WarBerryPi’s last walk

So earlier this week i decided that after 3.5 years i should probably stop the development of the WarBerryPi. The rationale behind this was fairly simple, lack of time to maintain and lack of imagination for new features. This was not an easy decision because the WarBerryPi was liked by infosec community, it was my first major development and a big school. Further to this, the WarBerryPi was my wagon to fulfil some of my dreams meaning speaking at BlackHat not once but 3 times and at other great conferences were i met amazing people. The WarBerryPi was voted #4 […]

WarBerryPi – The Revival

So we are releasing a new version of the WarBerryPi going from version 5.1c straight to version 6. We decided to skip all the in-betweens as this is a complete code overhaul including the new and updated reporting module. If you don’t care about my rumblings just scroll to the end to get the link to the repo. Background info Before going into the WarBerryPi specifics i want to give you a bit of a background on how this project started and where it has gotten me with the hope of helping people that feel that their stuff are not […]

WarBerryPi – Adding a switch

On one of my devices, I installed a toggle switch to control the script execution. This allows me to first check on the LCD that the WarBerryPi has obtained a valid IP address before starting the execution. Installing the switch is an easy job, but it does require you to drill a hole in the case. The connection schematic is shown below. Of course, you can connect to another pin of your preference, but in my setup, I used PIN16, which corresponds to BCM23 on the Raspberry Pi. Depending on the toggle switch you purchased, you need to identify which […]

WarBerryPi – LCD screen

I mentioned in the hardware requirement section that I use an LCD to display some basic information. My personal preference is the Display-O-Tron 3000, but you can use anything you like. What I like about this LCD is that it is a shield, meaning that it snaps on the Raspberry Pi pins, avoiding the need for any soldering. If you want to duplicate this setup, it is not difficult at all. Create a new file called lcd_init.sh and paste the following code:    Now create a new file called lcd_on.py and paste the following code: The lcd_on.py script is the […]

WarBerryPi – Encrypting / Decrypting

V5 of the WarBerryPi brings in a change which i wanted to implement for a long time. Result files are not automatically encrypted and remain encrypted until the decryption mechanism is used. Decrypting the results is a straightforward process which only includes running the decryption.py script and providing the correct password when prompted. The default password can also be changed from the same menu. IMPORTANT – I cant highlight this enough – The default password is 123 so make sure you change it on first run!

WarBerryPi – Customize port scans

A lot of WarBerryPi users wanted more granularity and controls of the port scanning phase which actually makes a lot of sense. During a pen-test or red teaming engagement we want to remain covert and sometimes we have some intelligence about the network therefore more control of what we send out. Since the WarBerryPi V5 came out customising the port scanning phase is much easier. The file responsible for the configuration can be found at: warberry/src/core/scanners/portlist_config The file looks like The structure is as follows: {Location to save the output}, {Informative message to the user – Optional}, {Output message}, {port/ports},{TCP/UDP} […]

WarBerryPi – Public Appearances

2016 was a significant year for the WarBerryPi. It was the year that is was released (May) but also the year that it was first presented at various Cons. The WarBerryPi trips began with Bsides Athens in June and continued with Blackhat US in July, SECURE2016 Poland in October and Blackhat Europe in November. Most importantly this was the year that my little development was voted as #4 Tool of 2016 by the readers of ToolsWatch.org. http://www.toolswatch.org/2017/02/2016-top-security-tools-as-voted-by-toolswatch-org-readers/ I hate watching videos of myself but if you can stomach it here they are: Bsides Athens 2016 – https://www.youtube.com/watch?v=ArpXAz1gvWU&t=1s SECURE2016 Poland – […]