Flipper Zero: Geeky toy or serious security tool?

We Keep you Connected

Flipper Zero: Geeky toy or serious security tool?

It looks like a toy!
I’ve been asked a lot about Flipper Zero.
It started when it was first put up for crowdfunding in the summer of 2020. Since there are so many crowdfunded things out there that basically die on the vine, I overlooked it. But dreams turned into reality, and I kept getting asked with increasing frequency until late last year I took steps to acquire one.
And, after some delays, shipping issues, and the holidays, I finally have it.
My very own Flipper Zero.
Flipper Zero
It looks like a kid’s toy, all plastic and brightly colored (remember Tamagotchis, those digital pets that would die or turn evil if you neglected them?), but underneath the fun exterior and the dolphin virtual pet is a dual-core ARM processor that powers hardware that can be used to hack the planet.
Or so claims the cute virtual dolphin on the sticker that came with the Flipper Zero.
Hack the planet!
OK, but what can the Flipper Zero do?
Quite a lot.
There’s a built-in infrared transceiver that can both capture and transmit IR codes to control things like TVs.
Built-in infrared transceiver
There’s a sub-GHz wireless antenna that can again capture and transmit wireless codes to operate wireless devices and access control systems, such as garage door remotes, boom barriers, IoT sensors and even remote keyless systems.
It can read, store, and emulate EM-4100 and HID Prox RFID cards.
Reading NFC with the Flipper Zero
It can read, write, store, and emulate NFC tags.
On the front, there’s a 1-Wire connector that can read and emulate iButton (aka DS1990A, CYFRAL, Touch Memory or Dallas key) contact keys.
1-Wire connector
Finally, on the top there are GPIO connectors that allow the flipper Zero to connect to other gadgets in the real world.
GPIO pins
Wi-Fi development bard connected to GPIO connector
For storage, there’s a microSD card slot that will take a card that you must supply yourself.
That’s a lot in such a small package.
Everything is controlled using the 5-way touchpad and a back button, and the 1.4-inch 128 x 64 display is ample to keep you informed.
Keeping everything running is a 2000 mAh rechargeable battery that’s good enough for a week or so before needing a recharge.
While I’ve tested some of the features – and everything seems to work great – it’s going to take me some time and experimentation to see how useful these features are in the real world (while staying legal).
Lots of functionality in a small package
For $169, the Flipper Zero is very interesting. While it’s not going to be a substitute for high-end pentesting tools, it offers a lot of power in a very small and portable package. It’s certainly not a toy, and it’s one of the easiest, cheapest ways to work with RFIC and NFC.
I’m going to do more Flipper Zero testing over the coming days, and I will post more thoughts on the value of it soon.
As for buying the Flipper Zero, well, it’s hit-and-miss. The official US site is often sold out (the store gets restocked often, so keep an eye out), and if you are in a hurry to get one you can find them on third-party sites, but you will pay more for your Flipper Zero this way.