Bishop Fox named “Leader” in 2024 GigaOm Radar for Attack Surface Management. Read the Report ›

Offensive Tools

ZigDiggity: Run complex attacks against ZigBee networks using a single device.

ZigDiggity is a a ZigBee penetration testing framework that is the weapon of choice for testing Zigbee-enabled systems.

About ZigDiggity

Features Overview

  • Rich attack capability against common Internet of Things (IoT) products that use Zigbee.
  • Solely designed for use with the Raspbee, including:
  • Scripts can all be run using Python3
  • Patterns used by ZigDiggity version 2 are designed to be as reliable as possible
  • Runs the following scripts:
    • - Performs the acknowledge attack against a given network.
    • - Sends a single beacon and listens for a short time. Intended for finding which networks are near you.
    • find_locks.py5 - Examines the network traffic on a channel to determine if device behavior looks like a lock. Displays which devices it thinks are locks.
    • - Runs an insecure rejoin attempt on the target network
    • - Listens on a channel piping all output to wireshark for viewing.
    • - Moves between channels listening and piping the data to wireshark for viewing.
    • - Attempts to unlock a target lock
Bishop Fox Labs Security Researchers Fran Brown Matt Gleason

Lead Researchers

Francis Brown & Matt Gleason

Francis Brown is a Bishop Fox Co-founder and Board Member whose research has been presented at major security conferences. GitHub: Tastic

Matt Gleason is a Bishop Fox alumnus and security researcher. GitHub: mgleason-bishopfox

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.