Tools & products

Tools and products

LoRa Craft is a small set of tools to receive signals with Software-Defined Radio, decode et craft LoRaWAN packets on top of a gr-lora GNU Radio module.

Project info

  • V2Glogo

Tools to intrude a V2G PowerLine network, but also to capture and inject V2G packets.

Project info

Encode and decode V2G messages on the fly.

Project info

A collection of tools and Scapy dissectors to test Power-Line Communication (in)security:

  • HomeplugAV.py Scapy Layers: create and craft your own HomePlugAV packets
  • discover.py: sends 'GetDeviceTypeRequest' in broadcast mode to discover PLCs of the same AVLN
  • genDAK.py: derives MAC address to get a Qualcomm DAK passphrase
  • PBKDF1.py: hashes the DAK or NMK passphrase using the PBKDF1
  • quickKODAK.py: performs a KODAK bruteforce on powerline
  • plcmon.py: enables 'Sniffer mode' and uses Sniffer Indicate packet to retrieve CCos MAC address
  • PIBdump.py: dumps your entire PLC configure (PIB) into a file
  • patchPIB.py: patch arbitrary bytes of your PLC, or a field between bytes 0x0-0x400 (see the details of ModulePIB conditions in the Scapy layer).
  • HPGPKeysCollect.py: parse HPGP messages and collect keys

Project info

Map 2G/3G/4G and more cellular networks in real life with a simple smartphone, pretty much like the osmocomBB monitoring feature.

  • V2Glogo

Project info

A smart jamming proof of concept for mobile equipment that could be powered with the Modmobmap tool.

  • V2Glogo

Project info