Featured Products
Proxmark3 Kit
$350.00 USD
-
The Proxmark3 kit includes everything you need to get started doing RFID / NFC research in style. It has always been our mission to prevent DOA shipments and so all of our Proxmark gear is thoroughly tested in-house prior to shipping.
Inside the box you'll find an Enclosed Proxmark 3, LF Antenna, HF Antenna, EM4100, 1 HID 1326 ProxCard II, 1 T5577 tag, 1 Mifare 1K, 1 Mifare 4K, and 1 Mifare Ultralight, 2 antenna cables, and 1 power/communication cable. The Proxmark client software and firmware are open source and available for download. We offer pre-compiled versions that correspond to the current version in use on the board (see the links tab).
The Proxmark is the only SDR targeting NFC and RFID frequencies that is capable of both transmitting and receiving while meeting the timing requirements of most proximity protocols. The Proxmark also provides full control over the radio layer in addition to software support for several higher-level protocols (ex. Mifare).
The LF Antenna enables communication with tags that operate at 125kHz and 134kHz (including HID Prox II, HITAG, and EM4100). The HF Antenna enables communication with tags operating at 13.56Mhz (including Mifare Classic/Ultralight, and iClass).
The Proxmark has proven itself to be an invaluable tool within the research community. Here are some examples of how the Proxmark has been used to perform research:- Proxmark3: The Swiss Army Knife of Security Research
- Exploring the NFC Attack Surface
- A Practical Attack on the MIFARE Classic
- Analysis of the MIFARE Classic used in the OV-Chipkaart project
- Potential Misuse of NFC Enabled Mobile Phones with Embedded Security Elements as Contactless Attack Platforms
- Outsmarting Smart Cards
- Evaluation of the feasible attacks against RFID tags for access control systems
Rysc Corp. pioneered the first commercial Proxmark offering back in 2008. Prior to that point, obtaining a Proxmark meant building one yourself. Since that first commercial offering we have continued developing the device and have assisted thousands of individuals and companies, large and small.
The Proxmark also makes a great educational tool. The entire platform (including hardware and software) is open source and can be readily analyzed and inspected. The Proxmark includes many of the major components found in a general purpose SDR but is simpler and therefore easier to understand. Faculty members should contact us about educational discounts if interested in incorporating the Proxmark into a course of study.
Naked Proxmark3, Enclosed Proxmark3, LF and HF Antenna can be purchased separately. Please email sales@ryscc.com for more information.
WARNING: The Proxmark3 is a research and development tool. It has not been evaluated for compliance with regulations governing transmission and reception of radio signals. You are responsible for using this product in compliance with your local laws. -
- In The Box: Enclosed Proxmark, LF Antenna, HF Antenna, 1 HF Tag Bundle, 1 LF Tag Bundle, All Required Cables
- HF Tag Bundle: 1x Mifare 1K, 1x Mifare 4k, and 1x Mifare Ultralight Tags
- LF Tag Bundle: EM4100, 1x HID 1326 ProxCard II, 1x T5577 Tags
- Tested With: Windows XP, Windows 7, Windows 8, Windows 10, Linux, MacOS
- Firmware: github-v3.0.1
- Manufacturer: Rysc Corp.
- Made In: USA
-
Software
- Binaries for version 3.0.1 (New Version)
- Binaries for version 2.3.0 (Old Version)
- Binaries for version 2.2.0 (Old Version)
- Source Code
-
Below is a quick comparison of the Rysc Corp, Elechouse Proxmark3, and RFXSecure Proxmark3 Easy.
RYSC-PM3 ELEC-PM3 RFX-PM3 Antenna Type PCB Wound wire PCB,Wound Wire Antenna Connector 4-pin Mini USB MMCX Integrated Dimensions 82 mm x 52 mm 82 mm x 38 mm 82 mm x 52 mm Battery Connector No Yes No Open Source Hardware Yes No No Firmware github-v3.0.1 github-v2.0.0 github-v2.0.0 FPGA Spartan 2 Spartan 2 Spartan 2 Microprocessor AT91SAM7S512 AT91SAM7S512 AT91SAM7S256 Fully Enclosed Board Yes No No Made In USA China China
MagSpoof
$60.00 USD
-
The Magspoof, originally created by Samy Kamkar is a wireless magnetic stripe emulator. This amazing little device can emulate all three tracks of a magnetic stripe card without actually being swiped.
Rysc Corp revised the original design to include an integrated antenna, on/off switch and a convenient coin cell battery holder. The MagSpoof comes fully assembled, programmed and tested (batteries included).
To work with the MagSpoof you will need the following:
- AVR Programmer
- MagStripe Reader (Recommended)
-
- Dimensions: 8.5 x 5.5 x 0.08 cm
- PCB Thickness: 0.8mm
- Weight: 10 g
- In the Box: MagSpoof and Battery
- PCB Finish: ENIG
- RoHS Compliant: Yes
- Manufacturer: Rysc Corp
- Made in: USA
- License: GPL
- Software Documentation
PortaPack
$220.00 USD
-
Add a PortaPack H1 to your HackRF One software-defined radio, and leave your laptop behind! The PortaPack H1 attaches to your HackRF and adds a touchscreen LCD, navigation controls, headphone jack, real-time clock, micro SD card slot, and custom aluminum case.
Just add a USB battery, and you're ready to explore radio spectrum wherever you are. The PortaPack firmware runs on the fast ARM processors in your HackRF. No computer is necessary (except for reprogramming firmware).
FIRMWARE DEMO
Here's a quick run-through of the current firmware features as of 2016 February 22:
Some features demonstrated in 2016 February 22 firmware video:
- SSB, AM, narrowband FM, wideband FM audio reception, with spectrum waterfall. [Details]
- Wideband (18MHz) spectrum analysis and waterfall.
- Monitoring of boat (AIS), automobile (TPMS), and utility meter transponders (ITRON ERT). [Details]
- HackRF mode runs HackRF firmware for use with host computer SDR software.
- PPM calibration for more accurate tuning.
- Sleep mode saves power by turning off just the display.
OPEN SOURCE
The PortaPack H1 is open-source -- hardware and firmware. The source files are published on GitHub. Contributions, forks, and bug reports are welcome!
-
- In The Box: 1x PortaPack
- Dimensions: 125mm x 79mm x 25mm
- Weight: 240g
- Manufacturer: ShareBrained
- Made In: USA
HackRF One™
$299.00 USD
-
The HackRF One comes in an injection modled plastic enclosure, includes a micro USB cable, and can include an ANT500 or ANT700 for getting started with SDR.
HackRF One from Great Scott Gadgets is a Software Defined Radio peripheral capable of transmission or reception of radio signals from 10 MHz to 6 GHz. Designed to enable test and development of modern and next generation radio technologies, HackRF One is an open source hardware platform that can be used as a USB peripheral or programmed for stand-alone operation.
Features include:- 10 MHz to 6 GHz operating frequency
- half-duplex transceiver
- up to 20 million samples per second
- 8-bit quadrature samples (8-bit I and 8-bit Q)
- compatible with GNU Radio, SDR#, and more
- software-configurable RX and TX gain and baseband filter
- software-controlled antenna port power (50 mA at 3.3 V)
- SMA female antenna connector
- SMA female clock input and output for synchronization
- convenient buttons for programming
- internal pin headers for expansion
- Hi-Speed USB 2.0
- USB-powered
- open source hardware
WARNING: HackRF One is test equipment for RF systems. It has not been tested for compliance with regulations governing transmission of radio signals. You are responsible for using your HackRF One legally. -
- In The Box: HackRF One PCB, Plastic Enclosure, micro USB cable, can include ANT500 or ANT700
- Antenna Range: 75 MHz to 1 GHz
- Antenna Length: 20 cm to 88 cm
- Weight: 228g
- Manufacturer: Great Scott Gadgets
- Made In: China
- Software Documentation
Wundertooth
$125.00 USD
-
The Wundertooth is a remix of the Ubertooth One by Great Scott Gadgets. Each Wundertooth is programmed, tested, and fully assembled prior to shipping. A quick comparison of the two devices is shown below.
Ubertooth One Wundertooth Enclosure No Yes JTAG Header No Yes PCB Substrate DE104iML 370HR Made In China USA Firmware 2017-03-R2 2017-03-R2 RoHS Compliant No Yes
The Wundetooth is an open source 2.4 GHz wireless development platform suitable for Bluetooth experimentation.
Features include:- 2.4 GHz transmit and receive.
- Transmit power and receive sensitivity comparable to a Class 1 Bluetooth device.
- In-System Programming (ISP) serial connector.
- Expansion connector: intended for inter-Ubertooth communication or other future uses.
- Six indicator LEDs.
In addition to monitoring bluetooth communications, the Ubertooth One can also be used as a 2.4Ghz spectrum analyzer.
WARNING: The Wundertooth is test equipment for Bluetooth systems. It has not been tested for compliance with regulations governing transmission of radio signals. You are responsible for using your Ubertooth One legally.
-
- In The Box: Wundertooth with Antenna and Enclosure
- Dimensions: 8.5cm x 2cm x 1cm
- Weight: 28g
- Firmware: 2017-03-R2
- Manufacturer: Rysc Corp.
- Made In: USA
- Software Documentation:
PandwaRF + Antenna Pack
$250.00 USD
-
What is PandwaRF?
PandwaRF is a pocket-sized, portable RF analysis tool operating in the sub-1 GHz range. It allows the capture, analysis and re-transmission of RF via an Android device or a Linux PC. Practically, it removes the ‘standard SDR Grind’ of capturing, demodulating, analyzing, modifying and replaying by hand – replacing it with a simple but powerful interface.
System Overview
The PandwaRF system consists of two elements: the hardware device and the software controller, either an Android device or a PC. The hardware is a very capable device, tailored for beginners and advanced users alike. Beyond the functionality provided by the Android interface, the PandwaRF can be easily controlled and customized. No need to risk bricking your device or writing in C, the PandwaRF can be controlled by JavaScript, directly on the smartphone.
-
- In The Box: PandwaRF, Antenna Pack (315, 433, 868-915 MHz Antenna), Battery, Case
- Manufacturer: PandwaRF
- Operating Frequency: 315, 433, 868-915 MHz
- Made In: France
- Links
ChameleonMini - Rev.G (Includes Enclosure)
$140.00 USD $159.00 USD
-
Based on the open-source RFID emulator ChameleonMini: https://github.com/emsec/
ChameleonMini. ChameleonMini Rev.G. now comes with our clear polycarbonate enclosure.
The credit-card sized ChameleonMini Rev.G is a versatile tool for practical NFC and RFID security analysis, compliance and penetration tests, and various end-user applications. The freely programmable platform can create perfect clones of various existing commercial smartcards, including cryptographic functions and the Unique Identifier (UID). It can be employed to assess security aspects in RFID and NFC environments in different attack scenarios, such as replay or relay attacks, state restoration attacks, sniffing of NFC communication, or functional tests of RFID equipment. New firmware for the ChameleonMini can be comfortably uploaded via a USB bootloader. A convenient, human-readable command set allows to configure its behavior and update the settings and content of up to eight internally stored, virtualized contactless cards. During battery-powered stand-alone operation, the integrated buttons and LEDs enable user interaction and feedback.
The ChameleonMini firmware can be configured and uploaded via USB to emulate a passive NFC device (e.g. a contactless card), act as an active NFC device (e.g. an RFID reader), sniff the communication (i.e. monitor the bits on the RF interface), and log the communication (during emulation and sniffing). The ChameleonMini can be interfaced with standard terminal software, via the command line, or controlled by user-written scripts and applications. The modular firmware structure allows for easy expandability to other not yet supported cards and standards. Various functions and settings can be assigned to the buttons and LEDs. Card contents can be easily uploaded and downloaded via USB using X-MODEM.
Features of the ChameleonMini:
- Firmware support for ISO14443A Codec (emulation and reader)
- Firmware support for Mifare Classic 1K and 4K emulation (4 and 7-byte UID)
- Firmware support for Mifare Ultralight emulation
- Hardware support for ASK modulation (Both 10% and 100%) to cover almost any card standard available
- Hardware support for ASK and BPSK load modulation using a subcarrier
- Modular firmware structure allows for easy expandability of other cards and standards
- Support for quick and reliable firmware update via Atmel DFU bootloader, thus programming hardware is required only once
- Can be controlled using a fully documented AT-like command set via CDC using the LUFA USB stack
- Up to eight virtualized cards with a size of up to 8 kB per card can be stored in the non-volatile memory of ChameleonMini
- Card contents can be easily uploaded and downloaded by means of the command line and X-MODEM
- UID of ISO14443A cards can be obtained easily in reader mode
- ChameleonMini can be interfaced with standard terminal software as well as user written scripts and applications
-
- In The Box: 1x ChameleonMini, 1x Enclosure, 1x 3ft Micro USB Cable, 1x LIR2032 Lithium Battery
- Dimensions: 111.0 mm (L) x 53.0 mm (W) x 5.8 mm (H)
- Weight: 20 g
- Operating Frequency: 13.56 MHz
- Operating Distance: Up to 60 mm
- Firmware: Available on Github (note that the ChameleonMini Rev.G is delivered with test firmware only)
- Hardware Version: Rev.G
- Manufacturer: Kasper & Oswald GmbH
- Made In: China
- Documentation
-
Below is a quick comparison of the ChameleonMini RevE-2 and Rev.G
ChameleonMini RevE-2 ChameleonMini Rev.G Microcontroller ATXMega32 ATXMega128 Operating Distance Up to 30 mm Up to 60 mm Buttons One Two On-board Battery No Yes Power Switch No Yes
USB Armory (Includes Enclosure)
$150.00 USD
-
The USB Armory from Inverse Path is an open source hardware design, implementing a flash drive sized computer. The USB Armory comes with an enclosure. The USB Armory can also be purchased as a Kit which includes an Enclosure, Host Adapter and SD Card with Debian.
The compact USB powered device provides a platform for developing and running a variety of applications.
The security features of the USB Armory System on a Chip (SoC), combined with the openness of the board design, empower developers and users with a fully customizable USB trusted device for open and innovative personal security applications.
The hardware design features the Freescale i.MX53 processor, supporting advanced security features such as secure boot and ARM® TrustZone®.
The USB armory hardware is supported by standard software environments and requires very little customization effort. In fact vanilla Linux kernels and standard distributions run seamlessly on the tiny USB armory board.
- Freescale i.MX53 ARM® Cortex™-A8 800Mhz, 512MB DDR3 RAM
- USB host powered (<500 mA) device with compact form factor (65 x 19 x 6 mm)
- ARM® TrustZone®, secure boot + storage + RAM
- microSD card slot
- 5-pin breakout header with GPIOs and UART
- customizable LED, including secure mode detection
- excellent native support (Android, Debian, Ubuntu, Arch Linux)
- USB device emulation (CDC Ethernet, mass storage, HID, etc.)
- Open Hardware & Software
-
The USB armory board has been created by Inverse Path to support the development of a variety of security applications.
The capability of emulating arbitrary USB devices in combination with the i.MX53 SoC speed, the security features and the flexible and fully customizable operating environment, makes the USB armory the ideal platform for all kinds of personal security applications.
The transparency of the open and minimal design for the USB armory hardware facilitates auditability and greatly limits the potentiality and scope of supply chain attacks.
The secure boot feature allows users to fuse verification keys that ensure only trusted firmware can be ever executed on a specific USB armory board.
The support for ARM® TrustZone®, in contrast to conventional TPMs, allows developers to engineer custom trusted platform modules by enforcing domain separation, between the "secure" and "normal" worlds, that propagates throughout all SoC components, and therefore not only limited to the CPU core.
An excellent overview of the technology and its support for the i.MX53 SoC can be found at the Genode framework project.
Proof of concept applications have already been tested and will soon be released.
The following example security application ideas illustrate the flexibility of the USB armory concept:
- Hardware Security Module (HSM)
- File storage with advanced features such as automatic encryption, virus scanning, host authentication and data self-destruct
- OpenSSH client and agent for untrusted hosts (kiosk)
- Router for end-to-end VPN tunnelling, Tor
- Password manager with integrated web server
- Electronic wallet (e.g. pocket Bitcoin wallet)
- Authentication token
- Portable penetration testing platform
- Low level USB security testing
Standard connectivity options:
- HS USB 2.0 On-The-Go (OTG) with device emulation
- TCP/IP communication via CDC Ethernet emulation
- Flash drive functionality via mass storage device emulation
- Serial communication over USB or physical UART
-
- USB Armory
- In The Box: 1x USB Armory and Enclosure
- Dimensions: 65mm x 19mm x 6mm
- Weight: 18 g
- Manufacturer: Inverse Path
- Made In: Italy
- Resources Documentation Community
Blog posts
