Funding ended on Sep 07, 2023 at 04:59 PM PDT.
Diabolic Drive is a stealthy, wireless keystroke-injection tool that can send payloads over Wi-Fi while disguised as a regular 64 GB USB flash drive. Diabolic Drive is excellent for use in cybersecurity, particularly when red teaming, as it behaves like a typical flash drive until it is wirelessly instructed to deploy keystrokes.
Diabolic Drive adheres to the standard form factor of a "universal" USB drive, allowing it to be easily concealed with an inconspicuous flash-drive enclosure. When plugged in, anyone can interact with it like a normal flash drive, and it performs just like a genuine device, with average read speeds of up to 20 Mbps and write speeds of up to 10 Mbps. This behavior helps mask its wireless keystroke-injection features. Diabolic Drive is the first off-the-shelf product that combines all of these features into a single device. As such, it opens up untold social engineering attack possibilities.
Diabolic drive can be accessed remotely over Wi-Fi. Fire your payload remotely and precisely, or pre-program the drive to deliver keystrokes when plugged in.
When plugged into a host computer, Diabolic Drive acts like a regular USB flash drive, including any audio notifications you would normally hear when plugging in a new USB device. Your computer will identify Diabolic Drive as a flash drive, HID device, and virtual COM port simultaneously, but will only trigger an audio notification once, which is how a standard drive would behave. The COM port permits reprogramming through the Arduino IDE, though this feature can be disabled when Diabolic Drives is in "Stealth mode," to enhance its covert usability.
Diabolic Drive flash-storage hardware IDs can be spoofed for maximum stealthiness. These IDs include VID, PID, vendor info, product info, rev info, vendor string, product string, and SN. This makes distinguishing Diabolic Drive from a regular flash drive extremely difficult.
Diabolic Drive was designed for maximum capability and stealth, with an eye toward openness, flexibility, control, and future proofing. It contains the following components:
Diabolic Drive | Rubber Ducky | O.MG CABLE Basic | USBNinja | |
---|---|---|---|---|
Form Factor | Flash drive | USB stick | USB cable | USB cable |
USB Type-C Availability | No | Yes | Available | Available |
Flash Storage | Yes (64 GB) | No | No | No |
Self-Destruct | No | No | Yes | No |
Keystroke Reflection Exfiltration | No | Yes | No | No |
Wireless Control | Wi-Fi | No | Wi-Fi | Bluetooth |
Payload Over the Air (OTA) | Yes | No | Yes | No |
OTA Firmware Upgradable | Yes | No | No | No |
Different Enclosures Support | Yes | No | No | No |
Price | $99 | $79.99 | $119.99 | $99 |
Upload Arduino Sketches by directly plugging your Diabolic Drive into your computer, as ATmega32U4 has native USB support through a built-in USB transceiver that handles the USB connection.
This unique bootloader feature gives you full control over Diabolic Drive’s ATmega32U4 through the USB 3.0 pins. Diabolic Drive uses a modified version of the Caterina-promicro16 bootloader by default, and is also compatible with the Arduino Leonardo bootloader.
You can find project information, programming instructions and a list of firmware options in our Github repository. The design files will be released once the orders are dispatched to our backers.
Crafted in the spirit of hardware hackers who use minimal technology and rely more on their knowledge and experience to get the job done, this device provides a unique set of features. We have carefully designed our hardware to be as stealthy as possible when deploying wireless payloads, to operate without specific software dependencies, and to be compatible with a wide variety of open-source firmwares. We will meticulously test each device to ensure that it operates at 100% effectiveness before shipping units to backers. Using the Arduino IDE, you can program your Diabolic Drive with the firmware of your choice in under two minutes.
During the campaign, we are covering all US domestic shipping costs and subsidizing international shipping costs, so be sure to reserve yours while it’s available at the lowest total price.
After our production run is complete, we will box everything up and send it along to Crowd Supply’s fulfillment partner, Mouser Electronics, who will handle distribution to backers worldwide. You can learn more about Crowd Supply’s fulfillment services under Ordering, Paying, and Shipping in their guide.
The most significant hazard lies in the supply chain, due to potential delays caused by component shortages. While such issues are sometimes unavoidable, we have worked hard to mitigate any risks of component shortages by minimizing the likelihood and potential impact should a shortage occur. We pledge to maintain transparency and candor regarding our manufacturing progress.
Produced by UNIT 72784 in Cairo, Egypt.
Sold and shipped by Crowd Supply.
stealthy wireless keystroke injection tool with 64 GB storage
Want to buy this item? Check the current project page for the latest information.
Cybersecurity hardware company developing unique Red Teaming and Penetration Testing hardware devices.