Raspberry Pie is well known for its variety of uses in education, basic coding, and the Internet of Things. However, aside from being used to create security-monitoring systems, it has not been widely used for the use of security…as in cyber security. But things are changing. Pwnie Express, a company known for providing threat detection options for just about any wired wireless device you might find anywhere near your workplace. Guess what? Pwnie Express has come out with a penetration testing and security platform just for Raspberry Pi!
The good news: Raspberry Pwn, as it is called, is completely open source and can be downloaded from https://github.com/pwnieexpress/Raspberry-Pwn. Among the tools included in the platform are netmask, sqlmap, seaf, sgrep, netcat, tcpflow, ettercap, ssldump, sproxytunne,l john, tcpdump, nmap, kismet, and wireshark. The less than good news: I’ve talked to some SANS security experts who have tried Raspberry Pwn in the course of their own tests. While their reviews of Pwnie Express tools were exemplary, they did mention that Raspberry Pwn was a bit under-gunned compared to running equivalent tools on a high-powered box.
However, I think it is important that we remember the core purpose of the Raspberry Pie…education. For learning security skills, especially at a low cost, this is a prime opportunity to get to (carefully!) explore some of the options available.