DopeScope-Box.jpg
DopeScope 2.0
dope-scope-horizontal-2.png
DopeScope-Box.jpg
DopeScope 2.0
dope-scope-horizontal-2.png

DopeScope 2.0

$150.00

A directional Wi-Fi Sniffing device that fits in the palm of your hand

The DopeScope 2.0 is built on a powerful ESP32 wireless SoC. This SoC features a dual-core CPU, 520 KiB SRAM, 4MB of program memory, 802.11bg and Bluetooth 4.2 BR/EDR and BLE. We’ve attached an RGB IPS screen with a resolution of 160x80 with a lens that allows for easy handheld Wi-Fi hunting.

Download Instructions

*If you are experiencing problems with your DopeScope 2.0 case, please ship it back at any time and we’ll fix it. Our address is 12110 Sunset Hills Road, Suite 600, Reston, VA 20190

Quantity:
Add To Cart

When to Use It

  • Identifying and locating rogue Wi-Fi Access Points in your Wi-Fi infrastructure (Read More)

  • Identifying and locating any unknown or unauthorized hidden Wi-Fi Access Points in your area

  • Identifying and locating any unknown or unauthorized Bluetooth/BLE devices in your area

  • Performing basic Wi-Fi surveys in your area

  • Identifying and locating any unsecured Wi-Fi Access Points

  • Determining the optimal spot from which to perform any authorized Wi-Fi penetration testing activities (Read More)

  • Performing a basic survey of your SCADA infrastructure to identify any unknown Wi-Fi access points (Did you know that some SCADA solutions now come with embedded unsecured Wi-Fi access points for ease of management/configuration? Read More)

  • Helping to determine signal coverage and the most efficient placement of WiFi Nodes when installing a Wi-Fi network

  • Helping to determine the best place to sit at a venue that offers Wi-Fi coverage

How It Works

dopescope2_diagram.png
 

Main Menu

The main menu allows you to choose between scanning modes as well as access user configurable options. Use the buttons to move UP and DOWN the menu, pressing SELECT on the option you want.

dopescope2_mainmenu.png

Wi-Fi Scan

dopescope_wifiscan.png

The default screen in the Wi-Fi menu will show a continual scan of the advertised networks within range. The display shows the RSSI, encryption type, channel and SSID (if not hidden) for the AP. The display will update roughly every three seconds. Using the buttons, you can pause the scan and scroll through the list of APs. Pressing the SELECT button on an AP will bring up an option menu which will allow you to get more details, follow the AP or return to Wi-Fi Scan or the Main Menu. If you scroll back to the top of the screen, the device will resume scanning. Pressing the SELECT button while actively scanning will return you to the main menu.

Wi-Fi Details

dopescope2_wifidetails.png

The Wi-Fi Details screen will show you the normal information about the AP (ESSID, BSSID, channel and encryption). The scope will then lock to the channel of the AP and listen promiscuously for all packets coming from the AP. The RSSI value will update every time a packet is observed from the AP and a chart at the bottom of the screen will show the activity of the AP in packets/sec. This will allow for better AP hunting. Pressing the SELECT button will return you to the scanning screen.

Wi-Fi Snoop

dopescope2_wifisnoop.png

The Wi-Fi Snoop mode allows you to observe more activity related to the AP. The device will tune to the channel used by the selected AP and begin listening for all packets to and from the AP. A list of clients will be shown. By default, the list is sorted by the time(secs) since the client was last seen, but by pressing the UP and DOWN buttons you can change this to sort by the last RSSI of the client or the total number of packets seen from the client. This mode allows for greater insight into client devices and will allow for finding rogue clients. Pressing the SELECT button will return you to the scanning screen.

BLE Scan

dopescope_blescan.png

The default BLE screen shows a survey very similar to the Wi-Fi SCAN mode. You will be able to see any BLE device in range as well as their RSSI and what capabilities are being advertised. Four flags represent the “Appearance Data,” “Manufacturer Data,” “Service Data” and “Service UUID” if available. Using the UP and DOWN buttons, you can scroll through the list of devices. Pressing the select button on a device will open a details page. If you scroll back to the top of the screen, the device will resume scanning. Pressing the SELECT button while actively scanning will return you to the main menu.

BLE Details

dopescope_blesdetails.png

The BLE details page is similar to the Wi-Fi details page. It will show the name of the BLE device (if advertised), the MAC address, the last observed RSSI (continually updated), seconds since last seen and the extended information included in the advertising frame. When possible, it will attempt to identify the manufacturer of the device if enough information is provided in the advertising frame. A chart in the lower half of the screen will show the RSSI over time to help locate the observed device. Pressing the SELECT button will return you to the BLE scan.

* Be aware that BLE devices regularly change their MAC addresses to avoid tracking. If a device seems to disappear, return to the scanning menu to try to relocate it.

Settings

The DopeScope uses a chuck of flash to store user configurable settings. You can set these in the settings menu and save them to flash. These settings are:

   Setting

   Description

   Default   

   BCL_SCANTIME   

   Seconds to scan for Bluetooth Classic Devices (not used)   

   3

   BCL_ACTIVE   

   Perform an active BLE scan (more accurate)   

   true   

   BCL_SCANTIME   

   Time to scan for BLE devices (seconds)   

   5   

   SHOW_SPLASH   

   Show boot splash screen   

   true   

   WIFI_BSSID   

   Show Wi-Fi BSID instead of ESSID   

   false   

   WIFI_DWELL   

   Time to dwell per channel (in 100ms)   

   3   

   WIFI_HIDDEN   

   Show hidden SSIDs   

   true   

   WIFI_PASSIVE   

   Use passive scanning for Wi-Fi (slower)   

   false   
dopescope2_settings.png