🔗 Based on the original EvilCrow RF v2 by Joel Serna Moreno
This enhanced firmware transforms your EvilCrow RF v2 into a powerful Software Defined Radio (SDR) compatible with Universal Radio Hacker (URH) and other professional RF analysis tools.
This project builds upon the excellent work of:
- Joel Serna Moreno - Original EvilCrow RF v2 creator
- Original Repository: https://github.com/joelsernamoreno/EvilCrowRF-V2
- Hardware Design: EvilCrow RF v2 by Joel Serna Moreno
Improvements and features developed here are intended to be contributed back to the original EvilCrow project via pull requests to help the entire community.
Would you rather pay cose to 500$ for the HackRF, instead of paying just 35~$ for the Evil Crow v2?
This firmware transforms you Evil Crow Device in to a multifunctional, sub-Ghz, wireless security auditing tool. If you have no need for >1GHz band access you stand to save a few hundred dollars while getting extremely high value for your money if you choose Evil Crow v2 + SDR firmware over, say, the Hack RF One which will cost you about 10x more.
- Proper CC1101 library integration - Uses ELECHOUSE_CC1101_SRC_DRV.h
- USB SDR functionality - HackRF protocol compatibility
- Real CC1101 hardware support - Actual RF chip communication
- URH compatibility - Works with Universal Radio Hacker
- GNU Radio support - Compatible with GNU Radio Companion
- Web interface - Built-in web control panel
- Hardware buttons - Physical button controls
- EvilCrow RF v2 hardware
- CC1101 transceiver module (properly connected)
- USB connection to PC
- Remove SD card if experiencing SPI conflicts
- Open Arduino IDE
- Load firmware:
EvilCrow-SDR-Working.ino - Select board: ESP32 Dev Module
- Verify all files are present:
EvilCrow-SDR-Working.ino(main firmware)ELECHOUSE_CC1101_SRC_DRV.h(library header)ELECHOUSE_CC1101_SRC_DRV.cpp(library implementation)
- Upload to EvilCrow
Note: The library files are included locally in the project folder to ensure proper compilation.
- Connect EvilCrow to PC via USB
- Open serial terminal (115200 baud)
- Send commands:
board_id_read set_freq 433920000 set_sample_rate 250000 rx_start
- Start this firmware on EvilCrow
- Run URH bridge:
python3 urh_compatible_bridge.py
- In URH: Select RTL-TCP, IP: 127.0.0.1, Port: 1234
- Click Start in URH
- Connect to WiFi: "EvilCrow-SDR" (password: "123456789")
- Open browser: http://192.168.4.1
- Control SDR via web interface
| Command | Description | Example |
|---|---|---|
board_id_read |
Get device info | Returns board ID |
set_freq <Hz> |
Set frequency | set_freq 433920000 |
set_sample_rate <Hz> |
Set sample rate | set_sample_rate 250000 |
set_gain <dB> |
Set gain | set_gain 20 |
rx_start |
Start receiving | Begins IQ streaming |
rx_stop |
Stop receiving | Stops IQ streaming |
- Button 1: Toggle RX mode on/off
- Button 2: Cycle through frequencies (315, 433.92, 868, 915 MHz)
| Endpoint | Method | Description |
|---|---|---|
/api/sdr/status |
GET | Get SDR status |
/api/sdr/start |
POST | Start receiving |
/api/sdr/stop |
POST | Stop receiving |
/api/sdr/frequency |
POST | Set frequency |
- Remove SD card (SPI conflict)
- Check connections (power, SPI pins)
- Verify 3.3V power to CC1101
- Try different firmware if needed
- Ensure bridge is running on port 1234
- Check serial port (/dev/cu.usbserial-140)
- Verify CC1101 initialization in serial output
- Use correct URH settings (RTL-TCP, 127.0.0.1:1234)
- Check antenna connection
- Verify frequency settings
- Ensure RX mode is active
- Check for RF signals in environment
🚀 EvilCrow RF v2 - Working USB SDR Platform
📡 HackRF Compatible | GNU Radio | SDR# | URH
================================================
📻 Initializing SDR subsystem...
✅ SDR subsystem initialized
🔌 Setting up pins... ✅ Success
📡 Initializing CC1101 with ELECHOUSE library... ✅ Success (CC1101 initialized with ELECHOUSE library)
📊 Library: ELECHOUSE_CC1101_SRC_DRV
📡 Default frequency: 433.92 MHz
📻 Mode: RX
📶 Setting up WiFi Access Point... ✅ Success
🌐 IP Address: 192.168.4.1
🌐 Setting up web server... ✅ Success
🎉 EvilCrow SDR initialization complete!
📻 SDR Mode: Ready
🌐 Web Interface: http://192.168.4.1
✅ EvilCrow SDR is ready!
🔗 Connect via USB and send commands
- Proper Library Usage: Uses ELECHOUSE_CC1101_SRC_DRV instead of manual SPI
- Correct Initialization: Follows proper CC1101 init sequence
- Real Data: Reads actual RF data from CC1101 FIFO
- Stable Communication: Proper SPI handling and timing
- Hardware Compatibility: Works with actual EvilCrow hardware
🖥️ Unlimited Processing Power No more ESP32 memory limits (32KB → Gigabytes) No more CPU constraints (240MHz → Multi-GHz multi-core) Complex algorithms that were impossible on ESP32 Real-time analysis of multiple signals simultaneously
🎨 Advanced User Interfaces Professional desktop applications (Python/Qt, Electron, etc.) Web-based dashboards with real-time visualizations Mobile apps that connect to EvilCrow Integration with existing tools (URH, GNU Radio, etc.)
🧠 AI-Powered RF Analysis Machine learning for automatic protocol detection Neural networks for signal classification Pattern recognition for unknown protocols Automated attack generation
🎯 Specific New Possibilities:
- Advanced Signal Analysis Engine
- Professional Attack Framework Automated vulnerability scanning of RF devices Protocol fuzzing with intelligent mutations Real-time jamming with adaptive algorithms Coordinated multi-frequency attacks
- Database-Driven Operations Massive signal fingerprint database (millions of devices) Cloud-synchronized attack patterns Historical analysis of captured signals Collaborative threat intelligence
- Advanced Visualization 3D spectrum analysis in real-time Waterfall displays with infinite history Protocol flow diagrams Attack success probability heatmaps
🛠️ Implementation Ideas: Option 1: Enhanced Python Framework Option 2: Web-Based Command Center Real-time dashboard showing all RF activity Drag-and-drop attack builder Live spectrum analyzer Remote control from anywhere Option 3: Integration Platform GNU Radio integration for custom DSP Wireshark plugins for RF protocols Metasploit modules for RF exploitation OSINT integration for target intelligence
🎯 Immediate Next Steps:
- Enhanced Bridge Framework A more powerful bridge that supports: Multiple simultaneous connections Plugin architecture for custom protocols Real-time signal processing Advanced attack modes
- Professional Web Interface Real-time spectrum display Protocol decoder dashboard Attack automation interface Signal database management
- AI-Powered Analysis Automatic protocol detection Vulnerability assessment Attack recommendation engine Success probability prediction
🏆 This Changes Everything! This firmware essentially opens up for a "EvilCrow Pro" architecture where:
✅ EvilCrow = High-quality RF frontend
✅ Computer = Unlimited processing power
✅ Bridge = Seamless integration
✅ Result = Professional-grade RF security platform
This could compete with $10,000+ commercial RF security tools! 💰