Espilon¶
ESP32 Embedded Agent Framework for Security Research
Espilon is an open-source embedded agent framework for ESP32 microcontrollers, designed for network surveillance, reconnaissance, and distributed communication in constrained IoT environments.
What is Espilon?¶
Espilon demonstrates how to build lightweight, efficient embedded agents capable of communicating via Wi-Fi or GPRS. Built with ESP-IDF and designed for security research and education.
Security Research Tool
This is a security research and educational tool. It must only be used in authorized penetration testing, controlled environments, CTF competitions, or educational contexts. Unauthorized use is illegal.
Key Features¶
Core Capabilities¶
- Dual Network Backend - WiFi or GPRS connectivity (LilyGO T-Call support)
- Encrypted C2 - ChaCha20 encryption with Protocol Buffers
- Modular Architecture - Enable/disable components at compile time
- Async Execution - FreeRTOS-based task management
- Auto-reconnection - Persistent TCP with recovery
- Multi-device - Centralized C2 for fleet management
Modules¶
- ARP Scanner
- ICMP Ping
- TCP Proxy
- Packet Sniffer
- Traffic Generator
- Rogue Access Point
- Captive Portal
- DNS Hijacking
- Client Tracking
- ESP32-CAM Support
- Image Capture
- Video Streaming
- BLE Trilateration (WIP)
- Device Management
- Memory Monitor
- Uptime Tracking
- Remote Reboot
Quick Links¶
-
Getting Started
Install Espilon and build your first agent
-
Hardware Guide
Supported boards, pinouts, and wiring
-
Module API
Complete command reference
-
Security
Best practices and responsible use
Architecture Overview¶
graph TB
subgraph ESP32["ESP32 Agent"]
M[Modules]
C[Command Registry]
CR[Core Layer]
E[ESP-IDF]
end
subgraph C2["C2 Server (Python)"]
CLI[CLI Interface]
DR[Device Registry]
GM[Group Manager]
end
M --> C
C --> CR
CR --> E
E <-->|TCP Encrypted| C2
CLI --> DR
DR --> GM
style ESP32 fill:#1e40af
style C2 fill:#059669Supported Hardware¶
Recommended Boards¶
| Board | Type | Status | Best For |
|---|---|---|---|
| LilyGO T-Call | GPRS | ✅ Recommended | Portable GPRS deployments |
| ESP32 DevKit | WiFi | ✅ Supported | General WiFi operations |
| ESP32-CAM | Camera | ✅ Supported | Vision/surveillance |
| NodeMCU-32S | WiFi | ✅ Supported | Development |
Why Espilon?¶
For Security Researchers¶
- Understand embedded IoT attack vectors
- Test wireless security controls
- Demonstrate security concepts
- Develop custom modules
For Educators¶
- Teach embedded systems security
- Practical WiFi security labs
- IoT penetration testing courses
- Hands-on learning platform
For Developers¶
- Learn ESP32 development
- Understand C2 architecture
- Build custom modules
- Contribute to open source
Project Status¶
| Component | Status | Version |
|---|---|---|
| Firmware | ✅ Stable | v1.0 |
| C2 Server | ✅ Stable | v1.0 |
| Documentation | ✅ Complete | v1.0 |
| LilyGO T-Call | ✅ Official | v1.0 |
Getting Help¶
- Documentation: Browse the guides in the navigation
- GitHub Issues: Report bugs
- Discussions: Community Q&A
License¶
Espilon is licensed under the MIT License with additional terms for security research tools.
Next Steps
Ready to get started? Check out the Quick Start Guide or explore the Hardware Options.