#
Wireless
#
Bluetooth
- bettercap - Swiss army knife for WiFi, Bluetooth, HID, and ethernet network.
- BLE Scanner 4.0 iOS Android - Scanner Utility for Bluetooth Low Energy, iBeacon and Eddystone devices.
- BLE-Beacon-Scanner - Scan for BLE Beacons (iBeacon and Eddystone)
- BLESuite - Python package that provides an easier way to test Bluetooth Low Energy (BLE) device.
- Bluefruit LE Sniffer - Passively capture data exchanges between two BLE devices, pushing the data into Wireshark, where you can visualize things on a packet level.
- Bluelog - Linux bluetooth scanner
- BlueScanner - Windows tool to locate bluetooth devices and get to know its features.
- BSS - Bluetooth Stack Smasher
- BTcrack - Bluetooth PIN and Link-key cracker.
- BtleJuice - BtleJuice Bluetooth Smart (LE) Man-in-the-Middle framework.
- Btmon - Arduino bluetooth monitoring tool.
- Btscanner - Scans for new devices and retrieves any information requested.
- Crackle - Crack and decrypt BLE encryption.
- Ellisys Bluetooth Explorer - All-In-One Wideband BR/EDR and Low Energy sniffer with concurrent capture of Wi-Fi 2x2 802.11 a/b/g/n, 2.4 GHz spectrum, HCI (USB, UART, SPI), WCI-2, logic signals, generic I2C/UART/SPI/SWD, and Audio I2S.
- hcitool - Bluetooth host controller CLI tool for sending HCI commands on MacOS and Linux.
- Sweyntooth - Captures a family of 18 vulnerabilities across different Bluetooth Low Energy (BLE) software development kits (SDKs) of six major system-on-a-chip (SoC) vendors.
#
Cellular
- Crocodile Hunter - A tool to hunt fake eNodeBs, also known commonly as hailstorm, stingray, cell site simulators, or IMSI catchers.
- Kalibrate - Scan for GSM base stations in a given frequency band and can use those GSM base stations to calculate the local oscillator frequency offset.
#
DECT
- gr-dect2 - Real-time DECT voice channel decoding by Gnuradio. It allows to listen to a voice when encryption isn't applied.
- re-DECTed - Tools for playing with DECT.
#
Hardware
- HackRF One - HackRF One is a Software Defined Radio capable of transmission or reception of radio signals from 1 MHz to 6 GHz.
- MultiBlue Dongle - Can be connected to another computer via a USB port and control the victims computer via bluetooth.
- Pluggable BT Dongle - Survey on nearby bluetooth devices enumerate the services and even send simple data packet to them.
- Ubertooth One - Ubertooth One is an open source 2.4 GHz wireless development platform suitable for Bluetooth experimentation.
- Wi-fi Pineapple - Automate WiFi auditing with all new campaigns and get actionable results from vulnerability assessment reports.
#
NFC
- ACR122U USB NFC Reader - Contactless smart card reader/writer developed based on 13.56 MHz Contactless (RFID) Technology
- Keysy - Backup up to four RFID access credentials into a small keyfob form factor.
- libnfc - Platform independent Near Field Communication (NFC) library.
- MFCUK - MiFare Classic Universal toolKit.
- MFOC - Mifare Classic Offline Cracker.
- NFCGate - Android application meant to capture, analyze, or modify NFC traffic.
- NFC Smart Card Info - Android App. Shows Java Card applet installed on a contact-less Smart Card and tag info.
- NFC Tag Cloner - Android App. Clone NFC tags to another tag or to your phone
- NFC TagInfo - Android App. The “Swiss Army knife” for NFC! Value checker, content viewer and analysis tool.
- pcscd - PC/SC Smart Card Daemon. A resource manager that coordinates communications with smart card readers and smart cards and cryptographic tokens that are connected to the system.
#
RFID
- ICopyX - Hardware to rapidly and easily clone RFID tags like an expert.
- Proxmark - RFID swiss-army tool, allowing for both high and low level interactions with the vast majority of RFID tags and systems world-wide
- RFIDOt - Python RFID / NFC library & tools.
- Wiegotcha - Long Range RFID Thief.
#
SDR
- Airspy - State of the art SDR hardware for HF and VHF.
- bladeRF Micro 20.0 - Next-generation 2x2 MIMO, 47MHz to 6GHz frequency range, off-the-shelf USB 3.0 Software Defined Radio (SDR)
- gqrx - Software defined radio receiver powered by GNU Radio and Qt.
- gr-fosphor - GNURadio block for spectrum visualization using GPU.
- inspectrum - Analysing captured signals, primarily from software-defined radio receivers.
- LimeSDR - A low cost, open source, apps-enabled (more on that later) software defined radio (SDR) platform that can be used to support just about any type of wireless communication standard.
- Multimon-NG - Successor of multimon. Decodes various digital transmission modes.
- rtl_fm - Set of scripts that acts as a wrapper for rtl_fm and a few helper scripts for making listening to radio signals with SDR easy.
- USRP B210 - A fully integrated, single-board, Universal Software Radio Peripheral (USRP™) platform with continuous frequency coverage from 70 MHz – 6 GHz.
#
Wi-Fi
- AirCheck G3 Pro - Hardware-enabled site survey solution for Wi-Fi 6/6E networks.
- Aircrack-NG - A complete suite of tools assess WiFi network security.
- Airpwn - Packet injection for wifi; simplified.
- Airstrike - Automatically grab and crack WPA-2 handshakes with distributed client-server architecture.
- Alfa Card - The Atheros chipset supports all 6 WiFi modes. Best success rate of various injection attacks using this Wi-Fi adaptor.
- AWSY - Are.We.Secure.Yet Framework aims to test the wifi security of a location, attempting to locate individual devices.
- Beacongraph - Graph visualization of wireless client and access point relationships.
- bettercap - Swiss army knife for WiFi, Bluetooth, HID, and ethernet network.
- Chanalyzer - A powerful dual-band spectrum analyzer that measures Wi-Fi and non-Wi-Fi activity in both the 2.4 GHz and 5 GHz bands.
- coWPAtty - WPA2-PSK Cracking
- cpscam - Bypass captive portals by impersonating inactive users.
- dBmonster - Track WiFi Devices With Their Recieved Signal Strength.
- Ekahau HeatMapper - Perform wireless network analysis, optimization, and simulation with high-definition visual Wi-Fi heatmaps that take the guesswork out of network coverage and performance.
- FruityWiFi - FruityWiFi is a wireless network auditing tool.
- Giskismet - Wireless recon visualization tool.
- iSniff-GPS - Passive sniffing tool for capturing and visualising WiFi location data disclosed by iOS devices.
- inSSIDer - Helps to remove that frustration by showing you exactly how your network is configured, how neighboring Wi-Fi networks are impacting yours, and gives suggestions for fast, secure Wi-Fi.
- Kismapping - A WiFi heatmapping tool which consumes Kismet output and produces a heatmap.
- Kismet - A sniffer, WIDS, and wardriving tool for Wi-Fi, Bluetooth, Zigbee, RF, and more.
- KRACK - Scripts to test if clients or access points (APs) are affected by the KRACK attack against WPA2.
- Kr00k - Allows to decrypt some WPA2 CCMP data in vulnerable devices (Access Point or Clients).
- MDK4 - MDK is a proof-of-concept tool to exploit common IEEE 802.11 protocol weaknesses.
- Netsh - CLI utility that allows you to display or modify the network configuration of a computer that is currently running.
- PixieWPS - An offline Wi-Fi Protected Setup brute-force utility.
- Reaver - Brute force attack against Wi-Fi Protected Setups (WPS)
- r00kie-kr00kie - This is a PoC exploit for the CVE-2019-15126 kr00k vulnerability.
- SniffAir - Wireless security framework which provides the ability to easily parse passively collected wireless data as well as launch sophisticated wireless attacks.
- tonic - Provides a reliable process for troubleshooting Wi-Fi devices (endpoints) on-site.
- Wifi Analyzer - Turns your android phone into a Wi-Fi analyzer! Shows the Wi-Fi channels around you.
- Wifiphisher - The Rogue Access Point Framework
- Wifite2 - Rewrite of the popular wireless network auditor, wifite.
- WiGLE - All the networks. Found by Everyone. Wi-fi wardrving database.
- WirelessKeyView - Recovers all wireless network security keys/passwords (WEP/WPA) stored in your computer.
#
Zigbee
- Killerbee - IEEE 802.15.4/ZigBee Security Research Toolkit
#
Z-Wave
- Killerzee - Tools for Attacking and Evaluating Z-Wave Networks