Running Kali Linux on a Raspberry Pi Zero is a fantastic way to create a portable, powerful testing device. This guide will walk you through setting up Kali Linux Pi-Tail on a headless Raspberry Pi Zero 2 W that is powered and controlled from a smartphone via SSH or VNC that provides a graphical interface to your Pi-Tail. I find it as of-the-shelf, cheap, portable and the smallest hacking lab that is fully controlled from any smartphone. Since controlling it doesn’t require you to have a keyboard, mouse or screen, it makes it a very convenient setup for Wi-Fi pentesting such as AP and clients scanning, deauthentication, WPS pin cracking, evil twin attack, capturing handshake and also network scanning and vulnerability assessment using nmap, brute-forcing, Bluetooth attacks, social engineering, running Metasploit framework, wardriving, web proxy using Burp Suite, using proxmark3, communicate with another Android using ADB commands, or even dynamically analyze iOS and Android apps using Frida.
If Kali Pi-Tail is connected to energy supply, it will automatically connect to predefined Wi-Fi networks that is broadcasted by a smartphone as a hotspot, allowing you to control it via SSH or VNC.
Other specific-purpose OS
-> Kali Linux
-> Raspberry Pi Zero 2 W (Pi-Tail)
sepultura
and password R4t4m4h4tt4
.kali
and password kali
.sudo vncserver -localhost no
. When requested, create a password that you will need for VNC connection. Now to connect to it, use VNC Viewer for Android app with 192.168.43.254:5901 IP address and kali
username with the password you created.sudo apt-get update
&& sudo apt-get upgrade
sepultura
hotspot doesn’t have an internet connection, you can plug in an external Wi-Fi adapter into Pi-Tail and use it to connect to access point with internet access.The Pi-Tail setup is highly portable. Your smartphone acts as the power supply, screen, keyboard, and mouse, making it an excellent field companion for penetration testing.
Connecting to an additional Wi-Fi network requires an extra Wi-Fi adapter. This is particularly useful when you need either an internet connection or want to run network scanning tools like Nmap on different network simultaneously. For convenience, you can use a script below that connects to a network based on its name and password.
#!/bin/bash
# Check if two arguments are provided
if [ "$#" -ne 2 ]; then
echo "Usage: $0 <wifi_network> <password>"
exit 1
fi
wifi=$1
pass=$2
sudo service NetworkManager start &
sudo ifconfig wlan1 up
sudo nmcli dev wifi connect $wifi password $pass ifname wlan1
A good case makes it easier to carry around and use, keeping everything safe and stylish wherever you go. You can print a 3D case designed and published by 4x0nn available for download at Odysee.
When I added a USB-A board, I had to adjust it a bit to made it little thicker and add an opening for USB.
I experimented with testing iOS using a Kali Pi-Tail and faced some interesting challenges. I created a sepultura
hotspot on my iPhone, but the Pi-Tail didn’t get enough power when connected via an OTG adapter. Using an external battery allowed it to connect to the hotspot, but I couldn’t establish an SSH connection. In conclusion, the setup didn’t work as intended. It likely needs some tweaks, but as I’m not an iPhone user, so I didn’t spend more time troubleshooting.
wpa_suplicant
file are not reflected nor stored after restart. Because of that, it is difficult to connect to another Wi-Fi network then sepultura
using internal Wi-Fi chipset.sepultura
hotspot to my home LAN and vice versa. To fix it, you need to enable SSH service from kalipi-config
menu. This can be done by connecting Pi-Tail over HDMI to monitor and plug-in a keyboard. Execute sudo kalipi-config
-> Interfacing Options
-> SSH
-> YesBy following these steps, you can set up and use Kali Linux Pi-Tail on a headless Raspberry Pi Zero 2 W, controlled entirely from your smartphone. This setup provides a compact and efficient solution for on-the-go penetration testing and other cybersecurity tasks. Using an OTG adapter, you can connect your Raspberry Pi to both Android and iOS devices, allowing for seamless control and power directly from your smartphone. You can easily connect additional devices like WiFi adapters, Bluetooth adapters, and SDRs to enhance your testing capabilities, making your setup even more versatile.