explaingit

brucedevices/firmware

5,596C++Audience · ops devopsComplexity · 3/5Setup · moderate

TLDR

Bruce is open-source security firmware for pocket ESP32 devices like the M5Stack Cardputer, giving authorized red teamers a portable toolkit for WiFi attacks, Bluetooth scanning, RFID cloning, radio signal replay, BadUSB scripts, and more.

Mindmap

mindmap
  root((Bruce firmware))
    WiFi
      Network scanning
      Evil portal
      Deauth attacks
      ARP spoofing
    Bluetooth
      Device scanning
      Keyboard emulation
      BLE spam
    Radio
      Sub-1GHz scan
      Signal replay
      Signal jamming
    RFID and NFC
      Read tags
      Clone tags
      Write tags
    Other
      BadUSB scripts
      IR blasting
      Web interface
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

Things people build with this

USE CASE 1

Flash a pocket ESP32 device for authorized WiFi penetration testing, including capturing credentials via an evil portal.

USE CASE 2

Clone or read RFID and NFC tags on a compact handheld device during an authorized physical security assessment.

USE CASE 3

Emulate a USB keyboard with BadUSB scripts to automate commands during an authorized red team operation.

USE CASE 4

Replay recorded sub-1GHz radio signals to test door sensors or garage openers in a controlled security lab.

Tech stack

C++ESP32

Getting it running

Difficulty · moderate Time to first run · 30min

Requires a compatible ESP32 device such as the M5Stack Cardputer or Lilygo, flashing via the web flasher is straightforward once you have the hardware.

In plain English

Bruce is open-source firmware for small ESP32-based hardware devices, particularly the M5Stack Cardputer and similar compact gadgets from M5Stack and Lilygo. Firmware is the low-level software that runs directly on a physical device, and flashing it replaces the default software with Bruce's feature set. The project also sells its own open-source hardware boards. The firmware is aimed at security professionals doing red team work, which means authorized testing of systems to find weaknesses before attackers do. It packs a wide range of wireless capabilities into a pocket-sized device. On the WiFi side, it can scan networks, run a fake access point, capture credentials through an evil portal page, sniff raw traffic, and perform deauthentication attacks that disconnect devices from a network. It also supports ARP spoofing and Wireguard tunneling. Beyond WiFi, Bruce covers Bluetooth Low Energy (scanning, keyboard emulation, and spam attacks targeting iOS, Android, Windows, and Samsung devices), radio frequencies (scanning, replaying, and jamming signals below 1 GHz using a CC1101 module), RFID (reading, cloning, and writing NFC and 125kHz tags), infrared (TV-B-Gone style remote control blasting and custom IR replay), and FM radio broadcasting. Other features include a BadUSB mode that makes the device appear as a keyboard and types predefined scripts, a JavaScript interpreter, a web interface for remote control, SD card management, and QR code generation. Installing Bruce is done through a web flasher at the project's site, or by flashing a binary file directly using a command-line tool called esptool. A wiki covers each feature in detail. The project has a Discord server for support and community discussion.

Copy-paste prompts

Prompt 1
I have an M5Stack Cardputer and want to flash Bruce firmware. Walk me through using the web flasher and what features are available after flashing.
Prompt 2
I want to test my own WiFi network's resilience using Bruce's deauthentication feature. How does it work and what does it do to connected devices?
Prompt 3
How do I write a custom BadUSB script for Bruce that opens a terminal and runs a specific command when plugged into a computer?
Prompt 4
Explain how Bruce's evil portal works and what steps are involved in capturing WiFi credentials during an authorized red team test.
Prompt 5
I want to read and clone a 125kHz RFID key fob using Bruce. What hardware modules do I need and how does the clone process work?
Open on GitHub → Explain another repo

← brucedevices on gitmyhub — every repo by this author, as a profile.

Verify against the repo before relying on details.