CatSniffer – The Ultimate Multiprotocol IoT Attack Tool in USB Form

CatSniffer is an original multiprotocol, and multiband board made for sniffing, communicating, and attacking IoT (Internet of Things) devices.

It was designed as a highly portable USB stick that integrates the new chips TI CC1352, Semtech SX1262, Microchip SAMD21E17 V2 or previous, and RP2040 V3 or later.

This board is a Swiss army knife for IoT security researchers, developers, and enthusiasts.

The board can be used with different types of software, including third-party sniffers such as SmartRF Packet Sniffer, Sniffle, zigbee2mqtt, Z-Stack firmware, Ubiqua Protocol Analyzer, our custom firmware, or you can even write your own software for your specific needs.

CatSniffer Can Operate At Three Different Frequencies:

• LoRa
• Sub-1 GHz
• 2.4 GHz

This work was inspired by our friend’s work, Michael Ossmann, as a tribute to his outstanding job in Greatscott Gadgets, making devices like the YardStick, GreatFET, HackRF, and Ubertooth.

Protocols

• Thread
• Zigbee
• Bluetooth 5 Low Energy (BLE)
• IEEE 802.15.4g
• 6LoWPAN (IPv6 over low-power Wireless Personal Area Networks)
• Sub-1 GHz and patented systems
• LoRa/LoRaWAN

Features

• “The SimpleLinkTM CC1352P1F3RGZ device is a multiprotocol and multi-band Sub-1 GHz and 2.4 GHz wireless microcontroller (MCU) supporting Thread, Zigbee®, Bluetooth® 5.2 Low Energy, IEEE 802.15.4g, IPv6-enabled smart objects (6LoWPAN), MIOTY®, Wi-SUN®, and proprietary systems”.
• CatSniffer uses Microchip SAMD21E17 (V2 or previous) and RP2040 (V3 or later) as a USB-UART bridge to communicate with the CC1352 chip; it’s not necessary for a manual driver installation (exceptions could exist).
• Compatible OS: Windows and Linux
• Auto-program through the bootloader from TI CC (as long as it’s not disabled in the code).
• There is no need for an external programmer, and it can be debugged with cJTAG through the default pin.
• Antenna SMA port for an Antenna of your choice
• LEDs for general-purpose
• Reset button for RP2040, SAMD21, and CC1352; Boot of CC1352; and one more for general purpose.

Wiki And Getting Started

Getting Started in our Wiki

Compatible Software

• TI PACKET-SNIFFER-2 v1.8
• Flash Programmer 2 and Uniflash from TI
• zigbee2mqtt
• Z-Stack-firmware
• Sniffle 1.6
• Ubiqua Protocol Analyzer

Pre-Requisites For Building Firmware

• CCS version: The packet sniffer firmware has been tested with CCS 10.2
• SimpleLink CC13x2 and CC26x2 SDK
• Python 3