Flipper Zero Cheatsheet

Flipper Zero Cheatsheet¶

Overview¶

The Flipper Zero is a portable multi-tool for penetration testers, hardware enthusiasts, and security researchers. It combines multiple tools into a single, pocket-sized device, allowing for a wide range of security assessments and experiments. Its open-source nature and active community have led to the development of numerous custom firmwares and applications.

Key Features¶

Sub-GHz Transceiver: Analyze and interact with wireless devices like garage door openers, remote controls, and IoT sensors.
RFID/NFC: Read, write, and emulate RFID and NFC cards.
Infrared Transceiver: Control TVs, air conditioners, and other infrared-controlled devices.
GPIO Pins: Connect to and control external hardware.
iButton: Read and emulate iButton keys.
BadUSB: Emulate a keyboard to perform keystroke injection attacks.
U2F Security Token: Use as a hardware security token for two-factor authentication.

Common Applications¶

Access Control Testing: Clone and emulate RFID/NFC badges to test access control systems.
Wireless Auditing: Analyze and replay signals from wireless devices.
Physical Penetration Testing: Use as a versatile tool for physical security assessments.
Hardware Hacking: Interface with and debug embedded systems.
IoT Security Research: Analyze and test the security of IoT devices.

Custom Firmwares¶

Momentum Firmware: A feature-rich and stable custom firmware with a wide range of additional applications and features.
Unleashed Firmware: A popular community-driven firmware with many experimental features.
Xtreme Firmware: A predecessor to Momentum, known for its advanced features.

Defensive Measures¶

RFID/NFC Security: Use encrypted or rolling-code RFID/NFC systems.
Wireless Security: Use strong encryption and authentication for wireless devices.
Physical Security: Be aware of the potential for BadUSB and other physical attacks.
Network Security: Monitor for suspicious network activity from unknown devices.