75 | - c) Grade 10 MicroSD with 16Gb or above. 76 | 77 |
78 | Board (Bottom) 79 |
80 | 81 | ### Step 2: Installing LCD Display 82 | 83 | Due to the Waveshare screen's simple design, installing it is as easy as plugging it's GPIO ports directly to the Pi's GPIO pins. If done correctly, the screen should rest on top of the the Pi's USB 2.0 and 3.0 USB ports. 84 | 85 | > [!TIP] 86 | > If using the Heatsink mentioned in the 'Components' section, the aluminum will interfere with the screen's own components on the underside. This will prevent the screen from sitting flush against the device. To fix this, you can either alter the heatsink directly by reducing its surface, or like I did, make supports on the corners of the screen between the heatsink with adhesive putty. (Ensures stability and keep the screen glued to the device) 87 | 88 |
89 | Board Side1 90 | Board Side2 91 | Board Angle 92 |
93 | Once the MicroSD is inserted and Screen is connected, you will notice powering ON the Pi that the screen will remain white (this is normal). We have yet to install the drivers for the Pi to communicate with it 94 | 95 | >[!NOTE] 96 | > The official Waveshare drivers for this screen will NOT work! They have a hard time working with 64Bit Kali OS. 97 | 98 | To do so (either through Secure Shell (SSH) or through HDMI), run the following on your Pi: 99 | - Make sure your Pi is connected to internet! 100 | 101 | ``` 102 | sudo rm -rf LCD-show-kali 103 | git clone https://github.com/lcdwiki/LCD-show-kali.git 104 | chmod -R 755 LCD-show-kali 105 | cd LCD-show-kali/ 106 | sudo ./LCD35-show 107 | ``` 108 | 109 | This should reboot your Pi and finally have the screen working! 110 | 111 | ### Step 3: Installing PiSugar Battery 112 | 113 | First, make sure to unplug the battery from the PiSugar (JST PH 2.0 connector) 114 | 115 | Then, take the four M2.5 screws provided from the PiSugar S Plus and screw it in from the Underside of the Pi like so: 116 | > [!NOTE] 117 | > If using Heatsink, use the case's/heatsink's M2.5 screws INSTEAD, since they are longer and will allow to screw in both the battery and Heatsink at the same time. 118 | 119 |
120 | Bottom 121 |
122 | 123 | The way this possible is thanks to the Pogo Pins on the PiSugar that allows access to the GPIO pins from the underside of the Pi! So make sure the pogo pins are properly in contact with the GPIO pins. 124 | 125 |
126 | Pogo Pins 127 |
128 | 129 | I strongly suggest watching this Youtube video for help with the installation -> [Pi Sugar S Plus Review](https://youtu.be/HUL5Ii0dD7E?si=tGOrOx8UDh8VqgeL) 130 | 131 | ### Step 4: Configuration 132 | 133 | TODO... 134 | 135 | --------------------------------------------------------------------------------