CSbyGB - Pentips
Buy me a tea
  • CS By GB - PenTips
    • Welcome to CSbyGB's Pentips
  • Networking, Protocols and Network pentest
    • Basics
    • DNS
    • FTP
    • HTTP & HTTPS
    • IMAP
    • IPMI
    • MSSQL
    • MYSQL
    • NFS
    • Oracle TNS
    • POP3
    • RDP
    • RPC
    • Rservices
    • Rsync
    • SMB
    • SMTP
    • SNMP
    • SSH
    • VOIP and related protocols
    • Winrm
    • WMI
    • Useful tips when you find unknown ports
  • Ethical Hacking - General Methodology
    • Introduction
    • Information Gathering
    • Scanning & Enumeration
    • Exploitation (basics)
    • Password Attacks
    • Post Exploitation
    • Lateral Movement
    • Proof-of-Concept
    • Post-Engagement
    • MITRE ATT&CK
  • External Pentest
    • External Pentest
  • Web Pentesting
    • Introduction to HTTP and web
    • Enumeration
    • OWASP Top 10
    • General Methodo & Misc Tips
    • Web Services and API
    • Vunerabilities and attacks
      • Clickjacking
      • CORS (Misconfigurations)
      • CSRF
      • SSRF
      • Bypass captcha
      • Template Injection (client and server side)
      • MFA bypass
      • XXE
    • Exposed git folder
    • Docker exploitation and Docker vulnerabilities
    • Websockets
  • Mobile App Pentest
    • Android
    • IOS
  • Wireless Pentest
    • Wireless pentest
  • Cloud Pentest
    • Cloud Pentest
    • Google Cloud Platform
    • AWS
  • Thick Client Pentest
    • Thick Client
  • Hardware Pentest
    • ATM
    • IoT
  • Secure Code Review
    • Secure code review
    • Java notes for Secure Code Review
  • AI & AI Pentest
    • MITRE ATLAS
    • OWASP ML and LLM
    • Hugging face
    • AI Python
    • Gemini
    • Ollama
  • Checklist
    • Web Application and API Pentest Checklist
    • Linux Privesc Checklist
    • Mobile App Pentest Checklist
  • Tools
    • Burpsuite
    • Android Studio
    • Frida
    • CrackMapExec
    • Netcat and alternatives
    • Nmap
    • Nuclei
    • Evil Winrm
    • Metasploit
    • Covenant
    • Mimikatz
    • Passwords, Hashes and wordlist tools
    • WFuzz
    • WPScan
    • Powershell Empire
    • Curl
    • Vulnerability Scanning tools
    • Payload Tools
    • Out of band Servers
    • STEWS
    • Webcrawlers
    • Websocat
  • VM and Labs
    • General tips
    • Setup your pentest lab
  • Linux
    • Initial Foothold
    • Useful commands and tools for pentest on Linux
    • Privilege Escalation
      • Kernel Exploits
      • Password and file permission
      • Sudo
      • SUID
      • Capabilities
      • Scheduled tasks
      • NFS Root Squashing
      • Services
      • PATH Abuse
      • Wildcard Abuse
      • Privileged groups
      • Exploit codes Cheat Sheet
  • Windows
    • Offensive windows
    • Enumeration and general Win tips
    • Privilege Escalation
    • Active Directory
    • Attacking Active Directory
      • LLMNR Poisoning
      • SMB Relay Attacks
      • Shell Access
      • IPv6 Attacks
      • Passback Attacks
      • Abusing ZeroLogon
    • Post-Compromise Enumeration
      • Powerview or SharpView (.NET equivalent)
      • AD Manual Enumeration
      • Bloodhound
      • Post Compromise Enumeration - Resources
    • Post Compromise Attacks
      • Pass the Password / Hash
      • Token Impersonation - Potato attacks
      • Kerberos
      • GPP/cPassword Attacks
      • URL File Attack
      • PrintNightmare
      • Printer Bug
      • AutoLogon exploitation
      • Always Installed Elevated exploitation
      • UAC Bypass
      • Abusing ACL
      • Unconstrained Delegation
    • Persistence
    • AV Evasion
    • Weaponization
    • Useful commands in Powershell, CMD and Sysinternals
    • Windows Internals
  • Programming
    • Python programming
    • My scripts
    • Kotlin
  • Binary Exploitation
    • Assembly
    • Buffer Overflow - Stack based - Winx86
    • Buffer Overflow - Stack based - Linux x86
  • OSINT
    • OSINT
    • Create an OSINT lab
    • Sock Puppets
    • Search engines
    • OSINT Images
    • OSINT Email
    • OSINT Password
    • OSINT Usernames
    • OSINT People
    • OSINT Social Media
    • OSINT Websites
    • OSINT Business
    • OSINT Wireless
    • OSINT Tools
    • Write an OSINT report
  • Pentester hardware toolbox
    • Flipper Zero
    • OMG cables
    • Rubber ducky
  • Post Exploitation
    • File transfers between target and attacking machine
    • Maintaining Access
    • Pivoting
    • Cleaning up
  • Reporting
    • How to report your findings
  • Red Team
    • Red Team
    • Defenses Enumeration
    • AV Evasion
  • Writeups
    • Hackthebox Tracks
      • Hackthebox - Introduction to Android Exploitation - Track
    • Hackthebox Writeups
      • Hackthebox - Academy
      • Hackthebox - Access
      • Hackthebox - Active
      • Hackthebox - Ambassador
      • Hackthebox - Arctic
      • Hackthebox - Awkward
      • Hackthebox - Backend
      • Hackthebox - BackendTwo
      • Hackthebox - Bastard
      • Hackthebox - Bastion
      • Hackthebox - Chatterbox
      • Hackthebox - Devel
      • Hackthebox - Driver
      • Hackthebox - Explore
      • Hackthebox - Forest
      • Hackthebox - Good games
      • Hackthebox - Grandpa
      • Hackthebox - Granny
      • Hackthebox - Inject
      • Hackthebox - Jeeves
      • Hackthebox - Jerry
      • Hackthebox - Lame
      • Hackthebox - Late
      • Hackthebox - Love
      • Hackthebox - Mentor
      • Hackthebox - MetaTwo
      • Hackthebox - Monteverde
      • Hackthebox - Nibbles
      • Hackthebox - Optimum
      • Hackthebox - Paper
      • Hackthebox - Photobomb
      • Hackthebox - Poison
      • Hackthebox - Precious
      • Hackthebox - Querier
      • Hackthebox - Resolute
      • Hackthebox - RouterSpace
      • Hackthebox - Sauna
      • Hackthebox - SecNotes
      • Hackthebox - Shoppy
      • Hackthebox - Soccer
      • Hackthebox - Steamcloud
      • Hackthebox - Toolbox
      • Hackthebox - Vault
      • Hackthebox - Updown
    • TryHackme Writeups
      • TryHackMe - Anonymous
      • TryHackMe - Blaster
      • TryHackMe - CMesS
      • TryHackMe - ConvertMyVideo
      • TryHackMe - Corridor
      • TryHackMe - LazyAdmin
      • TryHackMe - Looking Glass
      • TryHackMe - Nahamstore
      • TryHackMe - Overpass3
      • TryHackMe - OWASP Top 10 2021
      • TryHackMe - SimpleCTF
      • TryHackMe - SQL Injection Lab
      • TryHackMe - Sudo Security Bypass
      • TryHackMe - Tomghost
      • TryHackMe - Ultratech
      • TryHackMe - Vulnversity
      • TryHackMe - Wonderland
    • Vulnmachines Writeups
      • Web Labs Basic
      • Web Labs Intermediate
      • Cloud Labs
    • Mobile Hacking Lab
      • Mobile Hacking Lab - Lab - Config Editor
      • Mobile Hacking Lab - Lab - Strings
    • Portswigger Web Security Academy Writeups
      • PS - DomXSS
      • PS - Exploiting vulnerabilities in LLM APIs
    • OWASP projects and challenges writeups
      • OWASP MAS Crackmes
    • Vulnerable APIs
      • Vampi
      • Damn Vulnerable Web Service
      • Damn Vulnerable RESTaurant
    • Various Platforms
      • flAWS 1&2
  • Digital skills
    • How to make a gitbook
    • Marp
    • Linux Tips
    • Docker
    • VSCodium
    • Git Tips
    • Obsidian
  • Durable skills
    • Durable skills wheel/Roue des compétences durables
  • Projects
    • Projects
      • Technical Projects
      • General Projects
  • Talks
    • My Talks about Web Pentest
    • My talks about Android Application hacking
    • Other of my talks and Podcast
  • Resources
    • A list of random resources
Powered by GitBook
On this page
  • Out of the box
  • SD Card
  • Update firmware
  • Infrared
  • Clone a remote
  • Flash the Xtreme firmware
  • WiFi Dev board
  • Marauder
  • Evil portal
  • Music Player
  • Make your own music
  • Convert Solfege notation to Letter notation
  • Where is flat?
  • Tempo
  • My music files
  • Resources for music with flipper Zero
  • Using a Flipper Zero to access API source code on IoT devices
  • Customization & 3D prints
  • Dev Board Case
  • Desktop Stand
  • GPIO Cover
  • Resources
  • Official links
  • Tutorials, Cheatsheet & Resources
  • Github projects
  • Attacks
  • People, companies or org to follow
  • Firmwares
  • RFID
  • BadUSB
  • SubGHz
  • Games
  • Blue Team Flipper tools
  • Tools
  1. Pentester hardware toolbox

Flipper Zero

PreviousWrite an OSINT reportNextOMG cables

Last updated 8 months ago

image

Out of the box

Once you've received your Flipper Zero, you will need to set it up.

SD Card

Update firmware

Once the SD card is inserted and formatted, you will be able to update the firmware. Here is how to do this:

  1. Install it

  2. Plug your flipper to your computer and update the firmware, really straightforward as well.

Infrared

Clone a remote

Once again something really simple you can clone a remote. Here is how to do it:

  1. In the menu go to Infrared

  2. Click on learn new remote

  3. Point the remote at the IR port and push the button you wish to clone (every button will be saved separately)

Now you can use your flipper as a remote. Pretty cool.

Flash the Xtreme firmware

  • Thanks to Shuriken Hacks you can see how to do this in his video :)

WiFi Dev board

If you have the WiFi dev board, you can use it like you would use a pineapple wifi.

Marauder

Steam Labs has an amazing video about this:

Here are the steps (some from the video some you have to do prior):

  1. (Prior watching the video) Flash your flipper with a firmware that has the marauder attack, Steam labs uses the Rogue Master firmware, I use the Xtreme firware (you can see above how to flash it)

Evil portal

Music Player

  • You have a music player in the flipper zero.

Make your own music

Convert Solfege notation to Letter notation

  • To convert notes to letter notation. If you are like me and never remember how to convert solfege notation to letter, here is a matrice

Solfege notation
Letter notation

DO

C

RE

D

MI

E

FA

F

SOL

G

LA

A

SI

B

Where is flat?

  • If you want a flat (bemol) you will need to use you musician skills. I could not find a way to make a bemol except by using its sharp equivalent so for example if you want mib you will need to use re#.

  • Here are a few possibilities for this scenario

    • reb is do# = C#

    • mib is re# = D#

    • solb is fa# = F#

    • lab is sol# = G#

    • sib is la# = A#

    • fab is mi = E

    • dob is si = B

Tempo

  • To calculate the tempo we use a metronome one click of a metronome is a beat.

Italian
English
BPM

Largo

Large

40 - 60

Lento

Slow

52 - 68

Adagio

Adagio

60 - 80

Andante

Andante

76 - 100

Moderato

Moderate

88 - 112

Allegretto

Allegretto

100 - 128

Allegro

Allegro

112 - 160

Vivace

Lively

120 - 140

Presto

Fast

140 - 200

Prestissimo

Very fast

140 - 200

  • Depending on the piece the tempo will be different. You will have to calculate according to this. These images from flowkey can help us. We can assume (even though it is not always true) that for example if it says on a music sheet allegro moderato 120 the quarter note will be 120 bpm and we will calculate the other according to this.

My music files

Resources for music with flipper Zero

Using a Flipper Zero to access API source code on IoT devices

Customization & 3D prints

Dev Board Case

Desktop Stand

GPIO Cover

Resources

Official links

Tutorials, Cheatsheet & Resources

Github projects

Attacks

People, companies or org to follow

Firmwares

RFID

BadUSB

SubGHz

Games

Blue Team Flipper tools

Tools

You will need an SD card in order to play with your flipper zero, it is pretty much useless without it. You can not buy any SD card, you will need a specific one, see the requirements. You can also check the same link to format the SD Card through the flipper. It is pretty straightforward. They mention in the documentation that it is not necessary to buy one that is more than 32 GB even though it will still work with more. is the one I got from Amazon Canada.

Get the app on your computer from this

For more information, you have the full chapter about the firmware update in the documentation .

Check out the ios attacks you can try with it

Flash the firmware on the devboard. Steam labs uses

Enumerate the wifi availables, find the wifi you are targeting (⚠️reminder to stay legal and ethical⚠️). (from the "List" item in the menu) Write down the number of the wifi you are targeting

Select the targeted wifi from the "Select" item in the menu

Launch deauth attack from the "Attack" item in the menu

Launch rickroll attack from the "Attack" item in the menu

I changed the path but in mine it is here

You will have to put the music files in this folder. They can be txt file or fmf (flipper music file)

You want to make your own music. It is possible. Use to hear what it is going to look like.

And then you can use to create the file. I really like the image he shared. It is really comprehensive in one look

is also really good

is a link to the folder where I will put the music files I will make using this methodology.

See Dana Epp's blog article for a detailed explaination on how to do this

here
Here
link
here
here
this one by UberGuidoZ
this RTTTL Online tool
This documentation by tonsil
Here
flipper music files - Tonsil
An RTTTL Parser Class by marco c on Arduino++
Apprendre le solfege
Flowkey
FlipperMusicRTTTL - neverfa11ing
here
Flipper zero Dev board case - Urgirlinmyjetta316
Case for Flipper Zero Wi-Fi Module v1
Flipper Zero Desktop Stand - Jake Anderson
Flipper Zero GPIO Cover - joelspiers15
Flipper Zero SD cover - hk4fun
Flipper Zero QR Code
Derek Jamison - Github
Derek Jamison - Youtube
Sam's eXperiments logs - Youtube
Shuriken Hacks - Youtube
McSHUR1KEN (Shuriken Hacks) - Github
PenAce - Youtube
Lukas Stefano - Linkedin
Talking Sasquach - Youtube
Modern Broadcast - Youtube
David Bombal - Youtube
Jando - Youtube
The Computer Noob - website
CorSecure - Youtube
Mr ExtraRandom - Youtube
Kanjian FR - Youtube (in french only)
I am Jakoby - Github
Official firmware
Xtreme firmware
RogueMaster Firmware
Momentum Firmware
Flipper zweo tutorials - RFID - Jamisonderek
BadUSB payloads - I Am Jakoby
badusb - FalsePhilosopher
flipper zero Gate Bruteforce - Hong5489
Flipper zero bruteforce - tobiabocchi
Flipper zero SubGHz - Shur1k-N
Ubers SD Files - skizzophrenic
Flipper Sub-GHz - UberGuidoz
Wall of flippers - K3YOMI
this documentation by neverfa11ing
Shuriken Hacks - Installing Xtreme Firmware on Flipper Zero — Xtremely Easy!
Flipper Zero - How to run Marauder on the WiFi Dev Board - ESP32 - Rick Roll
Official Twitter
Self diagnose and repair guide
Flipper Zero Documentation - Flipper Zero — Documentation
Official Documentation
Flipper Zero — Portable Multi-tool Device for Geeks
Official Website
Join the Flipper Devices Discord Server!Discord
Official Discord Server
flipper-questions-and-answers
Logo
GitHub - flipperdevices/flipper-questions-and-answers: Flipper Question and Answer sessions archiveGitHub
Flipper Zero Tutorial 2024: Best Beginner's Guide (Easy Steps)StationX
Flipper Zero Tutorial 2024: Best Beginner’s Guide (Easy Steps) - StationX
Logo
GitHubGitHub
Flipper Zero Topic on Github
GitHubGitHub
Flipper Zero Topic on Github
The Ultimate Guide / CheatSheet to Flipper ZeroInfoSec Write-ups
The Ultimate Guide / CheatSheet to Flipper Zero - Ilias Mavropoulos
David Bombal Flipper Zero next level
Joas A Santos on LinkedIn: Flipper Zero Content Compilationlinkedin
Joas' flipper zero resources
GitHub - djsime1/awesome-flipperzero: 🐬 A collection of awesome resources for the Flipper Zero device.GitHub
Awesome flipperzero - djsime1
Mon Flipper Zero est arrivé ! 🐬 (mon avis)Blogmotion – Culture tech et DIY
In french - Blogmotion - Flipper Zero
Tamagotchi Hacking Tool, Flipper Zero Unboxing and Review - Modern Broadcast
Flipper Zero Teardown - Flipper Devices (and 7 other contributors)
3 Flipper Zero Hacks to Wow Your Friends (and How They Work) | HackerNoonhackernoon
3 Flipper Zero Hacks to Wow Your Friends (and How They Work) - James Bore
Logo
Flipper Zero Hacking my House | Huson DIY | TV's and Remote Sockets - Huson DIY
GitHub - UberGuidoZ/Flipper: Playground (and dump) of stuff I make or modify for the Flipper ZeroGitHub
Playground (and dump) of stuff I made, modified, researched, or found for the Flipper Zero. - UberGuidoZ
Flipper Zero | HackTricks | HackTricks
Flipper Zero - Hacktricks
GitHub - SHUR1K-N/Flipper-Zero-Sub-GHz-Jamming-Files: Looking for those jamming files that were removed from custom firmwares? Here they are. Only for educational purposes, of course.GitHub
Flipper-Zero-Sub-GHz-Jamming-Files - SHUR1K-N
GitHub - SHUR1K-N/Flipper-Zero-BadKB-Files: Looking for the BadKB files you saw in my video? Here they are. Only for educational purposes, of course.GitHub
Flipper Zero's BadKB Files (from my YouTube video) - SHUR1K-N
A Flipper Zero Introduction Tutorial: How to use Bad USB - Modern Broadcast
GitHub - Chrislundh98/BadUSB: BadUSB collection for flipperzeroGitHub
Educational BadUSB Scripts for Cybersecurity Learning - Christoffer Lundh
A step-by-step guide on exploiting Bluetooth (BLE) on iOS 17 & Android via Flipper ZeroOpen Source Skills
A step-by-step guide on exploiting BLE on iOS 17 & Android via Flipper Zero - Jason Martin
Bad-usb works on IOS iphone flipper zero - Jando
How To: Wireless BadUSB Attacks w/ the Flipper ZeroThe Computer Noob
How To: Wireless BadUSB Attacks w/ the Flipper Zero - The Computer Noob
Flipper Zero: BLE Imitation of Apple Device Pairings - Sam's eXperiments logs
How charging your phone can compromise your data using Juice Jacking attackMobile Hacker
How charging your phone can compromise your data using Juice Jacking attack - Mobile Hacker
Unlocking a Phone with a Flipper Zero - CorSecure
Flipper Zero - How to run Marauder on the WiFi Dev Board - ESP32 - Rick Roll - Steam Labs
Flipper Zero: How To Run Marauder on the WiFi Dev Board - Just call me koko
How Hackers Use Bluetooth to Take Over Your Mac Device
Bluetooth Impersonation attacks
You Can Now Play Doom in the Tamagotchi-Like Hacking Devicevice
You Can Now Play Doom in the Tamagotchi-Like Hacking Device
Flipper Maker — Generate files for your Flipper Zero
Flipper Maker - Generate flipper Files
Flipper Lab
Flipper Labs
Logo
Coming soon
Logo
Logo
Logo
Logo
Logo
Logo
Logo
Logo
Logo
Logo
Logo
Logo
Logo
Logo
Logo
Logo
Logo
Logo
Logo
Logo