This firmware transforms an ESP32 device into a portable penetration testing platform by combining an embedded JavaScript runtime with multi-protocol wireless attack capabilities, USB and Bluetooth HID emulation, and a menu-driven user interface. It is designed as a unified system that integrates persistent storage, hardware abstraction for external radio modules, a serial command protocol for headless operation, and a web-based remote desktop that streams the device screen and relays button inputs for remote control.
The custom JavaScript scripting environment enables users to write and run scripts that orchestrate infrared, radio, serial, and file operations, with support for TypeScript compilation and direct execution of stored payloads. The firmware distinguishes itself through its dual-storage architecture (LittleFS internal flash plus SD card), boot-time state restoration, and a serial command protocol that allows complete external control without a display. The web interface provides file management, screen viewing, serial command sending, and text editing, making the device operable without its physical buttons.
Beyond these differentiators, the firmware covers a comprehensive range of attack and reconnaissance functions: WiFi deauthentication, handshake capture and cracking, rogue access point deployment with captive portals, ARP spoofing, and LLMNR/NBT-NS poisoning; Bluetooth scanning, notification spam, and keystroke injection; RFID and iButton reading, writing, cloning, and emulation; infrared send, receive, and replay; sub-GHz and 2.4 GHz RF signal capture, replay, jamming, and spectrum visualization; GPS-enabled wardriving with coordinate logging; LoRa text messaging; and ESP-NOW, Ethernet, WireGuard VPN, and SOCKS4 proxy connectivity. The firmware is installed by flashing an ESP32 device and can be extended via an on-device app store for additional tools.
