{"id":50753266,"url":"https://github.com/lxveace/cyber-controller","last_synced_at":"2026-06-29T22:00:34.657Z","repository":{"id":363906564,"uuid":"1265491204","full_name":"LxveAce/cyber-controller","owner":"LxveAce","description":"The all-in-one security hardware controller for cyberdecks \u0026 field deployments — flash, control \u0026 coordinate ESP32 (Marauder/Bruce/GhostESP), Flipper Zero, and Raspberry Pi security hardware from one dashboard.","archived":false,"fork":false,"pushed_at":"2026-06-27T19:11:06.000Z","size":716,"stargazers_count":6,"open_issues_count":0,"forks_count":1,"subscribers_count":0,"default_branch":"master","last_synced_at":"2026-06-27T19:12:00.837Z","etag":null,"topics":["arduino","bluetooth","cyberdeck","cybersecurity","esp32","esp32-marauder","esp32-s3","firmware-flasher","flipper-zero","flipperzero","hardware-hacking","iot-security","marauder","penetration-testing","pentesting","red-team","subghz","wardriving","wifi","wireless-security"],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/LxveAce.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-06-10T20:29:22.000Z","updated_at":"2026-06-27T19:11:09.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/LxveAce/cyber-controller","commit_stats":null,"previous_names":["lxveace/cyber-controller"],"tags_count":4,"template":false,"template_full_name":null,"purl":"pkg:github/LxveAce/cyber-controller","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/LxveAce%2Fcyber-controller","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/LxveAce%2Fcyber-controller/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/LxveAce%2Fcyber-controller/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/LxveAce%2Fcyber-controller/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/LxveAce","download_url":"https://codeload.github.com/LxveAce/cyber-controller/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/LxveAce%2Fcyber-controller/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34944147,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-29T02:00:05.398Z","response_time":58,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["arduino","bluetooth","cyberdeck","cybersecurity","esp32","esp32-marauder","esp32-s3","firmware-flasher","flipper-zero","flipperzero","hardware-hacking","iot-security","marauder","penetration-testing","pentesting","red-team","subghz","wardriving","wifi","wireless-security"],"created_at":"2026-06-11T03:00:30.785Z","updated_at":"2026-06-29T22:00:34.650Z","avatar_url":"https://github.com/LxveAce.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cdiv align=\"center\"\u003e\n\n\u003cimg src=\"assets/cc-logo.png\" alt=\"Cyber Controller Logo\" width=\"400\"\u003e\n\n# Cyber Controller\n\n### The all-in-one security hardware controller for cyberdecks \u0026 field deployments.\n\n**Flash. Control. Coordinate.** — every piece of your security hardware, from one dashboard.\n\n[![License](https://img.shields.io/github/license/LxveAce/cyber-controller?style=for-the-badge)](LICENSE)\n[![Python](https://img.shields.io/badge/python-3.12+-3776AB?style=for-the-badge\u0026logo=python\u0026logoColor=white)](https://www.python.org/)\n[![Platform](https://img.shields.io/badge/platform-Windows%20%7C%20Linux%20%7C%20macOS%20%7C%20ARM-blue?style=for-the-badge)](#ui-modes)\n[![ESP32](https://img.shields.io/badge/ESP32-Marauder%20%7C%20Bruce%20%7C%20Ghost__ESP-E7352C?style=for-the-badge\u0026logo=espressif\u0026logoColor=white)](#supported-firmwares)\n[![Flipper Zero](https://img.shields.io/badge/Flipper%20Zero-Unleashed%20%7C%20Momentum-FF8200?style=for-the-badge)](#supported-firmwares)\n[![Firmwares](https://img.shields.io/badge/firmware%20profiles-21-success?style=for-the-badge)](#supported-firmwares)\n[![Latest](https://img.shields.io/github/v/release/LxveAce/cyber-controller?style=for-the-badge\u0026label=release)](https://github.com/LxveAce/cyber-controller/releases)\n[![GitHub stars](https://img.shields.io/github/stars/LxveAce/cyber-controller?style=for-the-badge\u0026logo=github)](https://github.com/LxveAce/cyber-controller/stargazers)\n\n[**Website**](https://cybercontroller.org) · [**Releases**](https://github.com/LxveAce/cyber-controller/releases) · [**Changelog**](CHANGELOG.md) · [**Downloads**](https://cybercontroller.org/#downloads)\n\n\u003c/div\u003e\n\n---\n\n\u003c!-- STATUS-ROADMAP:START --\u003e\n## Status \u0026 Roadmap\n\n**Status:** **v1.4.0** is the latest release — **smart installation / version-aware startup**: on launch\nthe app reconciles its config against the running version, carries an upgrade forward silently, and on a\ndowngrade/overwrite prompts to **Keep \u0026 Continue** or **Back up \u0026 Start Fresh** (the old config is moved\naside, never deleted). It builds on a run of installer/UX releases (v1.3.1–v1.3.3): an **animated startup**\nloading screen, a **four-interface launcher**, and a **splash screen** for the slow onefile self-extract —\nall on top of the **v1.3.0** security-hardening base (secure container, brute-force lockout, duress\nself-wipe, dual-depth Simple/Pro, +4 firmwares).\n\n**Shipped in v1.3.1 – v1.4.0:**\n- **Smart installation / version-aware startup (v1.4.0)** — the app recognizes a previous install and\n  reconciles it: an **upgrade** carries settings + the encrypted vault forward silently; a **downgrade**\n  (an older build over a newer config — the \"paths collide / overwrite\" case) prompts **Keep \u0026 Continue**\n  or **Back up \u0026 Start Fresh**, and the old config is always **moved aside, never deleted** (restorable).\n  A `.installed_version` marker is written; fully silent for headless/CLI use. Single source of truth for\n  the version in `src/version.py`.\n- **Animated startup (v1.3.3)** — a frameless loading screen (logo + indeterminate progress + status) while\n  the dashboard builds, then a cross-fade to the main window. Motion-token-driven; honors reduced-motion.\n  Reserved for the full PyQt5 GUI; the lightweight Tk/TUI/web UIs stay unanimated.\n- **Four-interface launcher (v1.3.2)** — launching with no `--ui` now offers all four front-ends\n  (**Full GUI (PyQt5) · Lightweight (Tkinter) · Terminal UI (Textual) · Web Remote**); the splash closes\n  before the launcher, and **Web Remote auto-opens your browser** from a packaged build.\n- **Installer splash screen (v1.3.1)** — the Windows onefile shows a splash within ~1–2 s of launch (the\n  ~15 s self-extraction previously gave no feedback and read as a failed install), plus a MinigotchiV3\n  profile fix.\n\n**Shipped in v1.3.0:**\n- **Secure container (opt-in)** — app-internal saves (e.g. recorded command sessions) encrypted at rest\n  (AES-256-GCM) in a gate-keyed container that is **sealed/unreadable while the access gate is locked**;\n  ciphertext-only writes (no transient plaintext), tamper fails closed. Toggle in **Settings ▸ Secure Container**.\n- **Brute-force lockout** on the access gate — a persistent failed-attempt counter (survives restart)\n  with exponential-backoff cooldown, constant-time password compare.\n- **Duress self-wipe (opt-in, off by default)** — after N consecutive failed unlocks the app securely\n  wipes its own footprint (vault, keys, config, container). Honest scope: defeats casual/seizure access,\n  not a forensic lab on wear-leveled SSDs.\n- **Boot / startup-bypass hardening** — modifying an already-configured gate (clear / change password /\n  policy / add key) now requires passing the gate first; the gate is enforced before any UI bootstrap.\n- **Dual-depth Simple/Pro interface** — a streamlined Simple view (fewer controls) and the full Pro view\n  (default, zero penalty). Switch via **View ▸ Interface Mode**, the status-bar badge, or **Ctrl+M**.\n- **4 new firmware profiles** — **T-REX** (LilyGo T-Deck pentest terminal), **MCLite** (MeshCore off-grid\n  comms), **ESP32 Bit Pirate**, and **Hydra32 / ESP32-Deauther** (SHA-256-pinned) — all drop-in JSON.\n- **esptool range guard** — a clear message if an out-of-range esptool (v6+) is installed, instead of a\n  cryptic argparse failure mid-flash.\n\n**Previously shipped (v1.2.1):**\n- **Unified flashing in one app, two clearly separate tabs** — a **Firmware tab** for hardware (ESP32 Marauder / GhostESP / Bruce / etc. plus Raspberry Pi SD images) and a **Software (OS) tab** for PC/USB operating systems.\n- **Software (OS) tab** — flash verified **Kali Linux, Tails OS, Arch** to USB, with the latest version auto-resolved (and an offline bundled fallback), **SHA-256 + OpenPGP verified** before writing.\n- **Auto-updating firmware/OS catalog** so versions are always current, **plus full offline use** — a cached catalog and already-downloaded images flash with no internet; a weekly CI job keeps the bundled OS catalog current; the app also self-updates.\n- **In-app tooltips on every control** and a thorough **How-To / tutorial tab**.\n- **Wardriving** (Cyber Controller only — the all-in-one controller is also the main GUI for cyberdecks): GPS-tagged Wi-Fi capture exported to **WiGLE CSV**, for **lawful, owner-authorized** use. (The companion **universal-flasher** stays strictly a flasher — firmware + software tabs only, no controller / logger / wardriving.)\n- **In-app Access-Gate setup** — provision the admin password / physical USB key / policy straight from **Settings ▸ Access Gate** in the GUI (no longer CLI-only), backed by salted-scrypt verifiers + an encrypted vault. Requires an admin password and/or the physical USB key be present before the app unlocks (policy configurable: password-only, key-only, or both), covering both the desktop and web entry points.\n- **Windows one-click `.exe` startup crash fixed and verified** — bundled-asset loading hardened so the packaged GUI starts cleanly on a clean Windows host; a missing bundled resource now degrades gracefully instead of failing.\n\n**Roadmap:**\n- Windows code-signing + installer to reduce SmartScreen/Defender friction.\n\u003c!-- STATUS-ROADMAP:END --\u003e\n\n\n## Owner access gate \u0026 Tails flashing\n\n**Physical-key access gate** — optionally require an admin password and/or a provisioned USB key to\nopen the app (fail-closed; OFF by default). Owner-only defensive use on hardware you own. As of\n**v1.2.1** the whole gate can be set up from the GUI in **Settings ▸ Access Gate** (set the admin\npassword / physical USB key / policy) — the CLI flags below remain available too:\n- `cyber-controller --set-admin-password` — set the admin password.\n- `cyber-controller --create-physical-key [--key-drive \u003cUSB\u003e]` — provision a USB stick as an unlock key.\n- `cyber-controller --gate-policy {both|either|password|key}` — set the policy (default `both` = AND).\n- `cyber-controller --gate-status` · `--clear-gate`.\n\nThe app then prompts before launching (a Qt dialog in the GUI; console otherwise). The password and\nthe key secret are stored only as salted **scrypt verifiers** — never in plaintext. This deters\ncasual access; it is not proof against an adversary who can image the disk/USB.\n\n**Hardening (v1.3.0):** the gate is enforced **before any UI/device bootstrap** and **fails closed**\n(an encrypted vault with the gate config removed refuses to start). Failed unlocks are rate-limited\nwith a **persistent, exponential-backoff lockout**; modifying an already-configured gate requires\n**passing it first** (no pre-auth reset). An **opt-in duress self-wipe** can destroy the app's own\nfootprint after N failed attempts (off by default), and an opt-in **secure container** keeps app saves\nencrypted at rest and sealed while locked. See [`SECURITY.md`](SECURITY.md) for the full posture and an\nhonest statement of what these guarantees do and don't cover.\n\n**Flash Tails OS (amnesiac live USB)** — write the official Tails USB image to a removable USB:\n- `cyber-controller --flash-tails --tails-image \u003ctails-amd64-*.img\u003e [--tails-sha256 \u003chex\u003e] [--tails-sig \u003cfile\u003e] [--target \u003cdevice\u003e]`\n\n`.img` only (an `.iso` is the wrong file). The image's **SHA-256 is checked** against the official\nchecksum; if `gpg` is present, the **detached signature is verified** against the Tails signing key.\nIt writes only to a **removable, confirmed** device (the whole USB is erased) and verifies the write\nby reading it back.\n\n\n## What is this?\n\nCyber Controller is the flagship convergence of the **Lxve ESP32 security toolchain** — it merges\n[Headless Marauder GUI](https://github.com/LxveAce/headless-marauder-gui),\n[Universal Flasher](https://github.com/LxveAce/universal-flasher), and\n[Universal Flasher \u0026 UI](https://github.com/LxveAce/universal-flasher-ui) into a single unified tool,\nwith [Dead Man's Switch](https://github.com/LxveAce/deadmans-switch) anti-forensic provisioning built in.\nIt is built for **cyberdecks, field deployments, and security research** — runs on ARM + x64, on a\n7\" touchscreen, headless over SSH, or from a phone.\n\n\u003e Designed to drive a multi-device cyberdeck — but just as happy flashing a single $12 CYD on your desk.\n\nIt is a self-taught hobby project, hardened and tested as it grows. Authorized security testing,\neducation, and CTF use only.\n\n## Three Pillars\n\n### Flash\n- **21 firmware profiles** across **5 backends**: `esptool` (ESP32 family), `qFlipper` (Flipper Zero),\n  `ADB` (Android / Orbic), `SD image` (Raspberry Pi), and **`rtl8720` (Realtek AmebaD)** for the\n  dual-band 2.4/5 GHz **BW16 / RTL8720DN** — hardware-validated end-to-end (fetches the firmware\n  bundle, drives the AmebaD ImageTool, SHA-256-verifies before flashing).\n- **Hardware-validated flash core** ported from the field-proven `headless-marauder-gui` /\n  `universal-flasher` lineage: chip auto-detection (`esptool chip_id` is run first — the chip is never\n  hardcoded), the critical `--flash_size detect` anti-brick patch, correct per-chip bootloader offsets\n  (including the **ESP32-C5 `0x2000`** gotcha), and child-process kill-on-error so a failed flash never\n  holds the serial port.\n- **Offline Firmware Vault** (download cache + integrity pinning), **batch flash** (sequential /\n  parallel), **backup \u0026 restore**, and handling for the awkward formats: GhostESP `.zip` bundles\n  (extract `merged.bin`, flash at `0x0`), Meshtastic per-chip archives, and AmebaD multi-image layouts.\n\n### Control\n- **Protocol-aware serial monitor** with a **per-device firmware selector** and per-firmware command\n  palettes. Nine native serial parsers ship: **Marauder, GhostESP, Bruce, Flipper, HaleHound,\n  Meshtastic, ESP32-DIV, BW16 (RTL8720DN `AT+` CLI), and BlueJammer (telemetry-only)** — with a generic\n  raw passthrough as a fallback.\n- **Safety / disclaimer layer** — dangerous transmit commands (deauth / jam / beacon spam) are\n  **labeled and confirmed, never blocked**; a one-time legal disclaimer on first launch plus a\n  Settings \"suppress all warnings\" master toggle. Full capability is always retained.\n- **Macro recorder \u0026 playback** with timing capture and variable substitution.\n- **Tamper-evident audit trail** — a SHA-256 hash chain over flashes and serial commands, durable\n  (append-only, owner-only on disk), loaded and verified on startup.\n\n### Coordinate\n- **Unified Action Broadcast** — one intent verb (*Find APs*, *Deauth All*, *BLE Scan*, *SubGHz Scan*,\n  *Capture Handshakes*, *Beacon Spam*, *BLE Spam*, *Mesh Status*, *STOP ALL*) fans out to **every\n  connected radio at once**, each translated into that firmware's own native command, via per-port\n  worker threads. Partial support is first-class (unsupported devices are named and reported); `STOP\n  ALL` is never gated.\n- **Shared target pool** across every connected device — one board discovers an AP, another deauths\n  it, another sniffs the handshake, all from one screen. Results from a broadcast converge back into\n  the pool automatically.\n\n## Supported Firmwares\n\n21 firmware profiles ship in `src/config/profiles/`. Each tracks its **latest upstream release** at\nflash time and auto-selects the correct per-board binary.\n\n\u003e 📚 **[Hardware Guides →](https://github.com/LxveAce/cyber-controller-guides)** — an in-depth, per-firmware\n\u003e walkthrough for every entry below: **what to buy, how to build it, how to flash \u0026 run it, how to\n\u003e integrate it into Cyber Controller, and troubleshooting** — each with a downloadable PDF.\n\n| Firmware | Upstream | Chips | Backend |\n|----------|----------|-------|---------|\n| **ESP32 Marauder** | [justcallmekoko/ESP32Marauder](https://github.com/justcallmekoko/ESP32Marauder) | ESP32 / S2 / S3 / C5 | esptool |\n| **Bruce** | [BruceDevices/firmware](https://github.com/BruceDevices/firmware) | ESP32 / S3 / C-series | esptool (merged) |\n| **GhostESP** | [GhostESP-Revival/GhostESP](https://github.com/GhostESP-Revival/GhostESP) | ESP32 / S2 / S3 / C-series | esptool (zip) |\n| **HaleHound** | [JesseCHale/HaleHound-CYD](https://github.com/JesseCHale/HaleHound-CYD) | ESP32 (CYD) | esptool |\n| **ESP32-DIV** | [cifertech/ESP32-DIV](https://github.com/cifertech/ESP32-DIV) | ESP32-S3 (v2) / ESP32 (legacy) | esptool |\n| **MinigotchiV3** | [dj1ch/minigotchi-V3](https://github.com/dj1ch/minigotchi-V3) | ESP32 (dual-core) / S3 | esptool |\n| **Meshtastic** | [meshtastic/firmware](https://github.com/meshtastic/firmware) | ESP32-S3 / Heltec | esptool (zip) |\n| **Flock-You** | [colonelpanichacks/flock-you](https://github.com/colonelpanichacks/flock-you) | ESP32-S3 | esptool |\n| **OUI-Spy** | [colonelpanichacks/oui-spy](https://github.com/colonelpanichacks/oui-spy) | ESP32-S3 | esptool |\n| **Sky-Spy** (drone RemoteID) | [colonelpanichacks/Sky-Spy](https://github.com/colonelpanichacks/Sky-Spy) | ESP32-S3 / C6 | esptool |\n| **AirTag Scanner** | [MatthewKuKanich/ESP32-AirTag-Scanner](https://github.com/MatthewKuKanich/ESP32-AirTag-Scanner) | ESP32 / S3 | esptool |\n| **Chasing Your Tail NG** (counter-surveillance) | [ArgeliusLabs/Chasing-Your-Tail-NG](https://github.com/ArgeliusLabs/Chasing-Your-Tail-NG) | ESP32 | esptool |\n| **T-REX** (LilyGo T-Deck pentest terminal) | [abdallahnatsheh/T-REX-FIRMWARE](https://github.com/abdallahnatsheh/T-REX-FIRMWARE) | ESP32-S3 (T-Deck / T-Deck Plus) | esptool (merged) |\n| **MCLite** (MeshCore off-grid comms) | [laserir/MCLite](https://github.com/laserir/MCLite) | ESP32-S3 (T-Deck Plus / T-Watch Ultra LoRa) | esptool (merged) |\n| **ESP32 Bit Pirate** | [geo-tp/ESP32-Bit-Pirate](https://github.com/geo-tp/ESP32-Bit-Pirate) | ESP32-S3 (Xiao / Cardputer / T-Embed) | esptool (merged) |\n| **Hydra32 / ESP32-Deauther** ⚠ *authorized testing only* | [SameerAlSahab/ESP32-Deauther](https://github.com/SameerAlSahab/ESP32-Deauther) | ESP32 (DevKit V1) | esptool (SHA-256-pinned) |\n| **BW16 / RTL8720 Vampire Deauther** | [RTL8720dn-Deauther](https://github.com/tesa-klebeband/RTL8720dn-Deauther) | **RTL8720DN** (AmebaD, dual-band 2.4/5 GHz + BLE) | **rtl8720** |\n| **BlueJammer-V2 — ESP32 engine** ⚠ *lab-only / illegal to operate* | [EmenstaNougat/BlueJammer-V2](https://github.com/EmenstaNougat/BlueJammer-V2) | ESP32-WROOM-32U | esptool |\n| **BlueJammer-V2 — BW16 controller** ⚠ *lab-only / illegal to operate* | [EmenstaNougat/BlueJammer-V2](https://github.com/EmenstaNougat/BlueJammer-V2) | RTL8720DN | rtl8720 |\n| **Flipper Momentum** | [Next-Flip/Momentum-Firmware](https://github.com/Next-Flip/Momentum-Firmware) | STM32WB55 | qFlipper |\n| **Flipper Unleashed** | [DarkFlippers/unleashed-firmware](https://github.com/DarkFlippers/unleashed-firmware) | STM32WB55 | qFlipper |\n| **RayHunter** (IMSI-catcher detect) | [EFForg/rayhunter](https://github.com/EFForg/rayhunter) | Orbic RC400L | ADB |\n| **Pwnagotchi** | [jayofelony/pwnagotchi](https://github.com/jayofelony/pwnagotchi) | Raspberry Pi | SD image |\n| **RaspyJack** | [7h30th3r0n3/RaspyJack](https://github.com/7h30th3r0n3/RaspyJack) | Raspberry Pi | SD image |\n| **Kali ARM** | [kali.org](https://www.kali.org/get-kali/) | Raspberry Pi | SD image |\n| **Custom / local .bin** | — | any ESP32 | esptool |\n\n\u003e ⚠ **BlueJammer-V2** is included strictly as a **flash-and-study target for an authorized lab**.\n\u003e RF jamming is illegal to transmit (FCC 47 U.S.C. 333). Per the project's *label, never block*\n\u003e doctrine the profiles are flashable but carry the strongest illegal-transmit label, the closed-source\n\u003e binaries are **SHA-256-pinned and fetched at flash time (never vendored)**, and Cyber Controller\n\u003e exposes **no serial command channel or operate/transmit control** for the device — its parser is\n\u003e telemetry-only.\n\n## Supported Hardware\n\n### ESP32 boards\n| Board | Chip | Notes |\n|-------|------|-------|\n| Lonely Binary ESP32 Gold | ESP32-WROOM-32E | Marauder / Flock / BLE scan |\n| Cheap Yellow Display (2.4″/2.8″/3.2″/3.5″) | ESP32 | Marauder GUI, HaleHound, Bruce — use the **resistive** 2.8″ `2432S028R` |\n| Waveshare ESP32-C5 | ESP32-C5 | Dual-band 2.4 + 5 GHz WiFi 6 (bootloader `0x2000`) |\n| M5Stack Cardputer / Cardputer ADV | ESP32-S3 | Bruce, Marauder, Minigotchi |\n| M5StickC Plus2 | ESP32-PICO-V3 | Bruce, Marauder |\n| LilyGo T-Embed CC1101 / T-Deck / T-Dongle-S3 | ESP32-S3 | Bruce, Marauder, Meshtastic |\n| Flipper Zero WiFi Dev Board | ESP32-S2 | Marauder `flipper`, FlipperHTTP |\n| Marauder Mini / Mini v3 (C5) | ESP32 / ESP32-C5 | Official Koko hardware |\n| Heltec LoRa V3 | ESP32-S3 | Meshtastic (915 MHz US) |\n\n### Other devices\n| Device | Role |\n|--------|------|\n| Raspberry Pi 5 / Pi Zero 2 W | Central brain · Pwnagotchi · Kali · RaspyJack |\n| Flipper Zero | Sub-GHz / RFID / NFC (qFlipper backend) |\n| BW16 / RTL8720DN | Dual-band 2.4/5 GHz WiFi + BLE (rtl8720 / AmebaD backend) |\n| Orbic RC400L | RayHunter IMSI-catcher detector (ADB) |\n\n### Flash-offset reference (the part that bricks boards if you get it wrong)\n| Chip family | bootloader | partitions | boot_app0 | app |\n|-------------|-----------|-----------|-----------|-----|\n| ESP32, ESP32-S2 | `0x1000` | `0x8000` | `0xE000` | `0x10000` |\n| ESP32-S3, C2, C3, C6, H2 | `0x0` | `0x8000` | `0xE000` | `0x10000` |\n| **ESP32-C5, P4** | **`0x2000`** | `0x8000` | `0xE000` | `0x10000` |\n\nMerged single-image firmwares (e.g. Bruce, GhostESP `merged.bin`) flash at `0x0`. The engine never\nhardcodes the chip — it runs `esptool chip_id` first.\n\n## UI Modes\n\n| Mode | Framework | Use case |\n|------|-----------|----------|\n| Full Dashboard | PyQt5 | Primary — 7″ touchscreen, all features |\n| Lightweight | Tkinter | Low-resource ARM systems |\n| TUI | Textual | SSH / headless |\n| Web Remote | Flask + SocketIO | Phone control of a headless Pi |\n\nWhen launched without `--ui`, a picker dialog lets you choose the interface.\n\n**Dual-depth (Simple / Pro):** within the Qt dashboard, an interface mode toggles between a streamlined\n**Simple** view (fewer controls per tab — great to start) and the full **Pro** view (default, every\ncontrol). Switch via **View ▸ Interface Mode**, the status-bar badge, or **Ctrl+M**; the choice\npersists. Pro has zero feature penalty, and safety/authorization prompts show in **both** modes.\n\n## Security\n\nCyber Controller drives real RF-attack and flashing hardware, so the codebase is hardened to match.\nA full security audit (10 findings) was completed in v1.1.0; see [SECURITY.md](SECURITY.md) and the\n[Changelog](CHANGELOG.md) for the detail.\n\n- **Authenticated web remote** — the SocketIO layer rejects unauthenticated sockets and validates a\n  per-session CSRF/connection token; the web UI binds **`127.0.0.1` by default** (LAN exposure is an\n  explicit opt-in, TLS-encouraged); no usable default credentials (a strong one-time password is\n  generated if `CC_WEB_PASS` is unset); constant-time scrypt credential checks; CORS allowlist; CSRF +\n  per-IP rate limiting; strict security headers; a per-request **CSP nonce** (no `script-src\n  'unsafe-inline'`); and XSS-safe `textContent` rendering of over-the-air scan data.\n- **Supply-chain hardening** — firmware downloads are pinned to an **HTTPS GitHub host allowlist with\n  redirect validation (SSRF-safe)**, path-traversal-guarded, size-capped, and support **SHA-256\n  integrity pinning**; bundle flashing is TOCTOU-safe with per-file SHA-256 verification.\n- **Authenticated encryption** — session storage is **AES-256-GCM (scrypt KDF)** and **fails closed**\n  (no unauthenticated fallback; `cryptography` is a mandatory dependency).\n- **Windows-aware secrets** — explicit owner+SYSTEM **NTFS ACLs** on `~/.cyber-controller` and the web\n  secret key / encrypted vault / settings (POSIX `0600` is a no-op on the Windows-primary deployment).\n- **Command-injection defenses** — serial writes reject embedded control characters and the\n  auto-router uses safe fixed-placeholder substitution (never `str.format`) on attacker-influenced\n  SSID/MAC values.\n\n\u003e Authorized security testing, education, and CTF use only — see the\n\u003e [disclaimer](https://esp32marauder.com/disclaimer.html). To report a vulnerability, email the\n\u003e address in [SECURITY.md](SECURITY.md) rather than opening a public issue.\n\n## Quick Start\n\n```bash\n# Install (Python 3.12+). Extras: tk / tui / web / full / dev\npip install -e \".[full]\"\n\n# Full PyQt5 dashboard\ncyber-controller\n\n# Lightweight / TUI / web remote\ncyber-controller --ui tk\ncyber-controller --ui tui\ncyber-controller --ui web                       # binds 127.0.0.1:5000\n\n# Web remote credentials (no default password is shipped)\nexport CC_WEB_USER=operator\nexport CC_WEB_PASS='choose-a-strong-one'\ncyber-controller --ui web\n```\n\nLAN exposure is deliberate: bind `--host 0.0.0.0` only with `CC_WEB_ALLOW_LAN=1`, and provide\n`CC_WEB_CERT` / `CC_WEB_KEY` for TLS. (Behind the bundled dev server a non-local bind additionally\nrequires `CC_WEB_ALLOW_DEV_SERVER=1` — prefer a reverse proxy.)\n\n## Building\n\n```bash\npython build.py        # PyInstaller single-file executable in dist/\n```\n\nCI (`.github/workflows/build-release.yml`) builds Windows, Linux, ARM, and macOS executables on tag\nand attaches them to the GitHub release.\n\n## Development Roadmap\n\n### Phase 1 — Core ✅\n- [x] Architecture, offline Firmware Vault, device health, hot-plug manager\n- [x] Macro recorder \u0026 playback, durable tamper-evident audit trail\n- [x] Hardware-validated flash core (chip detect, anti-brick `--flash_size detect`, C5 `0x2000`)\n- [x] Real ADB / SD-image / AmebaD backends, backup + restore, batch flash\n\n### Phase 2 — Intelligence ✅\n- [x] Protocol parsers (Marauder, GhostESP, Bruce, Flipper, HaleHound, Meshtastic, ESP32-DIV, BW16, BlueJammer) + registry\n- [x] Shared target pool (APs + BLE / SubGHz / NFC / rogue-AP) + cross-comm UI\n- [x] Per-device firmware selector (any firmware feeds the AutoRouter, not just Marauder)\n- [x] BW16 / RTL8720DN AmebaD flash backend — HW-validated end-to-end\n- [x] Safety / disclaimer layer (labels \u0026 confirms dangerous TX, never blocks; suppressible)\n- [x] Encrypted session storage (AES-256-GCM)\n- [ ] Target dossier panel · network topology graph · mission planner · duress mode\n\n### Phase 3 — Orchestration\n- [x] Headless web remote (hardened) · settings persistence\n- [x] Unified Action Broadcast (one verb fans out to every connected radio)\n- [ ] Attack chain builder · trigger/event system · scheduled task engine\n\n### Phase 4 — Extended\n- [ ] Signal heatmap · RF waterfall · PCAP pipeline · recon bridge · mesh relay · plugin system\n\n### Firmware \u0026 backend expansion\n\nPlanned additions, rolling out in tiered releases — including new backends (`dfu-util`, `UF2`) to reach\nhardware such as the HackRF One, Proxmark3, Pi Pico / RP2040, and Chameleon Ultra. The full plan lives\nat [cybercontroller.org](https://cybercontroller.org/#firmware). Targets are added only once a profile\nis wired up and (where possible) validated on real hardware — the count above reflects what ships today,\nnot the plan.\n\n## Dead Man's Switch Integration\n\n[Dead Man's Switch](https://github.com/LxveAce/deadmans-switch) (`deadmans-switch`) ships as a git\nsubmodule for owner-only anti-forensic provisioning: a PBKDF2-HMAC-SHA256 boot-password gate, 2-fail\nautomatic wipe, GPIO dead-man switch, and eFuse + Flash Encryption (T2). Set the password \u0026 duress\nconfig straight from the controller — **`cyber-controller --deadman-setup`** (interactive) or **Tools ▸\nDead Man's Switch Setup** in the Qt UI — which hashes the password **host-side** (PBKDF2, zeroized, never stored, never on\nargv) and bakes the `guardcfg` bundle. Bundles flash through the controller with **TOCTOU-safe per-file\nSHA-256 verification** — no unverified anti-forensic build is ever written, and a suicide-schema bundle\nrefuses to flash without a SHA-256 for every file.\n\nThe on-trigger wipe is **hardware-validated** to obliterate the *entire* flash — bootloader, partition\ntable, the full running app, NVS/SPIFFS/logs, and the SD card — with a forensic random-overwrite pass,\nleaving an all-`0xFF` chip with no trace (the running app self-erases via a ROM-SPI bypass inside the IDF\nflash-only critical section; recoverable only by the owner over UART on T1).\n\n\u003e Cyber Controller itself only **flashes** a bundle the deadmans-switch provisioner already built — it\n\u003e never burns eFuses or performs T2 / secure-boot provisioning.\n\n## Ecosystem\n\n| Project | What |\n|---------|------|\n| [headless-marauder-gui](https://github.com/LxveAce/headless-marauder-gui) | Standalone Marauder controller + flasher (4 UIs) |\n| [universal-flasher](https://github.com/LxveAce/universal-flasher) | Multi-firmware flasher + device manager |\n| [deadmans-switch](https://github.com/LxveAce/deadmans-switch) | Anti-forensic firmware provisioner |\n| [cybercontroller.org](https://cybercontroller.org) | Flagship website — interactive demo, firmware library, downloads |\n| [esp32marauder.com](https://esp32marauder.com) | ESP32 security tools hub |\n\n## Contributing\n\nIssues and PRs welcome. Run `python -m pytest` before submitting — the suite covers the flash core,\nprotocols, backends, the security hardening, and the broadcast engine.\n\n## License\n\nMIT — Copyright © 2026 [LxveAce](https://github.com/LxveAce). See [LICENSE](LICENSE).\n\n## Connect\n\n- **Discord:** [discord.gg/lxveace](https://discord.gg/lxveace) — questions, help, or to talk through this project\n- **GitHub:** [@LxveAce](https://github.com/LxveAce)\n- **Website:** [lxveace.com](https://lxveace.com)\n- **Project site:** [cybercontroller.org](https://cybercontroller.org)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flxveace%2Fcyber-controller","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flxveace%2Fcyber-controller","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flxveace%2Fcyber-controller/lists"}