Tune into our first episode of Tool Talk: a how-to series for hackers. REGISTER ›

Offensive Tools

ZigDiggity: Run complex attacks against ZigBee networks using a single device.

ZigDiggity is a a ZigBee penetration testing framework that is the weapon of choice for testing Zigbee-enabled systems.

About ZigDiggity

Features Overview

  • Rich attack capability against common Internet of Things (IoT) products that use Zigbee.
  • Solely designed for use with the Raspbee, including:
  • Scripts can all be run using Python3
  • Patterns used by ZigDiggity version 2 are designed to be as reliable as possible
  • Runs the following scripts:
    • ack_attack.py - Performs the acknowledge attack against a given network.
    • beacon.py - Sends a single beacon and listens for a short time. Intended for finding which networks are near you.
    • find_locks.py5 - Examines the network traffic on a channel to determine if device behavior looks like a lock. Displays which devices it thinks are locks.
    • insecure_rejoin.py - Runs an insecure rejoin attempt on the target network
    • listen.py - Listens on a channel piping all output to wireshark for viewing.
    • scan.py - Moves between channels listening and piping the data to wireshark for viewing.
    • unlock.py - Attempts to unlock a target lock
Bishop Fox Labs Security Researchers Fran Brown Matt Gleason

Lead Researchers

Francis Brown & Matt Gleason

Francis Brown is a Bishop Fox Co-founder and Board Member whose research has been presented at major security conferences. GitHub: Tastic

Matt Gleason is a Bishop Fox alumnus and security researcher. GitHub: mgleason-bishopfox


This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.