Add reference projects as submodules

monmob (WiFi monitor mode), P4wnP1 (USB attack platform), dustcloud-nexmon (Broadcom firmware patches), InternalBlue (Bluetooth firmware patching). Docs updated with descriptions and usage context for each.
2026-03-31 07:30:43 -07:00
parent 3c485ed311
commit 7be3a8e183
6 changed files with 59 additions and 0 deletions
--- a/.gitmodules
+++ b/.gitmodules
@@ -1,3 +1,15 @@
 [submodule "tools/rtl_tcp_andro"]
 	path = tools/rtl_tcp_andro
 	url = https://github.com/signalwareltd/rtl_tcp_andro-.git
+[submodule "tools/monmob"]
+	path = tools/monmob
+	url = https://github.com/tuter/monmob.git
+[submodule "tools/P4wnP1"]
+	path = tools/P4wnP1
+	url = https://github.com/RoganDawes/P4wnP1.git
+[submodule "tools/dustcloud-nexmon"]
+	path = tools/dustcloud-nexmon
+	url = https://github.com/dgiese/dustcloud-nexmon.git
+[submodule "tools/internalblue"]
+	path = tools/internalblue
+	url = https://github.com/seemoo-lab/internalblue.git
--- a/BUILDING_MODULES.md
+++ b/BUILDING_MODULES.md
@@ -183,6 +183,49 @@ pkg install -y clinfo opencl-headers
 clinfo  # Should show PowerVR device
 ```

+## Included Reference Projects
+
+These are included as submodules in `tools/` to give you a starting point
+for building custom drivers and firmware. Clone with `--recurse-submodules`
+to get them.
+
+### monmob — WiFi Monitor Mode on Android
+- **Path**: `tools/monmob`
+- **Repo**: https://github.com/tuter/monmob
+- **What**: Enables WiFi monitor mode on mobile devices. Useful reference
+  for getting monitor mode working on Broadcom chips without full nexmon.
+
+### P4wnP1 — USB Attack Platform
+- **Path**: `tools/P4wnP1`
+- **Repo**: https://github.com/RoganDawes/P4wnP1
+- **What**: Turns devices into a flexible USB attack/pentest platform.
+  HID injection, network attacks via USB gadget, Bluetooth. Good reference
+  for USB gadget mode drivers and HID attack payloads on Android.
+
+### dustcloud-nexmon — Nexmon for Broadcom Chips
+- **Path**: `tools/dustcloud-nexmon`
+- **Repo**: https://github.com/dgiese/dustcloud-nexmon
+- **What**: Nexmon firmware patches adapted for various Broadcom WiFi chips.
+  Reference for porting nexmon to new chips like the BCM4390.
+
+### InternalBlue — Bluetooth Firmware Patching
+- **Path**: `tools/internalblue`
+- **Repo**: https://github.com/seemoo-lab/internalblue
+- **What**: Bluetooth experimentation framework from the Seemoo Lab
+  (same team behind nexmon). Patches Broadcom/Cypress and some Qualcomm
+  Bluetooth firmware for security research. Supports:
+  - Raw HCI access and LMP monitoring
+  - Firmware patching on Broadcom BT chips
+  - Fuzzing and security testing
+  - Works on Android with root (KernelSU)
+
+### rtl_tcp_andro — RTL-SDR + HackRF Android Driver
+- **Path**: `tools/rtl_tcp_andro`
+- **Repo**: https://github.com/signalwareltd/rtl_tcp_andro-
+- **What**: Native Android USB driver for RTL-SDR and HackRF. Implements
+  the rtl_tcp protocol via `iqsrc://` intent. Build the APK and any SDR
+  app on Android can use your USB SDR hardware without root.
+
 ## Kernel Module Loading via KernelSU

 KernelSU supports loading `.ko` files. Place them in:
--- a/tools/P4wnP1
+++ b/tools/P4wnP1
--- a/tools/dustcloud-nexmon
+++ b/tools/dustcloud-nexmon
--- a/tools/internalblue
+++ b/tools/internalblue
--- a/tools/monmob
+++ b/tools/monmob