Cyber Controller v1.1.0 — Unified Broadcast + full security audit

Cyber Controller v1.1.0 — a large, backward-compatible feature + hardening release (10 PRs since v1.0.0). Suite green; key paths hardware-validated.

✨ Headline feature — Unified Action Broadcast

One intent verb (Find APs, BLE Scan, Deauth All, …) fans out to every connected radio at once, each in its own native command, with results converging into the shared Target Pool. New Broadcast tab + broadcast.py engine + BROADCAST_CAPABILITIES on all protocols. Live-validated: "Find APs" → BW16 AT+SCAN (dual-band) + GhostESP scanap (94 APs) simultaneously.

🔌 New flashing paths (all hardware-validated)

• GhostESP per-board .zip bundles (merged.bin @0x0) — was previously un-flashable.
• Meshtastic per-chip 128 MB zips (factory @0x0, bleota @0x260000, littlefs @0x300000) — validated on Heltec LoRa V3.
• BW16 / RTL8720DN (Realtek AmebaD, dual-band 2.4/5 GHz) — first-class non-ESP32 flash backend + serial protocol.

🔒 Security — full audit, all 10 findings closed

H-1 firmware SHA-256 pinning · H-2 no silent dev-server on LAN · M-1 serial-subscribe DoS · M-2 vault API SSRF allowlist · M-3 session-fixation rotation · M-4 admin_ip validation · L-1 Windows NTFS ACLs · L-2 durable tamper-evident audit trail · L-3 honest password handling · L-4 strict CSP nonce (no 'unsafe-inline').

⚡ Performance (no visual/behavior change)

Removed a 100 ms GUI-thread psutil block; memoized protocol command lists; bounded terminal/log memory.

🩹 Corrections

Bruce repo → canonical BruceDevices/firmware; firmware count → verified 19.

See CHANGELOG.md for the full list.

⚠️ Authorized-lab / lawful use only. Dangerous RF capabilities are labeled and gated, never removed; broadband jamming is excluded per 47 U.S.C. §333 / FCC.

Cyber Controller v1.0.0 — First Official Release

Cyber Controller v1.0.0

The first official release of Cyber Controller — the all-in-one security hardware controller for cyberdecks and field deployments.

Highlights

• 18+ firmware profiles across 4 backends (esptool, qFlipper, ADB, SD image)
• 7 protocol parsers with 250+ commands (Marauder 73, GhostESP 41, ESP32-DIV 60+, Bruce, Flipper, HaleHound, Meshtastic)
• 4 UI modes — PyQt5, Tkinter, Textual TUI, Flask+SocketIO web remote
• Hardware-validated flash core — per-chip bootloader offsets, --flash_size detect anti-brick, chip auto-detection
• Cross-device coordination — shared target pool, event bus, auto-routing rules, TargetIngestor closes the loop
• Suicide Marauder integration — password/duress provisioning, dead-man switch setup from the dashboard
• Security hardened — 15 red-team findings fixed, AES-256-GCM mandatory, scrypt web auth, SSRF hardening, CSRF protection

Install

pip install .              # core (PyQt5 + esptool)
pip install ".[full]"      # all UIs (+ Textual TUI + Flask web)
cyber-controller --ui qt   # launch PyQt5 GUI

Testing

111 tests passing across 9 modules, including hardware-validated live cross-comm tests.

Links

• Website
• ESP32 Marauder Tools Hub
• Portfolio

v0.3.0 — Flagship overhaul (flash core, security, 18 firmwares)

Cyber Controller v0.3.0

Flagship overhaul — the convergence of Headless Marauder GUI, Universal Flasher, and Universal
Flasher & UI into one hardened controller. Flash. Control. Coordinate.

Highlights

• Hardware-validated flash core ported from the proven lineage: chip auto-detect, the
  --flash_size detect anti-brick path, correct per-chip bootloader offsets (incl. ESP32-C5
  0x2000), child-kill-on-error.
• Fixed a silent flash bug — profiles previously produced an esptool call with zero binaries.
• Real backends wired — ADB (RayHunter/Orbic), SD-image (Pwnagotchi/RaspyJack/Kali), backup +
  restore, batch flash; recovered Bruce/Flipper/HaleHound/Meshtastic protocol parsers + registry.
• 18 firmware profiles (URL corrections + new RayHunter/Pwnagotchi/RaspyJack/Kali) and expanded
  M5 / LilyGo / CYD / C5 boards.
• New tabs — Settings, Cross-Comm (target pool + auto-routing), Targets.
• Security hardened (all critical/high audit findings, red-team-verified): authenticated
  WebSockets + CSRF + CORS allowlist + rate-limit + localhost-default bind + no default creds;
  SSRF allowlist + SHA-256 firmware pinning; AES-256-GCM fail-closed storage; injection/XSS fixes.
• Docs: SECURITY.md, docs/RED-TEAM.md (AI-codegen threat model), docs/WEBSITE-SECURITY.md.

Validation status — flash path hardware-validated ✅

The full flash path was validated on a real ESP32 (ESP32-D0WD-V3, 4MB): device detection + USB
autodetect, chip identification, a full-flash backup (read_flash), and a complete
download → write_flash -z --flash_size detect (bootloader/partitions/boot_app0/app at the correct
offsets) → every region hash-verified of ESP32 Marauder v1.12.1 — the board reboots into Marauder
and responds to serial commands. Still pending validation: the PyQt5 GUI runtime, other chip
families (S3 / C5 / C-series), and the ADB / SD-image / qFlipper backends. Run
pip install -e .[dev] && pytest to exercise the test suite.

MIT © 2026 LxveAce · https://lxveace.com · https://esp32marauder.com