ESP32 Marauder – Wireless Security Suite Done Right
Viren Punjabi
Sep 17, 2025
•
5 Min
Viren Punjabi
Sep 17, 2025
•
5 Min
TABLE OF CONTENTS
Share
Hola, fellow hardware security enthusiasts! You might have stumbled upon the ESP32 set of boards at some point during your research. These boards are all over the internet when it comes to penetration testing, and why not! They have a versatile form factor and port compatibility making them suitable for a tone of projects.
You might have come across a basic Wi-Fi deauther which only requires a NodeMCU board which is plug and play and is flashed with a single binary, when powered on runs a basic web server used to configure the tweaks to execute the desired attack.
Let’s take this on another level and build a more sophisticated device capable of leveraging ESP32’s full potential by conducting not just basic WiFi security attacks but also interact with targeted device over Bluetooth stack.
We’ll go with solderless approach for this one so workbench wouldn’t be too messy, & wiring everything every component should be straight forward. All you need is a ESP32 Wroom 32 dev kit, some jumper cables (hook up wires are recommended), a couple of small bread board, a SPI touch TFT display & some female DuPont headers.
You will need to place each component wire everything up as shown in the image.
Do keep in mind that the SD card might or might not work. It is recommended however to have a small capacity and FAT32 format SD card. The form factor of the SD card used by this display is same as the one used in digital cameras which I presume isn’t quite popular today so a micro-SD card with an adapter would be our next best shot.
Once everything is wired up the device should look something like this.
You have probably noticed there is a power bank used which I haven’t explicitly mentioned. Well, that’s cause it is basically used as a power source for the marauder. You can use whatever seems comfortable to you. For instance, I have stick mine over a blank PCB instead of a power bank & built a holder for stylus that comes along with the display module. You can also have a lithium battery pack designed and attached as an embedded battery to device as well.
The firmware flashing process is pretty interesting for this device as it is more than just flashing a binary with one click. You need a couple of images that have their own address where they will be flashed. This gives us a deeper insight in understanding the addressing table for ESP32.
We are working with “v4” OG kit or “old hardware” BTW.
The process is similar for different variants and there are many resources over the internet that will help you get any clarification you might need.
Now it’s time to power on the device and explore its capabilities. There’s a lot that you can do.
Perform a deauth attack by kicking devices off their network, spin up an evil portal creating a password snatching WiFi hotspot, perform a beacon spam or clone existing APs. Not only attacks but you can do some reconnaissance by monitoring packets or signals, sniffing probe requests, scan for EAPOL/PMKID packets, scan for APs, sniff stations and even detect deauth attacks being executed in close proximity. You can also detect the presence of a pwnagotchi or Flipper Zero close by. Keep in mind we are limited to 2.4 Ghz band at least with the current variant of ESP32 board for now.
We can spam for unwanted packets over the BLE stack compatible with various types of targets including apple, windows, android and more, disrupting normal operation. We can also sniff for nearby Airtags, Flipper Zeros or other bluetooth devices. There is also a possibility for bluetooth wardrive and we can detect card skimmers as well.
Kudos, you have a built an essential tool that can be added to your security hardware arsenal. There is more to the device than what I have covered in this blogpost, for instance you can add GPS module to enable wardriving capabilities or you can also add NRF24 + antenna modules to expand Bluetooth functionality. You could also have the project completely revamped using a Cheap Yellow Display.
The project is open source and has a huge community support that develops different mods and help improve the project.
There is also an addon board that attaches as a hat on WiFi Dev board which is powered by Flipper Zero to have marauder working with Flipper Firmware.
At this point you should have a high-level overview on how DIY hardware projects function and the potential these MCU possess.
Go build your own!
with 3+ years of experience in the CyberSec field, curious Penetration Tester with a Quirky mindset, ex. Security Auditor, PC tinker, Security Analyst Currently. Listening to open ports and music.
Share
Attack. Defend. Comply. Privacy.
Register with:
