Note: The information contained in this instructable has not been updated to reflect current development of The Deck and penetration testing with multiple networked devices based on the BeagleBone Black. Details on this and more can be found in the book Hacking and Penetration Testing with Low Power Devices by Philip Polstra available from publisher, Amazon, or your local book retailer.

The Deck is a full featured penetration testing and forensics system based on the BeagleBoard-xM. It will also run on the BeagleBone. The Deck is an Ubuntu-based Linux distribution. It contains everyone you would ever need and more in a small package. Because the system is low power it can be run for days or weeks from battery power. It should be possible to run The Deck indefinitely from solar power. Having a full set of tools that run on the BeagleBoard-xM and also the BeagleBone allows a lot of flexibility. The Deck is equally suited as a portable penetration testing platform and as a drop box.

More information on The Deck can be found here http://ppolstra.blogspot.com/2012/09/introducing-... Please note that this website will not allow uploading the 3GB install file for The Deck. The appropriate images can be downloaded from my website listed on the blog or preloaded microSD cards are available from a vendor also listed on my blog (I don't get any money from the vendor, so don't feel like you have to use them, it is up to you to decide if you want to save the hassle).

The Deck works equally well on systems with a 7" ULCD7 touchscreen or with an external monitor/TV via the BeagleBoard-xM HDMI or S-video port. My personal setup consists of a BB-xM with the ULCD7 mounted in a Buzz Lightyear lunchbox, a second BB-xM without a display, and a BeagleBone. I connect them together with a USB-powered network hub. I also have 2 Alfa wifi adapters and a directional antenna for wifi hacking.

The Deck debuted at 44Con 2012 in London in September 2012. The slides from my 44Con presentation are available at http://www.slideshare.net/ppolstra1/polstra-44con... You may find these useful if you want to build one of these devices. You might check the website http://www.slideshare.net/ppolstra1/polstra-44con... as the audio and video from this presentation may appear there. It was also presented two weeks later at GrrCON in Grand Rapids, Michigan so you might want to check http://www.slideshare.net/ppolstra1/polstra-44con... for that video as well.

You can find out more about this an other projects on my blog http://ppolstra.blogspot.com or by following me on Twitter @ppolstra.

gwenhastings10 months ago

http://www.udcis.org/TheDeck doesnt seem to be alive for downloads

ppolstra (author)  gwenhastings10 months ago
Sorry. Moved to new university. Try sf.net or facstaff.bloomu.edu/ppolstra for current downloads.
AlexiS31 year ago

I was led to this article after viewing DefCon21 presentation that you put together. I visited your blog, but haven't seen any updates for this (http://ppolstra.blogspot.com/2012/09/introducing-d...).

Are you still giving this project any attention? I've got two beagle bone blacks that I'd like to use for this and wanted to make sure I was using updated distros.

ppolstra (author)  AlexiS31 year ago
Oh, yes. This is very much an ongoing project. In fact, I have written a book Hacking and Penetration Testing with Low Power Devices to be released shortly by Syngress. There will be a brand new 2.0 release to correspond with the book launch. Watch sourceforge or philpolstra.com for the latest. The Deck 2.0 may be released before the book, shortly after I return home from DEFCON 22.
this looks like a really interesting project! but I'm a little confused about what penetration testing is? what is the purpose of the device? is there a reason you want it to be solar powered? do you take it outside?
ppolstra (author)  amandaghassaei2 years ago
Penetration testing is something often done by computer security professionals. Essentially what we do is to try and break in (or hack) a company's computer systems in order to make sure that the bad guys can't easily do so.

The biggest thing The Deck has going for it is that it is extremely portable and low-powered. This allows you to bring it anywhere and run it off of battery power. You can also run the same software on the smaller BeagleBone which is even easier to plant as a network sniffing device. Such a planted device is normally called a drop box. Because of its low power, when run as a drop box on the BeagleBone you can run stuff for days on batteries then pick it up later. You could also put something outside a company's office in which case solar power could be used for extremely long-term deployments.

Hope this helps.