Cyber-Football
A VPN-controlled USB HID implant on a Raspberry Pi Zero W. One cable presents three USB functions at once — keyboard, network adapter, and storage — all driven remotely over a ZeroTier VPN.
Security research / red-team tooling published for educational use. Only deploy it against hardware and networks you own or are explicitly authorized to test.
What it does
Plugged into a host, the Pi Zero W emulates a composite USB gadget: it can type commands as a keyboard, bridge the host onto a network via an RNDIS adapter, and expose files through a virtual flash drive — while the operator controls it from anywhere through a ZeroTier VPN over the Pi's own Wi-Fi.
Features
- USB composite gadget — simultaneously presents three USB functions: HID keyboard, RNDIS network adapter, and mass storage.
- Remote control — a Flask API with WebSocket support streams keystrokes in real time.
- Output capture — bidirectional command execution with result retrieval over netcat.
- Profile switching — adapts the USB function combination per target OS (Windows, Android, Mac, Linux).
- Fast binary path — an optional C-based
hid-streamfor optimized keystroke injection. - Independent internet — the Pi uses its own Wi-Fi and doesn't depend on the target host's connectivity.
Hardware
Built around a Raspberry Pi Zero W using Linux USB gadget mode (ConfigFS) — no external microcontroller required. The full build, setup scripts, and API live in the repository.