Need to keep a Linux computer ready with all your favorite security tools with you everywhere, in a really small format ?
The Hardware :
So here is what I assembled :
The Raspberry Pi Zero W is a small computer : 1GHz single-core ARM CPU with 512MB RAM running Linux (on a MicroSD Card). It come with an Mini HDMI, an USB On-The-Go (OTG) and Micro USB power ports. You also have a HAT-compatible 40-pin header.
It’s equipped also with an CSI camera connector and have WiFi and Bluetooth.
You have to solder the 40-pin GPIO header to be able to add an HAT (But some shop now sell the Raspberry Pi Zero WH with pre-soldered Header). The standard black header are fine, but you can also find a nice Colour-coded GPIO Header that will help to read usage of each pin.
The Pi Zero USB Stem need some subtile soldering work. It will transform your Raspberry Pi Zero W into a USB Key. This mean you can power your Raspberry on any Standard USB Port (from a computer, Power Adapter or Power Bank), but also use it as an USB Gadget (it’s connected to the OTG port) with the proper configuration.
The Adafruit Bonnet, will add an nice small Black&White OLED Screen, a mini joystick (on the left) and 2 buttons (on the right).
The Software :
When it come about pen-testing Linux Distribution, Kali Linux is one of the first that come in mind. And Re4son-Kernel done a great job optimising the kernel for our little ARM computer. He also propose Special Linux Images for different kind of hardware and use. You will find all you need to get your Pi Zero work in OTG Mode on its Pi-Tail page.
You can also find a nice Kali tutorial here.
Of course you can also use the official Raspbian OS if you don’t need Kali.
You have all you need On Adafruit web site to setup the OLED Screen and Buttons.
Follow the instructions and all would be fine. On Kali you will have to do the manual installation, but it’s working great.
Adafruit deliver all you need to interface with Python. So you can code your own simple menu system to control your Raspberry Pi Zero W (display IP address, system info, shutdown/reboot, start scripts …).
How tu use it :
From your Phone or Tablette :
No need of Keyboard or Screen if you have your SmartPhone with you. Configure your SmartPhone (iOS or Android) as an WiFi Access point, setup the Pi Zero to connect to it by default, then you have the full power of your Pi from your phone with an SSH connection. Termius have a SSH Client working great on iOS/Android/Mac/PC.
If you have an iPad Pro with its Keyboard, it’s even more confortable for longer work or coding.
For the power, it may work directly from some Smartphone, but wasn’t the case with my iOS devices nor with my Moto Z, so I use a small USB Power Bank.
KeyBoard & Screen :
You can also use it the normal way of course (USB or Bluetooth Keyboard + HDMI Screen).
Gadget mode :
You can use it as an USB Gadget to emulate a USB Drive, a RNDIS Ethernet adapter, a serial port (including running a serial terminal from your PC to the Pi), or even emulate a Keyboard … In this case directly plug it in an USB port of your computer.
All this give you lot of possibilities for experimentation (Look at P4wnP1 for example).