Raspberry Pi Infosec Projects

The Raspberry Pi has been a hugely popular device for good reason, a low-cost credit-card-sized single-board computer that you could probably fit into your pocket and which definitely fits your wallet. Now with the new Raspberry Pi 4 model B that has been released this year with improved chips and better RAM there is so much more you can do with the new pi, here are some of my favorite infosec pi projects.

Pi-Hole

One of my favourite Pi projects has to be Pi-hole, an ad blocker that you can place in your home network that almost cuts out all ads to all devices on your network without installing an ad blocker on every single device. It sets up a DNS server and handles all DNS requests from the network. The only issue is ad blockers are detrimental for independent content creators as it will slow down any income generated by the ads they have on the creator's site, although there is an option to whitelist any content creators that you support to stop the ads being blocked on their site by adding there IP/URL address. On the plus side Pi-hole can protect you from any malicious ads that are out there ready to be clicked, is free to use and really easy to set up with tutorials out there which will show you how to install and configure.

Website: https://pi-hole.net/

Kali Linux

Kali Linux is now compatible with the new raspberry Pi 4 and can take advantage of the on-board WiFi without needing a separate wireless network adapter, and is a great way to run Kali Linux without needing a virtual machine using the Pi's hardware with 4GB of RAM at your disposal as a bare metal platform.

There are some advantages to run Kali on bare metal compared to a virtual machine especially with the WiFi tools and any WiFi hacking, There is firmware out there that can put the on-board WiFi into monitor mode, which can capture WPA handshakes, Packets, listen to WiFi traffic, execute deauth attacks and much more.

It's a great way for beginners to mess around and learn Kali Linux and its tools, mostly WiFi tools with basic cracking, poisoning and MiTM attacks. I have seen a set up with a touch screen added to the Raspberry pi that is powered by battery, to make a portable 'hacking' machine, if you are adventurous and have the need to have a portable 'hacking' machine, then you can even set this up and very easy to do so.

Download Kali Linux: https://www.offensive-security.com/kali-linux-arm-images/

CIRCLean USB Sanitizer

CIRCLean can independently clean documents from untrusted USB devices, It will help you to look at the contents of a USB that you do not trust which in my opinion should be every USB storage device into the raspberry pi instead to plugging it into a computer directly which could be infected with malware. CIRCLean automatically converts untrusted documents into a reusable but disarmed format and stores the clean files on a trusted (user owned) USB storage device.

Can you imagine all the dropped USB sticks left in parking lots by attackers, picked up by employees that may think it's an innocent mistake where one of there colleges had dropped it, to then insert it into there employees network and unleashing malware all over the network and 'hey presto' the door is now open to attackers.

Website and tutorial:https://circl.lu/projects/CIRCLean/

NextCloudPi

Imagine your own private personal cloud run from your home network which can be accessed outside the home network and is not hosted by someone else. The main features of Nextcloud are Managing Backups, Contacts, Files hosting, Notes, Calendar, Mail, Pictures, HTTPS and server-side encryption and much more and on top of all the main features, there are apps made by the community which I would question the security of but are hosted by Nextcloud: https://apps.nextcloud.com/.

There are so many add-ons and apps that it makes customizing your own cloud a more personal feel, Also Nextcloud is free to use and easy to set up, again there any numerous step by step user guides online. This is a great project if you want to manage you own cloud and know that your data is under your own control.

Website: https://ownyourbits.com/nextcloudpi/

VPN Server

Virtual Private Network Server can be set up on the Raspberry Pi to provide anonymity and encryption among your data and browsing which safes guard your IP address, protects you from MiTM attacks and hides you from prying eyes. Easy to set up and worth protecting yourself from open internet connections, there are 100's of VPN providers on the market and really cheap for there services, choose one that supports OpenVPN to set up on the Raspberry Pi.

A good way to extend on the VPN Server is to turn the Pi into a TOR/VPN Router which is portable and can be plugged into anywhere, adding extra security when you're out in public. TOR is one of the easiest ways to browse the internet anonymously, but it can be very slow, some users switch between TOR and VPN depending on what tasks they are doing.

The great thing about all of these projects is that tutorials can be found online with step by step instructions and videos covering the installation and configuration of these projects. These are my favorite five projects that you can do with a Raspberry Pi, but there are many more projects our there and new ones emerging constantly!