In early October 2024, the open-source USB Army Knife project released its version 1.0, targeting testers and penetration testing specialists. The project, developed in JavaScript and C++, is now available on GitHub under the MIT license, allowing for free usage and modification.
USB Army Knife is a versatile software designed for use on compact devices like ESP32-S3. It offers a wide array of tools for security testing, including USB device emulation and exploiting vulnerabilities in network protocols. Key features of the project include BADUSB support, emulation of known devices, mimicking network devices, and exploiting WiFi and Bluetooth vulnerabilities using the ESP32 Marauder library. The project also features a user-friendly web interface based on Bootstrap for easy configuration and use.
The USB Army Knife operates on the ESP32-S3 board, designed to look like a USB flash drive, with a colored LCD and support for external Micro SD cards. It includes a physical button and SPI adapter to enhance its configurability for various testing scenarios. With 16MB of internal memory, the device has ample resources for running multiple tools.
By providing a platform for testing security perimeters and network systems, USB Army Knife offers information security experts the ability to configure their local tools effectively and check systems for vulnerabilities related to USB and wireless technologies.