If your daily hacking has gotten boring and you need a new toy to experiment with, we've put together a list of gadgets that can take passwords cracking and hacking wireless data to the next level. If you yourself are not a white hat or pentester and have one, whether for a birthday, Christmas present or any other reason to give away, these are also suitable as a gift idea.
Some articles in this article may not be included to appeal to any penetration tester. As hackers, we each develop our own areas of expertise and interests.
Wi-Fi enthusiasts will appreciate the lower antenna, as it is able to capture keyboard input over the air, similar to WPA2 handshakes. Others interested in quadrocopters may value the drones for their ability to fly 1
. 1 Mousejacking Exploit Antenna
In 2016, Bastille, the security company made headlines when it reported investigations into wireless keyboard and mouse vulnerabilities. These "vulnerabilities" are called "mousehacking", so an attacker (up to 100 meters away) can take control of a target computer without requiring physical access. These attacks enable remote keystrokes by allowing penetration testers to anonymously pair their device with a target computer using common wireless keyboard adapters (see below).
This attack is possible because keyboard vendors (Logitech and Dell) do not encrypt the data transfer between the keyboard and the USB adapter Devices that communicate with the adapter do not properly authenticate. The vulnerabilities were discovered more than two years ago, but there are reported to be more than a billion affected devices worldwide as Logitech and Dell are extremely popular wireless keyboard manufacturers.
More information about this attack can be found on the official website of Bastille List of affected devices and technical details.
The "Crazyradio USB Dongle" used in these attacks is a bi-directional 2.4 GHz transceiver that can transmit and receive radio telemetry. In essence, this USB dongle is able to observe, record and inject wireless radio waves.
- Crazyradio USB Dongle – MSRP 44.99 (Amazon)
2. Password Cracking GPUs
A graphics processor (GPU) is a chip that is typically embedded in an internal graphics card that is attached to the motherboard of a computer. This graphics card is designed to efficiently process images and modify memory in smartphones, PCs, and game consoles. GPUs are responsible for all video and image rendering on our electronic devices.
Hackers are re-using GPU technologies and building dedicated "crack rigs" to improve hash-force attacks with Hashcat. This type of usage is demonstrated in Tokyoneon's article "Hack 200 Online User Accounts in Less Than Two Hours," in which he manipulated hundreds of Twitter, Facebook, and Reddit accounts by using a GPU to crack hashes were found in a leaked password database.  GeForce graphics cards are a great starting point for hackers considering building a dedicated brute-force machine. At only $ 189, the GeForce GTX 1050 Ti is a good starter GPU.
If you want to make cracking more serious, use the GTX 1080 Ti to develop a cluster of GPUs that you can use to multiply the power of brute-forcing powers. The GTX 1080 can crack tens of millions of hashes per second, so it may be a better investment. This model has been replaced by the RTX 2080 Ti, so you could do that if you can afford it.
- EVGA GeForce GTX 1080 Ti – $ 899.99 & until (Amazon)
3. The World's Smallest Laptops
The GPD Pocket was called the "smallest laptop in the world". This is an interesting option for white hats and pentesters that are always on the move. It has the Intel Atom X7, a resolution of 1920 x 1080 and 8GB of RAM in a small laptop that is just slightly larger than most modern smartphones (see below).
Pocket PCs are known for their small size, their physical keyboards, and their ability to handle High performance games work, and Intel CPUs that are superior to those found increasingly popular in raspberry pis and smartphones.
Pentesters can easily install a variety of Linux operating systems on this device, including Ubuntu, Kali Linux and BlackArch instead of the standard Windows 10.
If you're looking for something more powerful in a sleeker laptop, the latest GPD Pocket 2 offers better hardware specifications and is 50% thinner than its predecessor.
4. The Latest Raspberry Pi
The Raspberry Pi 3 Model B + was launched this year with a slightly faster CPU, upgraded Wi-Fi and Ethernet modules, and can be connected without the use of a standard AC adapter via the Ethernet port (with ) operate. PoE HAS).
Zero Byte has described how to build a hacking Raspberry Pi, access it remotely using VNC, and create a portable pentesting pi box, just to name a few tutorials. The use of a Raspberry Pi as a hacking tool was discussed in detail so that I can continue.
- Raspberry Pi 3 B + – RRP 35 $ (Amazon | Walmart)
- With Power Supply – RRP 47.95 $ (Amazon)  With Power Adapter and Case – RRP 54.99 $ (Amazon)
- With Power Adapter, Enclosure, 16GB SD Card etc. – RRP $ 74.95 (Amazon)
- With Power Adapter, Enclosure, 32GB SD Card etc. – MSRP $ 79.95 (Amazon)
- With power adapter , Enclosures, 32GB SD Card, Cables, etc. – MSRP $ 94.95 (Amazon)
. 5 The USB Armory
The USB Armory is a computer the size of a USB flash drive that offers a range of advanced security features. It is designed to support the development of multiple security software and applications while reducing power consumption. According to the developer's keynote at FSec 2016, the USB Armory can be used for:
- File storage with advanced features such as automatic encryption, virus scanning, host authentication, and self-destruction of data
- OpenSSH client and agent for untrusted hosts
- Router for End-to-End VPN Tunneling
- Password Manager with Embedded Web Server
- Electronic Wallet (eg Bitcoin Wallet)
- Authentication Token
- Portable Penetration Test Platform
- Low USB Security Tests
In addition, Ubuntu, Debian and Android operating systems are excellently supported. Get a detailed look at the USB arsenal on the official website and in the documentation.
6. VPS Subscriptions
A [Virtual Private Server (VPS)] is a computer that we can remotely control from any Internet-connected device in the world. Adding a trusted VPS subscription to your arsenal is essential for every penetration tester and professional security researcher. From a remote VPS, penetration testers can do the following:
Our favorite for white hats and pentesters is BulletShield, because registration or payment does not require personal information, offshore solutions, and a Tor-friendly website things are there For more information, see the complete guide to choosing the right VPN.
. 7 Hak5 Gear
The USB Rubber Ducky
The USB Rubber Ducky is a Hak5 USB push-button injection tool that can handle user data at over 1,000 words per minute. It can be used to hack a macOS device in less than 5 seconds, disable antivirus software, or someone who builds social engineering into the computer.
- USB Rubber Ducky – MSPR $ 44.99 (Hak5)
The Bash Bunny is a multifunction USB attack tool similar to the USB Rubber Ducky. However, the Bash Bunny is a full-featured Linux operating system that offers the USB Rubber Ducky a number of advantages, including: B. carrying multiple advanced payloads, emulating a combination of devices, and performing numerous advanced attacks. Penetration testers who need to take their physical attacks to the next level will appreciate this.
- Bash Bunny – MSRP $ 99.99 (Hak5)
The Pack Squirrel is a Pocket-sized man-in-the-middle attack tool designed for covert packet capture and secure remote access to destination networks. The connectors on this small network implant include USB and Ethernet.
- Packet Squirrel – MSRP 59.99 (Hak5)
The LAN Turtle is a covert penetration test tool that is great for gathering network information, advanced monitoring, and man-in-the-middle attacks, all available through a graphical shell. It is equipped with SIM (3G) functionalities and a modular framework that enables hackers to easily perform and automate advanced network attacks.
- LAN Turtle – MSRP 59.99 (Hak5)
The WiFi Pineapple and WiFi Pineapple Nano are excellent access points for rogues and Wi-Fi monitoring devices. Their suite of Wi-Fi audit tools is designed to make education, man-in-the-middle attacks and hacking wireless networks fast and painless. Best of all, all of these features are accessible from any phone or web browser through the easy-to-use graphical user interface.
- WiFi Pineapple Tetra Basic – RRP 199,99 $ (Hak5)
- WiFi Pineapple Nano – RRP 99,99 $ (Hak5)
- WiFi Pineapple Terta Tactical – RRP 299,99 $ (Hak5)
- WiFi Pineapple Nano Tactical – MSRP 129.99 USD (Hak5)