For many people, one of the bigger hurdles to learning about hardware hacking is the cost involved in acquiring all the necessary gear to get started. In this post, I’ll list out what I believe the bare minimum tools with the best cost-to-value option I’m aware of. There are obviously going to be gaps in capabilities, but the idea here is simple to get started.
This is going to be a somewhat living post where I’ll make changes and updates as necessary. I’ll be looking to add two more sections eventually: Expanding your capabilities, and targets on the cheap.
Also, I’m not going to include a full list of consumables but think about picking up, at minimum, some jumper wires, clips, various header pins, and a chip quik removal kit.
TL:DR Must Have List
Soldering Iron: https://amzn.to/2tUx6GO
Multi-protocol Interface (FT232h): https://amzn.to/2UqyyfV
Logic Analyzer: https://amzn.to/2TlXVmC
Universal Programmer: https://amzn.to/2zaKzgv
I’m writing this post from the hotel bar while on-site for some hardware testing (Many devices work together in a way that testing on-site made more sense). I brought my entire badge hackers kit but only needed items listed to acquire the firmware from all of my target devices, some of which led to remote attacks against the devices or their infrastructure.
Soldering Iron: https://amzn.to/2tUx6GO
The linked soldering iron is the TS100 (aka Pro32). This soldering iron is not the cheapest, but it’s the best soldering iron sub $80. It’s open-source and firmware is upgradable. This iron lives in my traveling kit and I use it often clients “require” on-site testing of their hardware. It’s good enough to remove and re-solder a TSOP 48 pin flash chip hungover. No Joke.
FT232h: https://amzn.to/2UqyyfV
The FT232h is, simply put, my single most used interface. While it is primarily a UART device, it uses FTDI’s MPSSE (Multiple-Protocol Synchronous Serial Engine) which allows it to speak, you guessed it, multiple additional protocols over serial including: JTAG, SPI, and I2C. I’ve never seen this breakout crest the $25 mark and it’s easily worth double that. I even keep one in my car, cause you never know.
Logic Analyzer: https://amzn.to/2TlXVmC
This is the only item I’m listing that I haven’t personally testing. The linked board is a very cheap logic analyzer that is supported by sigrok (an open-source LA software). This blog is about cheap and this is about as cheap as it gets. That said, according to sigrok’s supported hardware page, this device is a clone of the Saleae Logic Analyzer (my personal go-to). While the Saleae is not cheap, it’s worth it. I highly suggest upgrading when it’s financially feasible for both moral and practical reasons.
Universal Programmer (TL866II+): https://amzn.to/2zaKzgv
- Bare bones: https://amzn.to/2HpI0g1
- w/ Adapters: https://amzn.to/2zaKzgv
My TL866II+ has gotten a lot of work, especially with the adapters. I often find that the easiest way into a device is simple to remove it’s firmware storage devices and dump out their contents. This may not be the absolute cheapest universal programmer out there, but it does have the benefit of being hackable to add support for additional chip variants.