Skip to content

Releases: fmatsch/HackberryPiOS

HackberryPiOS v1.1.1 — install fix for Debian 13 (trixie)

Choose a tag to compare

@fmatsch fmatsch released this 15 Jun 09:43

Bugfix release.

Fixes the install failure on Raspberry Pi OS based on Debian 13 (trixie),
where wkhtmltopdf is no longer in the repositories. Previously apt-get
aborted the whole package list (and the script), so the Python virtual
environment was never created and hackberrypios was "not found".

  • install.sh now installs system packages best-effort: it tries the full
    list, then retries package-by-package, so a single missing candidate (like
    wkhtmltopdf on trixie) can never abort the install.
  • PDF export gained a Chromium-headless fallback (wkhtmltopdf → Chromium →
    HTML), so PDF reports still work on trixie out of the box.

Upgrade / fix a broken install

cd HackberryPiOS && git pull && ./install.sh

HackberryPiOS v1.1.0 — workflow & deeper checks

Choose a tag to compare

@fmatsch fmatsch released this 03 Jun 17:53

This release turns HackberryPiOS from a scanner into a workflow for repeat
visits
to the networks you manage, and adds several high-value checks.

🌐 Website: https://fmatsch.github.io/HackberryPiOS/

New — built for repeat visits

  • Site profiles — save each network's AD domain, subnet, NTP server and
    notes; load on arrival and push the context to every tab (no passwords stored).
  • Baseline & change detection — save the host set, then Compare on your
    next visit to surface new (rogue?), missing and changed devices.
  • HTML / PDF reports — one-click styled, self-contained report for clients
    and colleagues (PDF needs wkhtmltopdf; HTML always works).

New — security & diagnostics

  • TLS / certificate inspection (expiry, protocol, self-signed; HTTPS/LDAPS).
  • NTP / Kerberos clock-skew check — dependency-free SNTP.
  • Rogue-DHCP detection (broadcast DISCOVER).
  • SMBv1 / signing subnet sweep and version-based CVE hints.
  • OS fingerprinting (nmap -O) and full OUI vendor resolution.

New — UX

  • Wi-Fi channel-congestion advice + live site-survey mode.
  • Battery & CPU temperature in the header.
  • Filter boxes on the Hosts and Security tables.
  • New Site tab, expanded Sec tab, and CLI --profile / --html.

Upgrade

cd HackberryPiOS && git pull && ./install.sh

Defensive / administration tool — authorised use only.

HackberryPiOS v1.0.0

Choose a tag to compare

@fmatsch fmatsch released this 03 Jun 16:24

First public release of HackberryPiOS — a one-stop, keyboard-driven network
audit toolkit for the HackberryPi CM5, optimised for the device's small display.

🌐 Website: https://fmatsch.github.io/HackberryPiOS/

Features

  • Network health score (0–100) + prioritised recommendation engine
  • Host discovery — IP, name, MAC, vendor (arp-scan → nmap → ARP cache)
  • Domain Controller checks — locate via DNS SRV, health-check Kerberos/LDAP/SMB/GC
  • SMB shares — enumerate per host, flag anonymous/guest access
  • Port & service scanning — nmap with pure-Python fallback
  • Printer discovery — mDNS + IPP/LPD/JetDirect
  • Wi-Fi survey — APs, signal, band, security; flags open/weak crypto
  • Speed & latency — gateway RTT/jitter/loss, iperf3, WAN download
  • Security posture — SMBv1/signing, risky services, aggregated findings
  • JSON report export and a headless --cli mode

Install

git clone https://github.com/fmatsch/HackberryPiOS.git
cd HackberryPiOS && ./install.sh
.venv/bin/hackberrypios

Optional console autostart: ./scripts/autostart.sh enable (easy to disable).

Defensive / administration tool — authorised use only.