Skip to content

Scope

In scope

  • Proximity electronic attacks (Flipper Zero classes: sub-GHz, NFC/RFID, IR, iButton).
  • HID injection (BadUSB, RubberDucky, O.MG).
  • Drop devices on corporate networks (Pi, ESP32, hardware implants).
  • Badge cloning and Physical Access Control Systems (PACS).
  • Wi-Fi rogue AP and captive portal on premises.
  • Immediate electronic side channels: keystroke injection, USB exfiltration.

Out of scope

  • Mechanical lockpicking, safe manipulation, physical door bypass (covered by TOOOL, Deviant Ollam).
  • Pure social engineering without electronic vector (covered by Hadnagy).
  • Optical surveillance / counter-surveillance.
  • State-level threats (TEMPEST, deep RF emanation).

This delimitation makes the framework academically defendable and implementable within a 12-month postgrad timeline.