Skip to content
Switch branches/tags

Latest commit

Add hardware sponsor and remove FAQ related to release issue

Git stats


Failed to load latest commit information.


Build Status GitHub release GPLv3 license Slack invite


Walrus is an Android app for contactless card cloning devices such as the Proxmark3 and Chameleon Mini. Using a simple interface in the style of Google Pay, access control cards can be read into a wallet to be written or emulated later.

Designed for physical security assessors during red team engagements, Walrus supports basic tasks such as card reading, writing and emulation, as well as device-specific functionality such as antenna tuning and device configuration. More advanced functionality such as location tagging makes handling multiple targets easy, while bulk reading allows the stealthy capture of multiple cards while “war-walking” a target.


Get it on Google Play


Documentation and Getting Started. For end-user information such as what Walrus is, and how it can be used in the field, check out the Walrus website!


Walrus is developed by Daniel Underhay and Matthew Daley (a.k.a. Team Walrus!) and is Open Source


Walrus is a standard Android Studio project. At this stage there are no unusual dependencies or build steps beyond the usual cloning of the repository and opening the project in Android Studio.

TODO: When we refresh and remove the current Google Maps API key from the repo, we'll need to point out that this needs to be generated and set manually if maps are needed.


The current layout of Walrus's source code is as follows:

  • /app/src/main

    • /assets: Any non-resource assets, like the open source license listing.

    • /res: Resource files.

    • /java/com/bugfuzz/android/projectwalrus: Actual code lives here!

      • /card: Code to do with persistent data (i.e. the wallet). The Card class, the base CardData class and various card data type classes, database models and database helpers are here.

      • /device: Device-agnostic and device-specific driver code. The important CardDeviceManager lives here alongside the base CardDevice class and its child classes for various basic kinds of device (serial, line-based, etc.). Code to handle bulk reading is also located here.

        • /proxmark3: Proxmark3 driver code.

        • /chameleonmini: Surprise! Chameleon Mini driver code.

      • /ui: Code to do with other UI.

      • /util: Miscellaneous.


Team Walrus is powered by Lab401, our official hardware sponsor 🥳 Check out their website for some great deals on hardware!

Device Support

Here’s a table of the current devices / card type pairs we support and in what manner.

Key: R = reading, W = writing, U = upload

Proxmark3 Original Pm3 Evo Pm3 RDV4 Pm3 Iceman Fork Chameleon Mini Rev.G C.M Rev.E Rebooted
HID Prox R / W R / W R / W R / W - -
ISO14443A - UID - - - - R / U U
Mifare Ultralight - - - - - -
Mifare Classic 1K R / W R / W R / W R / W U U
Mifare Classic 4K ? ? ? ? ? ?
Mifare Classic 4B ? ? ? ? ? ?
Mifare Classic 7B ? ? ? ? ? ?
Mifare DESFire ? ? ? ? ? ?


We welcome all kinds of contributions and bug reports, big or small! Development takes place at our GitHub repository. There you can file issues (both bugs and enhancement requests) and submit pull requests. Feel free to join our Slack channel.

During the initial development of Walrus, changes to the codebase are likely to be frequent and wide-ranging, so if you want to work on a feature, it's wise to reach out first to ensure that your hard work won't be soon obsoleted. After our first full release we hope to gain stability and bring in some of the additional resources expected of a project today, such as a proper test suite and continuous integration.

One area we'd love your help with is contributing translations! If you think you can help us out translating our Android string resources to another language, please get in touch!