# brucedevices/firmware **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/brucedevices-firmware).** 4,941 stars · 1,708 forks · C · agpl-3.0 ## Links - GitHub: https://github.com/BruceDevices/firmware - Homepage: https://bruce.computer - awesome-repositories: https://awesome-repositories.com/repository/brucedevices-firmware.md ## Topics `bruce` `cardputer` `embedded-systems` `esp32-c5` `esp32-s3` `flipperzero` `hardware` `iot` `lilygo` `m5stack` `m5stack-cardputer` `m5stack-stickc` `nfc` `offsec` `open-hardware` `pcbway` `radio` `rf` ## Description This firmware transforms an ESP32 device into a portable penetration testing platform by combining an embedded JavaScript runtime with multi-protocol wireless attack capabilities, USB and Bluetooth HID emulation, and a menu-driven user interface. It is designed as a unified system that integrates persistent storage, hardware abstraction for external radio modules, a serial command protocol for headless operation, and a web-based remote desktop that streams the device screen and relays button inputs for remote control. The custom JavaScript scripting environment enables users to write and run scripts that orchestrate infrared, radio, serial, and file operations, with support for TypeScript compilation and direct execution of stored payloads. The firmware distinguishes itself through its dual-storage architecture (LittleFS internal flash plus SD card), boot-time state restoration, and a serial command protocol that allows complete external control without a display. The web interface provides file management, screen viewing, serial command sending, and text editing, making the device operable without its physical buttons. Beyond these differentiators, the firmware covers a comprehensive range of attack and reconnaissance functions: WiFi deauthentication, handshake capture and cracking, rogue access point deployment with captive portals, ARP spoofing, and LLMNR/NBT-NS poisoning; Bluetooth scanning, notification spam, and keystroke injection; RFID and iButton reading, writing, cloning, and emulation; infrared send, receive, and replay; sub-GHz and 2.4 GHz RF signal capture, replay, jamming, and spectrum visualization; GPS-enabled wardriving with coordinate logging; LoRa text messaging; and ESP-NOW, Ethernet, WireGuard VPN, and SOCKS4 proxy connectivity. The firmware is installed by flashing an ESP32 device and can be extended via an on-device app store for additional tools. ## Tags ### Hardware & IoT - [Penetration Testing Firmware](https://awesome-repositories.com/f/hardware-iot/microcontroller-firmware-frameworks/esp32-firmware-projects/penetration-testing-firmware.md) — Provides a dedicated ESP32 firmware for portable penetration testing with multi-protocol attack support. - [BadUSB Payloads](https://awesome-repositories.com/f/hardware-iot/badusb-payloads.md) — Simulates a USB keyboard to inject keystrokes and run DuckyScript payloads on target computers. ([source](https://cdn.jsdelivr.net/gh/brucedevices/firmware@main/README.md)) - [Serial Device Communication](https://awesome-repositories.com/f/hardware-iot/connectivity-iot/hardware-communication/serial-device-communication.md) — Sends text commands over a serial connection to trigger infrared, sub-GHz, music, and system operations. ([source](https://wiki.bruce.computer/controlling-device/serial/)) - [HID Emulations](https://awesome-repositories.com/f/hardware-iot/hid-emulations.md) — Emulates USB and Bluetooth HID devices to inject keystrokes for automated payload delivery. - [RFID Tag Emulation](https://awesome-repositories.com/f/hardware-iot/rfid-tag-emulation.md) — Emulates programmable RFID tags to interact with readers for security testing. ([source](https://wiki.bruce.computer/features/rfid/)) - [RFID Tag Reading](https://awesome-repositories.com/f/hardware-iot/rfid-tag-reading.md) — Reads data from 125kHz and 13.56MHz RFID tags using on-board modules. ([source](https://wiki.bruce.computer/features/rfid/)) - [Dual-Storage File Systems](https://awesome-repositories.com/f/hardware-iot/sd-card-storage-drivers/dual-storage-file-systems.md) — Persists configuration, scripts, and logs across both internal flash and external SD card with automatic mounting. - [SPI Bus Interfaces](https://awesome-repositories.com/f/hardware-iot/spi-bus-interfaces.md) — Connects radio modules via SPI bus for wireless communication. ([source](https://wiki.bruce.computer/wiring-diagrams/m5stickc/cc1101-nrf24/)) - [Standalone RFID Operations](https://awesome-repositories.com/f/hardware-iot/standalone-rfid-operations.md) — Executes standalone RFID reading, cloning, and writing operations directly on the device. ([source](https://cdn.jsdelivr.net/gh/brucedevices/firmware@main/README.md)) - [Standard USB Device Emulations](https://awesome-repositories.com/f/hardware-iot/usb-device-communication/usb-device-stacks/standard-usb-device-emulations.md) — Emulates USB HID devices to enable keystroke injection on hosts without native USB support. ([source](https://wiki.bruce.computer/external-modules/ch9329/)) - [Bluetooth Attack Execution](https://awesome-repositories.com/f/hardware-iot/bluetooth-connectivity/bluetooth-attack-execution.md) — Scans for Bluetooth devices, sends spam notifications, and simulates a keyboard to execute attacks. ([source](https://cdn.jsdelivr.net/gh/brucedevices/firmware@main/README.md)) - [Bluetooth Pairing Notification Spam](https://awesome-repositories.com/f/hardware-iot/bluetooth-connectivity/bluetooth-pairing-notification-spam.md) — Floods nearby devices with fake pairing notifications across multiple platforms or simulates tracking beacons. ([source](https://wiki.bruce.computer/features/ble/)) - [Wi-Fi Wardriving Loggers](https://awesome-repositories.com/f/hardware-iot/gps-location-tracking/wi-fi-wardriving-loggers.md) — Records detected Wi-Fi access points with GPS coordinates into a CSV file for mapping platform upload. ([source](https://wiki.bruce.computer/features/gps/)) - [Radio Frequency Transceivers](https://awesome-repositories.com/f/hardware-iot/radio-frequency-transceivers.md) — Configures external radio modules to transmit and receive signals across adjustable frequency bands. ([source](https://wiki.bruce.computer/external-modules/cc1101/)) - [Sub-GHz Transceivers](https://awesome-repositories.com/f/hardware-iot/radio-frequency-transceivers/sub-ghz-transceivers.md) — Transmits and receives signals on sub-GHz frequencies to interact with wireless sensors and remotes. ([source](https://wiki.bruce.computer/interpreter/)) - [Jamming Transmitters](https://awesome-repositories.com/f/hardware-iot/radio-frequency-transmitters/jamming-transmitters.md) — Transmits interference signals on selected frequencies to disrupt radio communications within range. ([source](https://wiki.bruce.computer/features/rf/)) - [Sub-GHz Attack Transmitters](https://awesome-repositories.com/f/hardware-iot/radio-frequency-transmitters/sub-ghz-attack-transmitters.md) — Scans, copies, replays, and jams radio frequency signals in the sub-1 GHz band to disrupt devices. ([source](https://cdn.jsdelivr.net/gh/brucedevices/firmware@main/README.md)) - [Signal Replayers](https://awesome-repositories.com/f/hardware-iot/rf-signal-sampling/signal-replayers.md) — Captures raw or modulated radio signals and retransmits them for reuse of previously seen transmissions. ([source](https://wiki.bruce.computer/features/rf/)) - [Signal Scanners and Jammers](https://awesome-repositories.com/f/hardware-iot/rf-signal-sampling/signal-scanners-and-jammers.md) — Scans for 2.4 GHz signals and transmits jamming signals to disrupt them using an NRF24 module. ([source](https://wiki.bruce.computer/external-modules/nrf24/)) - [RFID Tag Writing](https://awesome-repositories.com/f/hardware-iot/rfid-tag-writing.md) — Writes data to 13.56MHz tags, supporting cloning, NDEF records, and erasing. ([source](https://wiki.bruce.computer/features/rfid/)) ### Part of an Awesome List - [Embedded Scripting Runtimes](https://awesome-repositories.com/f/awesome-lists/devtools/automation-and-scripting/embedded-scripting-runtimes.md) — Runs custom JavaScript scripts to orchestrate infrared, radio, serial, and file operations. - [Multi-Protocol Wireless Attack Suites](https://awesome-repositories.com/f/awesome-lists/security/penetration-testing/multi-protocol-wireless-attack-suites.md) — Runs WiFi deauthentication, handshake capture, evil portal, Bluetooth attacks, and Sub-GHz jamming from a single device. - [Embedded-Device Remote Desktop Protocols](https://awesome-repositories.com/f/awesome-lists/devops/remote-desktop/browser-based-remote-desktops/embedded-device-remote-desktop-protocols.md) — Streams the device's frame buffer to a browser and relays button inputs as serial-like commands for headless control. - [Wardriving Loggers](https://awesome-repositories.com/f/awesome-lists/media/maps-and-gps/wardriving-loggers.md) — Logs GPS coordinates alongside detected Wi-Fi access points for geospatial network mapping. - [Wireless Protocols](https://awesome-repositories.com/f/awesome-lists/media/wireless-protocols.md) — Implements 2.4 GHz protocol jamming to disrupt WiFi and Bluetooth communications. ([source](https://cdn.jsdelivr.net/gh/brucedevices/firmware@main/README.md)) - [Remote File Managers](https://awesome-repositories.com/f/awesome-lists/security/file-encryption/remote-file-managers.md) — Uploads, downloads, renames, deletes, and creates files and folders on internal storage and SD card. ([source](https://wiki.bruce.computer/controlling-device/webui/)) ### Data & Databases - [On-Device](https://awesome-repositories.com/f/data-databases/file-storage-management/on-device.md) — Creates, renames, copies, deletes, and reads files stored on SD card or LittleFS partitions. ([source](https://cdn.jsdelivr.net/gh/brucedevices/firmware@main/README.md)) - [Peripheral State Restoration](https://awesome-repositories.com/f/data-databases/sql-query-interfaces/system-state-querying/device-state-interfaces/peripheral-state-restoration.md) — Restores hardware peripheral configurations and WiFi AP settings from non-volatile memory on every boot. ### Development Tools & Productivity - [JavaScript Scripting Environments](https://awesome-repositories.com/f/development-tools-productivity/python-development-tools/script-execution-engines/python-scripting-environments/javascript-scripting-environments.md) — Interprets JavaScript scripts with hardware API bindings for automated penetration testing. ([source](https://wiki.bruce.computer/features/js-interpreter/)) - [Embedded Scripting Engines](https://awesome-repositories.com/f/development-tools-productivity/task-automation-scripts/embedded-scripting-engines.md) — Runs custom JavaScript programs directly on embedded hardware for automation. - [Penetration Testing Tool Configurations](https://awesome-repositories.com/f/development-tools-productivity/cross-tool-configuration-sets/penetration-testing-tool-configurations.md) — Configures BadUSB keyboard layout, keystroke delay, output display, BLE API toggle, and stores WiFi AP credentials. ([source](https://wiki.bruce.computer/features/config/)) - [On-Device App Stores](https://awesome-repositories.com/f/development-tools-productivity/installer-packages/on-device-app-stores.md) — Provides an on-device app store to download and install extension modules over WiFi. ([source](https://wiki.bruce.computer/features/config/)) - [Device Startup and Time Synchronization](https://awesome-repositories.com/f/development-tools-productivity/startup-configurations/startup-splash-screens/device-startup-and-time-synchronization.md) — Adjusts startup behavior, splash screen, WiFi auto-connect, and time synchronization via NTP. ([source](https://wiki.bruce.computer/features/config/)) ### Networking & Communication - [LLMNR/NBT-NS/mDNS Poisoners](https://awesome-repositories.com/f/networking-communication/host-networking-services/network-service-advertisers/mdns-implementation-configuration/llmnr-nbt-ns-mdns-poisoners.md) — Responds to LLMNR and NBT-NS queries with spoofed addresses to capture authentication credentials. ([source](https://wiki.bruce.computer/features/wifi/)) - [Unified Multi-Protocol Radio Drivers](https://awesome-repositories.com/f/networking-communication/messaging-api-integrations/lora-messaging-integrations/radio-physical-layer-implementations/unified-multi-protocol-radio-drivers.md) — Unifies WiFi, BLE, LoRa, Sub-GHz, RFID, and IR under a single send/receive/scan interface with hardware-specific backends. - [Wireless Deauthentication Tools](https://awesome-repositories.com/f/networking-communication/network-infrastructure-routing/wireless-network-utilities/wireless-deauthentication-tools.md) — Sends management frames to disconnect wireless clients from access points. ([source](https://wiki.bruce.computer/features/wifi/)) - [UART-Based](https://awesome-repositories.com/f/networking-communication/tcp-protocol-implementations/command-protocols/uart-based.md) — Parses text commands over UART for headless operation, scripting integration, and external control of all firmware modules. - [Web-Based Remote Clients](https://awesome-repositories.com/f/networking-communication/web-based-remote-clients.md) — Provides a web interface to manage files, view the screen, run serial commands, and execute IR, RF, and BadUSB payloads. ([source](https://wiki.bruce.computer/features/files/)) - [Rogue Access Points](https://awesome-repositories.com/f/networking-communication/wireless-access-point-management/rogue-access-points.md) — Deploys cloned or custom access points with captive portals to capture credentials. ([source](https://wiki.bruce.computer/features/wifi/)) - [ARP Cache Poisoning](https://awesome-repositories.com/f/networking-communication/arp-and-ndp-responders/arp-cache-poisoning.md) — Floods networks with spoofed ARP replies to disrupt communication and enable man-in-the-middle attacks. ([source](https://wiki.bruce.computer/features/ethernet/)) - [BLE Device Discovery and Reporting](https://awesome-repositories.com/f/networking-communication/bluetooth-connectivity/bluetooth-device-scanners/ble-device-discovery-and-reporting.md) — Scans for nearby Bluetooth Low Energy devices and reports their identifiers for reconnaissance. ([source](https://wiki.bruce.computer/features/ble/)) - [LoRa Messaging Integrations](https://awesome-repositories.com/f/networking-communication/messaging-api-integrations/lora-messaging-integrations.md) — Exchanges text messages between devices over Long Range radio using supported hardware modules. ([source](https://wiki.bruce.computer/features/lora/)) - [Network Host Discoverers](https://awesome-repositories.com/f/networking-communication/network-scanning-tools/blind-scanning-utilities/network-host-discoverers.md) — Identifies active hosts on a network using ARP scanning. ([source](https://wiki.bruce.computer/features/ethernet/)) - [Scan-and-Attack Workflows](https://awesome-repositories.com/f/networking-communication/network-scanning-tools/blind-scanning-utilities/network-host-discoverers/scan-and-attack-workflows.md) — Discovers live hosts and then launches deauthentication, ARP spoofing, and SSH attacks against them. ([source](https://wiki.bruce.computer/features/wifi/)) - [WiFi Access Point Hosting](https://awesome-repositories.com/f/networking-communication/wifi-access-point-hosting.md) — Hosts a WiFi network for client connections and serves as a platform for other attacks. ([source](https://wiki.bruce.computer/features/wifi/)) ### Programming Languages & Runtimes - [Embedded](https://awesome-repositories.com/f/programming-languages-runtimes/runtime-execution-environments/javascript-runtimes/embedded.md) — Provides a custom JavaScript interpreter with hardware bindings for orchestrating multi-protocol attacks on an ESP32. ### Security & Cryptography - [Wireless Network Attacks](https://awesome-repositories.com/f/security-cryptography/enterprise-security-frameworks/wireless-network-attacks.md) — Deploys deauthentication, beacon spam, evil portal, and ARP spoofing against wireless networks. ([source](https://cdn.jsdelivr.net/gh/brucedevices/firmware@main/README.md)) - [Man-in-the-Middle Frameworks](https://awesome-repositories.com/f/security-cryptography/man-in-the-middle-frameworks.md) — Sends forged ARP replies to enable man-in-the-middle traffic interception. ([source](https://wiki.bruce.computer/features/ethernet/)) - [Multi-Vector WiFi Attack Suites](https://awesome-repositories.com/f/security-cryptography/multi-vector-wifi-attack-suites.md) — Launches combined deauthentication, handshake capture, and beacon spam attacks to overwhelm WiFi networks. ([source](https://wiki.bruce.computer/features/wifi/)) - [Network Probe Response Spoofing](https://awesome-repositories.com/f/security-cryptography/network-probe-response-spoofing.md) — Impersonates networks by responding to probe requests and deploying a captive portal. ([source](https://wiki.bruce.computer/features/wifi/)) - [USB Keystroke Injection Scripts](https://awesome-repositories.com/f/security-cryptography/usb-keystroke-injection-scripts.md) — Emulates USB and Bluetooth keyboards to inject pre-scripted keystrokes for automated payload delivery. - [Wireless Attack Tools](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/security-testing-auditing/security-testing-tools/wireless-attack-tools.md) — Integrates WiFi, BLE, and sub-GHz attack tools into a unified wireless testing platform. - [Handshake Captures](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/security-testing-auditing/security-testing/wireless-security-auditing/handshake-captures.md) — Captures and cracks WPA/WPA2 handshakes using a wordlist to recover network passwords. ([source](https://wiki.bruce.computer/features/wifi/)) - [Default Credential Lookups](https://awesome-repositories.com/f/security-cryptography/default-credential-lookups.md) — Checks a database of factory-default router credentials and attempts login. ([source](https://wiki.bruce.computer/features/wifi/)) - [Bluetooth Keystroke Injection](https://awesome-repositories.com/f/security-cryptography/usb-keystroke-injection-scripts/bluetooth-keystroke-injection.md) — Emulates a Bluetooth keyboard to inject keystrokes and execute scripts on previously paired devices. ([source](https://wiki.bruce.computer/features/ble/)) - [2.4 GHz Jammers](https://awesome-repositories.com/f/security-cryptography/wireless-signal-jammers/2-4-ghz-jammers.md) — Ships a 2.4 GHz jamming capability using an NRF24 module to disrupt WiFi and Bluetooth communications. ([source](https://wiki.bruce.computer/features/nrf24/)) ### Software Engineering & Architecture - [Headless Controllers](https://awesome-repositories.com/f/software-engineering-architecture/tool-exposure-interfaces/device-control-interfaces/headless-controllers.md) — Controls the device without a screen or buttons by issuing serial commands to connect to WiFi and launch a web interface. ([source](https://wiki.bruce.computer/controlling-device/headless-mode/)) - [Non-Volatile Device Configuration Persistence](https://awesome-repositories.com/f/software-engineering-architecture/workflow-persistence/state-persistence/boot-persistent-state-persisters/non-volatile-device-configuration-persistence.md) — Stores settings to non-volatile memory to survive reboots and firmware swaps, restoring state on each boot. ([source](https://wiki.bruce.computer/configuration/bruce.conf/)) ### System Administration & Monitoring - [Remote Control Interfaces](https://awesome-repositories.com/f/system-administration-monitoring/hardware-control-interfaces/remote-control-interfaces.md) — Controls units without displays or buttons through a web interface or serial connection. ([source](https://wiki.bruce.computer/development/porting-to-devices/)) ### User Interface & Experience - [Web-Based Control Panels](https://awesome-repositories.com/f/user-interface-experience/web-based-control-panels.md) — Starts a web server that provides a full graphical interface for control over WiFi or via an access point. ([source](https://wiki.bruce.computer/controlling-device/webui/)) - [Hardware-Input-Driven Menu Systems](https://awesome-repositories.com/f/user-interface-experience/application-menu-systems/keyboard-driven-menu-systems/hardware-input-driven-menu-systems.md) — Renders a nested menu system navigated by physical buttons, encoder, or keyboard with theme support and status bar. ### Web Development - [Screen Mirroring Controllers](https://awesome-repositories.com/f/web-development/remote-browser-controllers/screen-mirroring-controllers.md) — Displays the device's current screen in a browser and allows virtual button presses for navigation and selection. ([source](https://wiki.bruce.computer/controlling-device/webui/))