---

🎯 Overview

NullSec CAN Bus is an automotive security toolkit for analyzing Controller Area Network (CAN) traffic. It provides tools for passive monitoring, active injection, protocol fuzzing, and ECU identification — essential for automotive penetration testing and research.

⚡ Features

Feature	Description
CAN Sniffer	High-speed CAN frame capture with filtering and logging
Frame Injector	Craft and inject arbitrary CAN frames
Bus Fuzzer	Intelligent CAN ID and data field fuzzing
ECU Scanner	Discover and fingerprint ECUs on the bus
DBC Parser	Import/export DBC files for signal decoding
Replay Attack	Record and replay CAN traffic sequences
UDS Client	Unified Diagnostic Services (ISO 14229) scanner
Anomaly Detector	Baseline CAN traffic and detect deviations

🔧 Supported Interfaces

Interface	Connection	Status
SocketCAN (Linux)	Any CAN adapter	✅ Full
PCAN-USB	USB-to-CAN	✅ Full
CANtact	USB-to-CAN	✅ Full
ELM327	OBD-II port	✅ Full
Kvaser Leaf	USB-to-CAN	⚠️ Beta
Virtual CAN (vcan)	Testing	✅ Full

🚀 Quick Start

# Set up CAN interface
sudo ip link set can0 type can bitrate 500000
sudo ip link set can0 up

# Sniff CAN traffic
nullsec-canbus sniff --interface can0 --filter 0x7E0-0x7EF

# Scan for ECUs
nullsec-canbus ecu-scan --interface can0

# Fuzz CAN IDs
nullsec-canbus fuzz --interface can0 --range 0x000-0x7FF --delay 10ms

# UDS diagnostic scan
nullsec-canbus uds --interface can0 --target 0x7E0

# Record and replay
nullsec-canbus record --interface can0 -o session.canlog
nullsec-canbus replay session.canlog --interface can0

🔗 Related Projects

Project	Description
nullsec-carfuzz	Automotive protocol fuzzer
nullsec-keyfob	Key fob & immobilizer analysis
blackflag	PineFlip device manager
nullsec-sdr	RF signal analysis
nullsec-linux	Security Linux distro (140+ tools)

⚠️ Legal

For authorized automotive security testing only. Never test on vehicles in traffic or without explicit authorization from the vehicle owner.

📜 License

MIT License — @bad-antics

---