This repository contains the firmware for BadW16, a high-speed Wi-Fi penetration testing tool built on the RTL8720DN (BW16) chipset. The project leverages low-level hardware abstraction to bypass standard firmware restrictions, enabling aggressive deauthentication attacks on the 2.4GHz spectrum.
- firmware.ino: The primary logic for scanning and automated striking.
- wifi_cust_tx.h: Header file defining custom 802.11 frame structures.
- wifi_cust_tx.cpp: Implementation of raw frame injection using internal SDK memory addresses.
- Single Scan Acquisition: Performs an initial comprehensive scan of the 2.4GHz band to populate a volatile target list.
- Perpetual Strike Loop: Continuously cycles through discovered access points without requiring manual intervention or re-scanning.
- High-Speed Injection: Packet bursts are optimized with a 1ms delay, providing maximum throughput for disassociating clients.
- Hardware Feedback: Integrated control of the onboard Red LED to indicate active packet transmission phases.
- Channel Filtering: Specifically tuned to focus radio resources on channels 1-14 for optimized 2.4GHz performance.
- Place wifi_cust_tx.h and wifi_cust_tx.cpp in the same directory as the firmware.ino file.
- Open the project in the Arduino IDE.
- Select BW16 (RTL8720DN) as the target board.
- Compile and upload the firmware to the device.
- Open the Serial Monitor with a baud rate of 115200 to monitor the ASCII banner and real-time strike logs.
The current build is designed for the BW16 module, utilizing its dual-core architecture to handle background Wi-Fi management and foreground packet injection simultaneously. For optimal range, an external antenna modification as shown in the project documentation is highly recommended.
This tool is intended for educational purposes and authorized security auditing only. Using this device on networks without explicit permission is illegal and unethical. The developer assumes no liability for misuse or damage caused by this software.
