Configuring Raspberry Pi as a VPN gateway using NordVPN with best server selection (Pi-hole with DoH setup optional)

Update (Nov/2020): Made a few modifications to make the script work again.

This is going to be a quick tutorial (/self-reference) to set up Raspberry Pi as a VPN router for NordVPN. I ran into so many issues (!) specially with the kill-switch part, so just wanted to write this up in case someone else is looking for the same. Obviously there are better ways of getting this done documented out there, but I wanted a custom setup with a few modifications as you will see. As an add-on, I installed Pi-hole for ad & malicious domain blocking with DNS over HTTPS (DoH), with the DNS queries now tunneled over VPN.

Wi-Fi packet sniffing / monitoring on Windows using Raspberry Pi - inspired by Wimonitor

Wimonitor is a wonderful product from Hacker Arsenal that saves pentesters the hassle of having to configure VMs, carry compatible wireless cards that support monitor mode etc. and comes with a web interface to do the configurations. It gives you the flexibility to plug in the device into the Ethernet port and start Wi-Fi monitoring on any OS. Basically it is a tp-link TL-MR3020 router with a custom firmware that does all the monitoring part and sends the packets to the host laptop (or Mac !) where you can start Wireshark and concentrate on the packet analysis.

I haven’t got one yet, but have been hearing good reviews about the product since launch. The shipping cost to EU is a bummer :(. Hopefully they will start shipping from EU soon.

Meanwhile - why not try this on a Raspberry Pi ?

Twitter notifications for MotionEyeOS video surveillance system on Raspberry Pi

MotionEyeOS is a wonderful project by Calin Crisan that converts your single board computer into a video surveillance system in a matter of minutes. It is supported on a number of devices and is well maintained with good community support.

Now that the latest Raspberry Pi Zero version (W) comes with onboard Wi-Fi, it makes an ideal candidate to deploy MotionEyeOS across your perimeter and run a cheap video surveillance system with lesser clutter of having to attach a Wi-Fi dongle as in the previous versions of Pi Zero.

Raspberry Pi Zero for credential snagging

Update: CVE-2016-3302 / MS16-112 patch was released by Microsoft to fix the issue.

Introduction

This post is an extension to Rob Fuller’s (@mubix) work - https://room362.com/post/2016/snagging-creds-from-locked-machines/ to see how a Raspberry Pi Zero can be used for credential snagging. All credits go to @mubix for the original research. It is recommended to read mubix’s post (if you haven’t already !) before proceeding.