Hardware-level identity spoofing toolkit for network, device, and browser fingerprint masking with multi-layer obfuscation
---
name: spoof-suite-hardware-identity
description: Hardware-level identity spoofing toolkit for network, device, and browser fingerprint masking with multi-layer obfuscation
triggers:
- spoof my hardware identifiers
- randomize device fingerprint
- mask network MAC address
- generate synthetic hardware profile
- configure hardware spoofing session
- create anonymized device identity
- setup multi-layer identity obfuscation
- implement adaptive entropy spoofing
---
# Hardware-HardSp00f Security Skill
> Skill by [ara.so](https://ara.so) — Security Skills collection.
## Overview
Hardware-HardSp00f is a comprehensive hardware-level identity spoofing toolkit that operates at the kernel-to-application boundary. It provides multi-layer obfuscation across ARP, DNS, SNI, device fingerprints, and browser headers while maintaining system performance and stability.
**Key Capabilities:**
- Hardware identity multiplexing (MAC, CPU, memory, storage fingerprints)
- Network protocol spoofing (ARP, DNS, SNI, packet manipulation)
- Browser fingerprint randomization (canvas, WebGL, user agents)
- Session-bound cryptographic isolation
- Adaptive entropy injection using hardware thermal noise
- Multi-OS support (Windows, Linux, limited macOS)
**Warning:** This tool is for authorized security testing and privacy research only. Unauthorized use may violate laws.
## Installation
### Linux Installation
```bash
# Clone repository
git clone https://github.com/Shantanu-U69/Spoof-Suite-Security.git
cd Spoof-Suite-Security
# Install dependencies
sudo apt-get update
sudo apt-get install -y build-essential linux-headers-$(uname -r) \
python3-pip libssl-dev libpcap-dev
# Build kernel module
cd kernel-module
make
sudo make install
sudo modprobe hardsp00f
# Install CLI tools
cd ../cli
pip3 install -r requirements.txt
sudo python3 setup.py install
# Verify installation
hardsp00fd --version
```
### Windows Installation
```powershell
# Download release from GitHub pages
# https://shantanu-u69.github.io/Spoof-Suite-Security/
# Extract archive
Expand-Archive -Path HardSp00f-Win-v3.2.1.zip -DestinationPath C:\HardSp00f
# Install driver (requires Administrator)
cd C:\HardSp00f\driver
.\install_driver.bat
# Add to PATH
$env:Path += ";C:\HardSp00f\bin"
[Environment]::SetEnvironmentVariable("Path", $env:Path, [System.EnvironmentVariableTarget]::Machine)
# Verify
hardsp00f.exe --version
```
## Core Commands
### Basic Daemon Operation
```bash
# Start spoofing daemon with default profile
sudo hardsp00fd --start
# Start with specific profile
sudo hardsp00fd --profile /etc/hardsp00f/profiles/stealth_session.yaml
# Start in adaptive mode with logging
sudo hardsp00fd --profile stealth_session \
--mode adaptive_multiplex \
--persistence until_reboot \
--verbose 3 \
--log /var/log/hardsp00f/session.log \
--daemonize
# Check status
sudo hardsp00fd --status
# Stop daemon
sudo hardsp00fd --stop
# Generate diagnostic report
sudo hardsp00fd --diagnose > /tmp/hardsp00f_diag.json
```
### Profile Management
```bash
# List available profiles
hardsp00f-cli profile list
# Generate new random profile
hardsp00f-cli profile generate --output custom_profile.yaml
# Validate profile
hardsp00f-cli profile validate stealth_session.yaml
# Apply profile to running daemon
sudo hardsp00f-cli profile apply custom_profile.yaml
# Export current active profile
sudo hardsp00f-cli profile export > current_config.yaml
```
### Network Interface Control
```bash
# Spoof specific interface
sudo hardsp00f-cli interface spoof eth0 --mac random
# Spoof all interfaces
sudo hardsp00f-cli interface spoof all --strategy rotating
# Restore original MAC
sudo hardsp00f-cli interface restore eth0
# Show current spoofed identities
hardsp00f-cli interface status
```
## Configuration
### Profile Structure
Create a profile at `/etc/hardsp00f/profiles/custom.yaml`:
```yaml
profile:
name: "research_session_2026"
persona:
architecture: "random_walk_plus_mode"
entropy_source: "hardware_thermal_noise"
randomization_interval: 3600 # seconds
device_fingerprint:
cpu:
vendor: ["GenuineIntel", "AuthenticAMD"]
model: ["Core i7-12700K", "Ryzen 9 5950X"]
cores: [8, 12, 16]
hyperthreading: true
cache_l3_mb: [16, 32, 64]
memory:
type: ["DDR4", "DDR5"]
total_gb: [16, 32, 64]
frequency_mhz: [3200, 4800, 6000]
manufacturer: ["Samsung", "Crucial", "G.Skill"]
storage:
model: ["Samsung 990 Pro", "WD Black SN850X", "Crucial P5 Plus"]
interface: "NVMe"
capacity_gb: [512, 1024, 2048]
network:
mac_vendor: ["Intel Corporation", "Realtek Semiconductor", "Broadcom"]
interface_type: "Gigabit Ethernet"
wireless_chipset: ["Intel Wi-Fi 6E AX210", "Qualcomm FastConnect 6900"]
spoofing_strategy:
arp:
enabled: true
interval_ms: 30000
jitter_percent: 15
gratuitous_arp: false
dns:
enabled: true
cache_poison_period: 120
resolver_rotation: true
resolvers: ["8.8.8.8", "1.1.1.1", "9.9.9.9"]
ttl_randomization: true
sni:
enabled: true
tls_version_probability:
"1.2": 0.3
"1.3": 0.7
cipher_suite_rotation: true
esni_support: true
browser_header:
enabled: true
user_agent_generator: "bayesian_decision_forest"
canvas_noise_level: 0.02
webgl_renderer: "ANGLE (Intel, Intel(R) UHD Graphics 630)"
screen_resolution: ["1920x1080", "2560x1440", "3840x2160"]
timezone_offset: "auto"
language_probability:
"en-US": 0.5
"en-GB": 0.2
"fr-FR": 0.1
"de-DE": 0.1
"ja-JP": 0.1
packet:
enabled: true
ttl_variation: [64, 128]
window_size: [65535, 32768, 16384]
tcp_timestamp: "random"
ip_id_strategy: "incremental_with_jitter"
persistence:
mode: "session_bound" # session_bound | reboot_persistent | manual
encryption_key_source: "ephemeral_volatile"
secure_wipe_on_exit: true
logging:
level: "info" # debug | info | warning | error
destination: "/var/log/hardsp00f/session.log"
rotation: "daily"
max_size_mb: 100
```
### Environment Configuration
Create `/etc/hardsp00f/hardsp00f.conf`:
```ini
[daemon]
pid_file = /var/run/hardsp00fd.pid
socket_path = /var/run/hardsp00f.sock
default_profile = /etc/hardsp00f/profiles/default.yaml
auto_start = false
[security]
require_root = true
allow_remote_control = false
api_key_env_var = HARDSP00F_API_KEY
entropy_pool_size = 4096
[performance]
max_cpu_usage_percent = 5
memory_limit_mb = 256
io_priority = idle
[network]
excluded_interfaces = lo,docker0,veth*
dns_cache_size = 1000
arp_table_size = 500
[ai_integration]
openai_enabled = false
openai_api_key_env = OPENAI_API_KEY
openai_model = gpt-4-turbo-2026
claude_enabled = false
claude_api_key_env = ANTHROPIC_API_KEY
privacy_mode = true
```
## Code Examples
### Python Library Usage
```python
#!/usr/bin/env python3
from hardsp00f import (
DeviceSpoofer,
NetworkSpoofer,
BrowserSpoofer,
ProfileGenerator
)
import os
# Initialize spoofing session
session = DeviceSpoofer(
profile_path='/etc/hardsp00f/profiles/stealth.yaml',
verbose=True
)
# Generate random hardware identity
session.generate_device_identity(
cpu_cores=8,
memory_gb=16,
entropy_source='thermal'
)
# Apply hardware spoofing
session.apply_hardware_spoof()
# Network-level spoofing
net_spoofer = NetworkSpoofer(interface='eth0')
net_spoofer.randomize_mac(vendor='Intel Corporation')
net_spoofer.enable_dns_rotation(resolvers=['8.8.8.8', '1.1.1.1'])
net_spoofer.enable_sni_spoofing(tls_version='1.3')
# Browser fingerprint spoofing
browser_spoofer = BrowserSpoofer()
user_agent = browser_spoofer.generate_user_agent(
browser='chrome',
os='windows',
architecture='x64'
)
canvas_fingerprint = browser_spoofer.generate_canvas_noise(level=0.02)
print(f"Generated User-Agent: {user_agent}")
print(f"Hardware Identity: {session.get_current_identity()}")
print(f"Network MAC: {net_spoofer.get_current_mac()}")
# Cleanup on exit
session.cleanup()
```
### CLI Scripting Example
```bash
#!/bin/bash
# automated_spoof_session.sh
set -e
PROFILE_DIR="/etc/hardsp00f/profiles"
LOG_DIR="/var/log/hardsp00f"
TIMESTAMP=$(date +%Y%m%d_%H%M%S)
# Generate unique profile for this session
echo "[+] Generating session profile..."
hardsp00f-cli profile generate \
--cpu-cores 8 \
--memory-gb 16 \
--network-vendor "Intel Corporation" \
--output "$PROFILE_DIR/session_${TIMESTAMP}.yaml"
# Start daemon with generated profile
echo "[+] Starting spoofing daemon..."
sudo hardsp00fd \
--profile "$PROFILE_DIR/session_${TIMESTAMP}.yaml" \
--mode adaptive_multiplex \
--persistence session_bound \
--log "$LOG_DIR/session_${TIMESTAMP}.log" \
--daemonize
# Wait for daemon initialization
sleep 5
# Verify spoofing is active
echo "[+] Verifying spoofing status..."
if sudo hardsp00fd --status | grep -q "Active"; then
echo "[✓] Spoofing daemon active"
else
echo "[✗] Failed to start daemon"
exit 1
fi
# Show current identities
echo "[+] Current spoofed identities:"
hardsp00f-cli interface status
# Run protected operation
echo "[+] Running protected operation..."
# Your actual workload here
# Example: curl, nmap, or application execution
# Cleanup
echo "[+] Cleaning up..."
sudo hardsp00fd --stop
rm -f "$PROFILE_DIR/session_${TIMESTAMP}.yaml"
echo "[✓] Session complete"
```
### Advanced Profile Generation with AI
```python
#!/usr/bin/env python3
import os
from hardsp00f.ai import LLMProfileGenerator
# Use AI to generate contextual profile
generator = LLMProfileGenerator(
provider='openai',
api_key=os.getenv('OPENAI_API_KEY'),
model='gpt-4-turbo-2026'
)
# Generate profile based on target environment
profile = generator.generate_profile(
context={
'target_region': 'North America',
'target_platform': 'Windows 11',
'target_application': 'Web Browser',
'stealth_level': 'high',
'session_duration': '4 hours'
},
output_path='/tmp/ai_generated_profile.yaml'
)
print(f"Generated profile: {profile.name}")
print(f"Entropy score: {profile.entropy_score}")
print(f"Anomaly risk: {profile.anomaly_risk}")
# Validate profile before use
validation_result = profile.validate()
if validation_result.is_valid:
profile.save('/etc/hardsp00f/profiles/ai_stealth.yaml')
print("[✓] Profile saved and ready for use")
else:
print(f"[✗] Validation failed: {validation_result.errors}")
```
## Common Patterns
### Session-Based Spoofing
```bash
# Start session
SESSION_ID=$(sudo hardsp00fd --start --profile stealth.yaml --output-session-id)
# Perform operations
curl -x socks5://localhost:9050 https://example.com
# End session and auto-cleanup
sudo hardsp00fd --stop-session "$SESSION_ID" --secure-wipe
```
### Interface-Specific Spoofing
```python
from hardsp00f import InterfaceManager
# Spoof only wireless interface
mgr = InterfaceManager()
wlan = mgr.get_interface('wlan0')
wlan.spoof_mac(strategy='rotating', interval=300)
wlan.spoof_hostname('random-device-{timestamp}')
# Keep wired interface unchanged
eth = mgr.get_interface('eth0')
eth.set_passthrough(True)
```
### Browser Integration
```python
from selenium import webdriver
from hardsp00f.browser import ChromeSpoofer
# Configure Chrome with spoofed fingerprint
spoofer = ChromeSpoofer()
chrome_options = spoofer.get_spoofed_options(
user_agent='auto',
canvas_noise=0.02,
webgl_vendor='Intel Inc.',
screen_resolution='1920x1080'
)
driver = webdriver.Chrome(options=chrome_options)
driver.get('https://browserleaks.com/canvas')
```
### Multi-Interface Rotation
```yaml
# rotation_profile.yaml
profile:
name: "rotation_mode"
spoofing_strategy:
rotation:
enabled: true
interfaces: ["eth0", "wlan0"]
interval_seconds: 600
strategy: "round_robin" # round_robin | random | weighted
preserve_connectivity: true
```
## Troubleshooting
### Kernel Module Not Loading
```bash
# Check kernel compatibility
uname -r
modinfo hardsp00f
# Rebuild for current kernel
cd kernel-module
make clean
make KVER=$(uname -r)
sudo make install
# Check dmesg for errors
dmesg | grep hardsp00f
# Load with debug output
sudo modprobe hardsp00f debug=1
```
### MAC Address Not Changing
```bash
# Check interface state
ip link show eth0
# Bring interface down before spoofing
sudo ip link set eth0 down
sudo hardsp00f-cli interface spoof eth0 --mac random
sudo ip link set eth0 up
# Verify change
ip link show eth0 | grep ether
# Check for NetworkManager interference
sudo systemctl stop NetworkManager
sudo hardsp00f-cli interface spoof eth0 --mac random
sudo systemctl start NetworkManager
```
### Daemon Crashes or Hangs
```bash
# Enable debug logging
sudo hardsp00fd --stop
sudo hardsp00fd --profile default.yaml --verbose 5 --log /tmp/debug.log
# Check resource usage
ps aux | grep hardsp00fd
cat /proc/$(pgrep hardsp00fd)/status
# Generate diagnostic bundle
sudo hardsp00fd --diagnose --output /tmp/hardsp00f_diag.tar.gz
# Check for conflicts with other security tools
lsmod | grep -E 'hardsp00f|macchanger|spooftooph'
```
### DNS Resolution Issues
```bash
# Verify DNS spoofing status
sudo hardsp00f-cli dns status
# Temporarily disable DNS spoofing
sudo hardsp00f-cli dns disable
# Check resolver list
cat /etc/resolv.conf
# Test DNS resolution
dig @8.8.8.8 example.com
# Re-enable with specific resolvers
sudo hardsp00f-cli dns enable --resolvers 1.1.1.1,8.8.8.8
```
### Permission Denied Errors
```bash
# Verify running as root
whoami
# Check file permissions
ls -la /etc/hardsp00f/
ls -la /var/log/hardsp00f/
# Fix permissions
sudo chown -R root:root /etc/hardsp00f
sudo chmod 700 /etc/hardsp00f
sudo chmod 600 /etc/hardsp00f/profiles/*.yaml
# Check capabilities
getcap /usr/bin/hardsp00fd
# Should show: cap_net_admin,cap_net_raw+ep
# Add capabilities if missing
sudo setcap cap_net_admin,cap_net_raw+ep /usr/bin/hardsp00fd
```
### Profile Validation Failures
```python
#!/usr/bin/env python3
from hardsp00f import ProfileValidator
validator = ProfileValidator()
result = validator.validate_file('/etc/hardsp00f/profiles/custom.yaml')
if not result.is_valid:
print("Validation errors:")
for error in result.errors:
print(f" - {error.field}: {error.message}")
# Auto-fix common issues
fixed_profile = validator.auto_fix(result.profile)
fixed_profile.save('/etc/hardsp00f/profiles/custom_fixed.yaml')
print("Fixed profile saved")
```
## Security Considerations
- **Root Access Required**: Most operations require root/administrator privileges
- **Legal Compliance**: Only use on systems you own or have authorization to test
- **Session Isolation**: Use `session_bound` persistence mode for maximum security
- **Entropy Quality**: Verify entropy source is hardware-based for best randomization
- **Log Management**: Regularly rotate and securely delete logs containing spoofed identities
- **API Keys**: Store all API keys in environment variables, never in profiles or code
```bash
# Secure environment setup
export HARDSP00F_API_KEY=$(cat /secure/storage/api_key.txt)
export OPENAI_API_KEY=$(cat /secure/storage/openai_key.txt)
export ANTHROPIC_API_KEY=$(cat /secure/storage/claude_key.txt)
# Launch with secure environment
sudo -E hardsp00fd --profile secure.yaml
```
Creator's repository · aradotso/security-skills