Pi Zero W, Micro USB Cable, and USB Power Bank

Resources

To complete this project you will need a Raspberry Pi Zero W, a micro SD Card (I used a 32 GB Samsung EVO Select), a case, a micro USB cable (a sturdy one is preferable), and optionally a USB battery bank. You will also need a computer to configure the SD Card and Pi, and a mobile phone with Bluetooth to control the Pi if you’re going to be mobile. The power requirements of the Pi Zero are not significant so a small battery bank is adequate; mine is marked 5000mAh but I’m sure it’s closer to 3000.


You can configure PiHole many ways, this guide focuses on privacy and performance.

Can you guess which is the PiHole?

Requirements

PiHole is a popular DNS level ad block that can also protect against tracking and telemetry. It’s fairly light weight, so any Raspberry Pi with an Ethernet port will support it. I would not recommend a Pi Zero. A Raspberry Pi 3B+ is more than sufficient to run PiHole. You’ll also need a Micro SD Card; I’d recommend 16 GB, but 8 GB is enough to install PiHole. I’d recommend a case and power supply as well. You’ll also need an Ethernet cable and a computer to…


Another Pi Zero W Hacking Gadget for Physical Penetration Testing

Why wouldn’t you want to plug a small computer into a bigger computer?

Requirements

This project requires a Raspberry Pi Zero W, a USB-A Addon Board, and a Micro SD Card. You’ll also need a computer to configure the SD Card and Pi. This is not an expensive project, total cost is around $35 depending on where you acquire your parts.

Why Would You Want To Do This?

The idea of pulling credentials from a locked computer isn’t new. There are commercial products that can do this like the USB Armory and the LAN Turtle. They do, however, cost quite a…


Fun and adventure with the $10 Raspberry Pi

My “Go bag” with a Pi Zero, USB cable, and USB battery bank.

Why Are We Revisiting This?

The Raspberry Pi Zero is very flexible and can provide a lot of capabilities for the low end of the Raspberry Pi range. We’re going to look at adding more capabilities and what you actually get with them. This isn’t a “how to” guide for WiFi penetration testing, but we will look at those capabilities, and how to appropriately leverage the Pi Zero in different scenarios.

Requirements and Setup

To get the most out of this setup, you’ll need a Raspberry Pi Zero W ($10 at…


Using Prometheus and Grafana to visualize your environment

Everyone loves dashboards

Why Would You Do This?

If you have a few Raspberry Pis doing this and that, having a centralized location to monitor them is a nice thing to have. I have a Pihole and Jellyfin, as well as a file server and a utility server that I run a Ngnix reverse proxy and VPN on. The utility server was pretty under utilized, so I decided to have it run monitoring for my servers as well check and store my internet speed. …


Tor is under attack, and it affects all users

The Issue with Exit Relays

A significant portion of Tor exit relays have been observed performing malicious activities on traffic. This is primarily in the form of MITM proxy attacks. nusenu has written several articles about malicious exit relays on Tor, I highly recommend you follow him and read his work. His latest story contends that over 25% of the Tor network’s exit capacity has been attacking Tor users. This is bad news for Tor, but there are countermeasures that can be taken.

Protecting Yourself

HTTPS-Only Browser Mode

The easiest step is to always use HTTPS. This reduces the possibility of traffic being successfully MITM’d. HTTPS-Only Browser Mode may be…


A plug-in USB Ethernet gadget that routes all your traffic over Tor

Raspberry Pi Zero W with Zero Dongle

Why Would You Do This?

Because the Pi Zero W can be used as an Ethernet gadget, using Tor and iptables you can create a device that acts as a Tor modem. All traffic routing though the adaptor will route through the Tor network. This is a very convenient and fun way to use Tor; instead of isolating Tor traffic to the Tor browser, all traffic from your system will be routing over Tor. I have written guides for creating access points that route traffic over Tor, and creating a Tor proxy, but because the Pi Zero W can be USB powered, I thought this…


Improving the tool, looking deeper into the exploit, and defending against it.

Back in black

Making the Tool Better

The thing I hated the most about the original password thief was how it looked. Compared to commercial products, it was amateurish and obviously nefarious. Jill Bryant said on Linux Weekly Daily Wednesday, “If you spray paint the clear acrylic black or darkish gray, that will basically make it go unnoticed in most office environments.” So that’s what I did. I painted the inside flat black with Krylon Fusion, and the results were great.

Beyond cosmetic enhancements, running this tool headless is challenging. I wanted to leverage the LED to…


Because cron and unattended-upgrades don’t work

WSL is a Great Tool for the Windows Development Environment

The Windows Subsystem for Linux lets developers run a GNU/Linux environment — including most command-line tools, utilities, and applications — directly on Windows, unmodified, without the overhead of a traditional virtual machine or dualboot setup.

I’m a big fan of WSL and Windows Terminal. I have direct access to a Linux shell from my Windows desktop, allowing me to utilize the dev and system tools of Linux without messing with a VM. But sometimes it just simple things. …


I’m leaving the house more and I want to bring my music with me, without ads or tracking.

Jellyfin has provided me with a good replacement for music streaming services

Why do this?

I actually don’t use Spotify, I have used Apple Music for my streaming music needs. I was an iPhone user, jumped ship, but still subscribed to Apple Music because of all the playlists I had accumulated. This summer as a project I built a Jellyfin server with some spare parts I had (a Raspberry Pi 3B+ and a USB 1 TB laptop hard drive) and it was pretty amazing. This is not the ideal setup, the 3B+ lacks Gig ethernet, USB 3.0…

mr.smashy

Infrastructure architect. Security dev and researcher. Infosec nerd. Linux enthusiast. All opinions and views are my own. Polite, professional, prepared.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store