Skip to content

pr3y/Bruce

Repository files navigation

Bruce Main Menu

🦈 Bruce

Bruce is meant to be a versatile ESP32 firmware that supports a ton of offensive features focusing on facilitating Red Team operations. It also supports m5stack products and works great with Cardputer, Sticks and M5Cores.

🏗️ How to install

The easiest way to install Bruce is using our official Web Flasher!

Alternatively, you can download the latest binary from releases or actions and flash locally using esptool.py

esptool.py --port /dev/ttyACM0 write_flash 0x00000 Bruce-<device>.bin

For m5stack devices

If you already use M5Launcher to manage your m5stack device, you can install it with OTA

Or you can burn it directly from the m5burner tool, just search for 'Bruce' (My official builds will be uploaded by "owner" and have photos.) on the device category you want to and click on burn

⌨️ Discord Server

Contact us in our Discord Server!

📑 Wiki

For more information on each function supported by Bruce, read our wiki here. Also, read our FAQ

💻 List of Features

WiFi

BLE

  • BLE Scan
  • Bad BLE - Run Ducky scripts, similar to BadUsb
  • BLE Keyboard - Cardputer and T-Deck Only
  • iOS Spam
  • Windows Spam
  • Samsung Spam
  • Android Spam
  • Spam All

RF

  • Scan/Copy
  • Custom SubGhz
  • Spectrum
  • Jammer Full (sends a full squared wave into output)
  • Jammer Intermittent (sends PWM signal into output)
  • Config
  • Replay

RFID

  • Read tag
  • Read 125kHz
  • Clone tag
  • Write NDEF records
  • Amiibolink
  • Chameleon
  • Write data
  • Erase data
  • Save file
  • Load file
  • Config
  • Emulate tag

IR

FM

NRF24

Scripts

Others

Clock

  • RTC Support
  • NTP time adjust
  • Manual adjust

Connect (ESPNOW)

  • Send File
  • Receive File

Config

  • Brightness
  • Dim Time
  • Orientation
  • UI Color
  • Boot Sound on/off
  • Clock
  • Sleep
  • Restart

Specific functions per Device, the ones not mentioned here are available to all.

Device CC1101 NRF24 Interpreter FMRadio PN532 Mic_SPM1423 BadUSB RGB Led Speaker LITE_MODE
Cardputer 🆗 🆗 🆗 🆗 🆗 🆗 🆗 🆗 NS4168
StickCPlus2 🆗 🆗 🆗 🆗 🆗 🆗 🆗¹ Tone
StickCPlus 1.1 🆗 🆗 🆗 🆗 🆗 🆗¹ Tone ❌²
Core 🆗 🆗¹ Tone
Core2 🆗 🆗¹
CoreSe/SE 🆗 🆗
CYD-2432S028 🆗 🆗 🆗 🆗 🆗¹ ❌²
Lilygo T-Embed CC1101 🆗 🆗 🆗 🆗 🆗
Lilygo T-Embed 🆗 🆗 🆗 🆗
Lilygo T-Deck (and pro) 🆗 🆗

² CYD and StickCPlus 1.1 have a LITE_VERSION version for Launcher Compatibility ¹ Core, CYD and StickCs Bad-USB: here

LITE_MODE: TelNet, SSH, DPWO, WireGuard, ScanHosts, RawSniffer, Brucegotchi, BLEBacon, BLEScan, Interpreter and OpenHaystack are NOT available for M5Launcher Compatibility

✨ Why and how does it look?

Bruce stems from a keen observation within the community focused on devices like Flipper Zero. While these devices offered a glimpse into the world of offensive security, there was a palpable sense that something more could be achieved without being that overpriced, particularly with the robust and modular hardware ecosystem provided by ESP32 Devices, Lilygo and M5Stack products.

Bruce Main Menu Bruce on M5Core Bruce on Stick Bruce on CYD

Other media can be found here.

👏 Acknowledgements

  • @bmorcelli for new core and a bunch of new features, also porting to many devices!
  • @IncursioHack for adding RF and RFID modules features.
  • @Luidiblu for logo and UI design assistance.
  • @eadmaster for adding a lot of features.
  • @rennancockles for a lot of RFID code, refactoring and others features.
  • Everyone who contributed in some way to the project, thanks ❤️

🚧 Disclaimer

Bruce is a tool for cyber offensive and red team operations, distributed under the terms of the Affero General Public License (AGPL). It is intended for legal and authorized security testing purposes only. Use of this software for any malicious or unauthorized activities is strictly prohibited. By downloading, installing, or using Bruce, you agree to comply with all applicable laws and regulations. This software is provided free of charge, and we do not accept payments for copies or modifications. The developers of Bruce assume no liability for any misuse of the software. Use at your own risk.