🧵 How to maintain and protect your expensive RF equipment ?
If you have ever bought RF equipment, even the relatively low-tier ones, you know how expensive they could be, so it's essential to use and maintain them properly to ensure they last long.
Here's 5 tips: 1. Use a torque wrench for your SMA connectors. It protects the connector from over-tightening and ensures consistent force, reducing wear.
Here's mine (from Mini Circuits)
There are also wrenches for other connector types like N.

🧵 How to hack wireless signals?
A short intro to replay attacks for beginners.

In this thread I will show you 2 ways to replay a simple wireless signal (a 433MHZ garage opener key)

Please note that I have intentionally chosen a basic device for educational purposes. Hacking real world devices with more complex protocols and security features like encryption and rotating keys is not as easy. Here my focus is showing the underlying concept with the easiest attack (replay attack), for absolute beginners.

Disclaimer: this is purely educational content, done on a simple device, in a lab. Always consult your local laws before doing such wireless experiments especially on targets that don't belong to you.

1/6 Let's first talk about some basic concepts and keywords
Modulation: the process of changing a signal's properties (like amplitude or frequency) to carry information. Probably you have heard the name of some basic modulations like AM and FM.
ISM band: a set of frequencies reserved for industrial, scientific and medical purposes where many public non-licensed devices like parking remotes or even your WiFi modem, operate in. Example: 2.4GHZ, 433MHZ (Europe, Africa and Middle East), 915MHZ (Americas)

2/6

🧵 What is amateur radio (also called ham radio) and why it might be worthwhile for a hacker to get into it?

I am a licensed ham radio operator. I have 2 call signs: an American one (NM9A) and a German (DF2HF)
Many people don't know what ham radio is, and what we (ham radio operators or licensees) do.
In short, ham radio is DIY wireless experimentation: it lets you perform a series of operations and experiments on specified radio frequencies.
Let me be more specific, with more examples. Here's what you can do with a ham radio license:
- Send messages over air (via antennas) to other licensed operators. Message can be morse code, digital data, or you could talk to each other over radio spectrum!
- Perform experimentation: build antennas, receivers, transmitters, etc, and test them.
- Participate in contests against other licensed operators

1/7 There are 2 things to consider:
1. ham radio does not use Internet and usually it doesn't use satellites (although it could use some amateur satellites as well). You send signals over air. It's like, if there were no electricity or telecom/Internet infrastructure, all you need to communicate to other operators is a battery, a transceiver, and an antenna!
2. It's a hobby. It's non-commercial. For example you can't run a music broadcast service on radio, with an amateur license.

Sometimes people ask me why you don't use Skype/WhatsApp/etc to contact others?
I have 2 answers:
1. Contacting others over air is just a small example of many things you could do in ham radio.
2. Contacting a person thousands of kilometers aways using a piece of wire (e.g. a simple antenna) using 100W of power, without Internet, is like a magic! You have to try it for yourself.

Every country has a government organization to regulate the use of radio spectrum (e.g. FCC in the US, and BNetzA in Germany), both for amateurs and also commercial usage.
There are also big national organizations for ham radio that offer membership (ARRL in the US, DARC in Germany)

2/7

🧵 How to build an RF lab on a budget?
A hacker's guide to the most important tools for signal hacking/analysis.

Let's first introduce a few concepts and tools before actually jumping into the specific brands and models.
Depending on what you want to do, there are a few tools you need in your lab for frequency analysis, antenna testing, and RF measurements:
1. spectrum analyzer: one of the most important tools in an RF lab. A device that lets you "see" signals. Mostly come in 2 shapes: either standalone (benchtop or portable, but with its display, and works independent of a computer), or USB-based that needs a computer.
It's like a receiver, receiving signals from its input port (e.g. from an antenna) and showing them to you.
2. signal generator: as the name says, a device to generate signals. Like a transmitter. Important for many use cases (testing antennas, receivers, and many other RF accessories)

1/7 3. Network/antenna analyzer: used for testing some RF components and accessories like attenuators, filters, antennas etc.
4. RF power meter: to measure the output power of a transmitter or signal generator. Would be very useful for troubleshooting.
5. SDR (Software defined radio): it's like a receiver (or also transmitter, for some models) which does the analog RF part in the hardware, and then signal processing (e.g modulation/demodulation) is done on software. You have probably heard of RTL-SDR or HackRF before.
6. Accessories: depending on your project/goal, you need: cables, antennas, connectors, adapters, amplifiers, DC blocks, filters, attenuators, antenna switches, power splitter/combiner, etc.
7. Optionally some books to get started with.

2/7

🧵 9 Lesser-known features of Flipper Zero:

Flipper Zero is normally known for RFID/NFC hacking, sub-GHZ signal hacking, and things like infrared. But it can do much more thanks to its open source nature, third party firmwares, and extensibility (using add-on modules)
Here's 9 things you can do with it:

1/11 2FA: Short for 2-factor authentication. It can act as a hardware 2FA. Similar to YubiKey.

Disclaimer: I'm not saying you should use it as 2FA (I use YubiKey personally and also at work) however it can act as hardware 2FA (U2F over USB)

2/11

🧵 How does an off-the-shelf car GPS jammer work?
A short thread.

There are many ways to perform radio signal jamming (and also detect or protect against it), however the most basic concept is this: a jammer saturates the input of the target's receiver system by noise, in a way that it can't receive/detect/decode the desired radio signal anymore. It reduces the signal to noise ratio.
It's like if you want to listen to someone, but I shout at you in close proximity, so you can't hear that person. (I hope experts don't shout at me for this simplistic example)
There are many legal and illegal use cases for a jammer: military, law enforcement, car theft, protection against tracking etc.

1/4 The GPS jammer in this thread, is sold on Amazon and AliExpress under different titles, but it's mainly to be used in cars (there are also more powerful handheld models covering multiple frequencies with higher power, to jam mobile signals)
Please note that running a jammer is illegal in many countries. This thread serves only an educational purpose.
For this thread, I was lucky to get some pictures and measurements done by @RFAmirhosein in his lab.
Here's how it looks inside.
It has 4 main components we're interested in. I have marked them:
1. 7805: a voltage regulator IC to convert car's lighter voltage (12V) to 5V.
2. 555: timer IC generating the modulation signal (this is probably the most famous IC of all time)
3. Murata MQK301-1528: a VCO (oscillator) for the frequencies 1466-1590MHZ (GPS L1 frequency is 1575MHZ)
4. The RF amplifier IC, amplifying the generated signal, before sending it to the antenna.

2/4

🧵 What are the most compact tools I carry when traveling or when going absolutely light to do electronics test or hardware/physical pen test?

Disclaimer: it's only 9 tools out of many. It's not a full list. I just love these small gadgets for their sheer size/weight.

1/10 1. Pokit Pro: portable oscilloscope/multimeter/logger. Needs a phone to work (doesn't have display). Uses Bluetooth to connect.
Very light, software is updated frequently, accurate enough for most use cases.
Here I show it measuring a 5V calibrated DC voltage.

2/10

🧵 How to organize your electronics desk and save space? 9 tips.

Disclaimer: my profession is first and foremost software. Hardware is my hobby, so take these with a grain of salt.

This is my workshop. It's a separate desk from where I do my 9-5 job (with a laptop and 2 monitors)
These are the lessons I have learnt in the past few years while upgrading and optimizing my desk space:

1. It's a never ending process. You will always come up with ideas to improve the desk space usage, tool placement, etc. So don't try to make it perfect. Good enough for now is better than perfect in an imaginary future.

1/9 2. There is no correct way to do things. Sort your tools and place them on the desk (or not) based on your work's requirements. Someone working on FPGA or embedded systems has much different requirements than someone repairing RF equipment, than someone building robots.
2/9

I always optimize space on my electronics and hardware security workbench by using small and portable tools.

Here are some that I use that didn’t exist a few years ago, and are much smaller and/or cheaper than their traditional alternatives;

#hamradio
#electronics
#hwhacking
🧵 FlipperZero is an open source portable multi-tool: NFC/RFID reader/emulator, IR transceiver, sub-GHZ transceiver (CC1101 based) , SPI/UART tool, and much more.
It can even function as a U2F token!
More info here: flipperzero.one
@flipper_zero
#flipperzero