Flipper Zero: a pen-testing tool for learning about Wi-Fi hacking with a kitty cat, or keyless entry locks
I am in the camp that learning about hacking should be fun, as long as it’s enjoyable. The modern world attempts to hide how these things work, turning it into a huge disappointment. It can be difficult to learn more about networking and wi-fi.
Like the DSTIKE watch, the WiFi Nugget is based on an ESP8266 microcontroller, making it a fun, affordable tool for learning the ins and outs of Wi-Fi hacking. It is not, however, particularly powerful, which is fine! Many newer Routers have features that protect against deauth attacks, even if they only have 2.4 GHz wi-fi. You can cause a lot of trouble, especially to older networks and devices.
Absolutely. Like the DSTIKE watch, the WiFi Nugget is very intuitive and friendly for new users. It costs less than $100, and if you don’t like the firmware it’s running, flashing a new binary is easy with the ESPTool web interface. It is a big selling point because it is a kitty cat.
Across the US, there are countless buildings that are protected by locks that are powered by Radio Frequency Identification. On a recent trip to my office, I passed nearly 20 of these keyless entry systems, which are among the most pervasive in the world. A device with a similar interface can likely be used to prevent the locks from being on these doors.
The $200 device is called Flipper Zero, and it’s a portable pen-testing tool designed for hackers of all levels of technical expertise. The small tool is concealed and can be used to intercept and replay signals from a variety of electronic devices that communicate in short ranges. For example, in just seconds, I used the Flipper Zero to seamlessly clone the signal of an office RFID badge tucked safely inside my wallet.
In reviews, people like to compare FLIPPER ZERO to a Swiss Army knife. But in my week testing Flipper Zero, it felt more like a blacklight—something I could literally hold up to a device that would reveal information, invisible to the human eye, about how it worked, what data it was emitting, and how often it was doing so.
When I told Alex Kulagin, one of Flipper Zero’s co-creators, about my experiences using his tool to make these kinds of mundane observations, he explained that this is exactly what the device is meant for. He says that they want to help them understand something, explore how it works, and also explore the wireless world that is difficult to understand.
Kulagin and his business partner, Pavel Zhovner, first came up with the idea for Flipper Zero in 2019. Since then, their company has sold 150,000 devices and they’ve grown their team to nearly 50 people. They have encountered some resistance as they have grown. In August and September, payments of more than one million dollars were held up, and a shipment of devices was seized. According to Kulagin, CBP released the shipment after a month but has yet to tell the company why it held the shipment. The seized Flipper Zeros were not commented on by the CBP.