Modular CyberDeck: Portable Pentesting Platform¶

Research & Design

Week 02

Fab Academy 2026

Status

This is a theoretical design. Nothing has been manufactured yet. All performance claims are based on component datasheets and benchmarks from similar builds, actual results may vary.

What It Is¶

Pentesting workstation that fits in a bag. Modules snap into a backplane, each one adds a capability.

Why Not Just Cluster Pi Zeros?¶

Thought about that at first, not really a great idea lol.

SPI/I2C bottlenecks killed any parallel speedup.
PETG case couldn’t dissipate heat, everything throttled.
overcomplicated as fuck.

So instead of more cores, I went with specialized modules. One good brain plus co-processors that do specific things well.

Why Rock 5B+ Over Pi 5?¶

Original plan was Pi 5. After more research, switched to Rock 5B+. Here’s why:

32GB RAM - Pi 5 maxes out at 8GB. Large packet captures (10GB+ PCAPs), in-memory hash databases, running multiple attack chains simultaneously all of that needs more memory. Swap thrashing in the field isn’t an option.

8 cores - 4x A76 + 4x A55 means actual parallelism. Wi-Fi capture, BLE sniffing, LoRa comms, and crypto can all run without stepping on each other.

2.5GbE - Faster exfiltration when you need to move large captures.

The thermal question: Rock 5B+ draws more power at peak (~20-25W vs Pi 5’s ~8W). But here’s the thing, pentesting workloads are bursty, not sustained. Probe target, be chill, low noise gather information then go for it, You crack a handshake/perform a resource heavy attack for 15 seconds, then idle. The aluminum enclosure acts as a thermal battery, absorbing burst heat and dissipating it slowly during idle. (will see because might need a fan or some sort of cooling to preserve the machines integrity)

A small PWM-controlled fan kicks in only during heavy bursts. 15 seconds of fan noise while processes peak, then silence. Very different from constant drone.

This needs thermal testing to validate. Theoretical for now.

Hardware¶

Main Unit: Rock 5B+ (32GB LPDDR5)¶

RK3588 SoC: 4x A76 (2.4GHz) + 4x A55 (1.8GHz)
32GB LPDDR5 RAM
PCIe 3.0 x4 (native M.2 slot)
2.5GbE networking
5” screen
Some sort of keyboard ball cursor combo of sorts, maybe touchscreen not sure yet.
RP2040 handles power management, shuts down gracefully at 15% battery
Hardware kill switches for radios and storage

Backplane (the “Hub”)¶

6-layer PCB with:
PCIe x1 to crypto module
USB 3.0 hub (VL820) for fast modules
I2C + isolated SPI for sensors
Per-module power switching (can kill a single module without rebooting)
Pogo pins, gold plated, rated for 5k insertions
Checks module signature on insert

Modules¶

Wi-Fi/RF

ESP32-S3 + Alfa AWUS036ACH
Monitor mode, packet injection, BLE sniffing

Crypto Accelerator

RT1176 (Cortex-M7) + hardware SHA256/MD5
Hash cracking for WPA2, NTLM

HID Injector

RP2040 + USB-PD controller
DuckyScript payloads
timing should be rock solid

LoRa C2

SX1262 + STM32G0
Long-range command channel
good for leaving devices places

Secure Storage

NVMe M.2 + ATECC608A
Encrypted storage
Keys stay elsewhere, peerhaps in crypto module idk up to user, maybe yubikey?, if someone grabs the module/device without key it essentially becomes a fancy brick.

KVM Bridge

TC358743 HDMI-to-CSI + USB 3.0
Capture target display + keyboard injection + relay those to your server :)
BIOS access without bringing a monitor

Estimated power draw: ~8W idle, ~20W burst. Theoretical runtime of 3-5 hrs on a 20Ah battery depending on workload mix.

Physical Design¶

Enclosure: 3 pieces
Top: CNC aluminum for heat + RF shielding
Middle: 3D printed PETG, holds the modules
Bottom: Aluminum with battery compartment
Size: 140 x 140 x 60 mm (fits in a big ahh pocket)
Cooling: Burst thermal strategy
Aluminum case acts as thermal mass, absorbs heat during bursts, dissipates during idle
Small PWM fan (controlled by RP2040) kicks in only during sustained high loads
Target: silent during normal operation, brief fan spin during heavy tasks
Needs thermal testing to validate, theoretical for now
Fab: PCB milling, 3D printing, laser cut acrylic for display window, CNC aluminum

Security¶

What	How
Module isolation	Opto-isolators on data lines, separate power rails
Module identity	ECDSA signature check on boot
Radio kill	Physical switches wired to RF disable pins
Storage kill	MOSFET cuts power to NVMe when switch is off

Assume any module could get owned. Don’t let it spread.

Why?

Functionality already hits hella boxes, Design will also, youll be the coolest skid around (probably).

Theoretical Performance¶

These are estimates based on component specs and similar builds. Actual performance TBD after prototyping.

Thing	Old Way (Pi Zero cluster)	Expected (Rock 5B+ + modules)
WPA2 crack	2.3x speedup on paper, 40% lost to SPI overhead	~8x with hardware SHA256 (theoretical)
BLE scan	800ms (Linux stack)	~120ms (ESP32 NimBLE)
HID timing	Jittery on Linux	Should be solid 1ms on RP2040
Large PCAP handling	Swap thrash on 4GB Pi	32GB RAM should handle 10GB+ captures in-memory
Runtime	2.5 hrs before thermal throttle	3-5 hrs estimated (burst workload dependent)

Cost¶

Part	Price
Rock 5B+ (32GB) + screen	$200
Modules (ESP32-S3, RT1176, RP2040 x2, SX1262)	$85
Backplane PCB	$65
Aluminum case	$80
Battery + charging	$50
Connectors, fan, misc	$45
Total	~$525

More expensive than the Pi 5 build (~$400), but the 32GB RAM and burst performance should be worth it for serious field work. Commercial equivalents will burn a hole in your pocket.

Timeline¶

Phase	Weeks	What
Design	1-5	Schematics, CAD, threat model
Prototyping	6-10	First PCB, get modules talking, thermal validation
Integration	11-15	Full build, thermal testing under real workloads, UI
Finalization	16-20	Docs, open source release

Currently: Designing CAD enclosure.

Open Source¶

Releasing everything:

Hardware (Onshape)
Module interface spec
Firmware (signed updates)
Python orchestration code

If you build a module that works with this, cool.

Links¶

Legal

For Lawful Security Testing Only Use this on systems you own or have written permission to test. Unauthorized access is illegal pretty much everywhere. Check your local radio regulations too… dont be a dickhead.