Skip to content

Add Access Audit#1005

Open
matthewkayne wants to merge 9 commits intoflipperdevices:mainfrom
matthewkayne:matthewkayne/access_audit_v1.1.0
Open

Add Access Audit#1005
matthewkayne wants to merge 9 commits intoflipperdevices:mainfrom
matthewkayne:matthewkayne/access_audit_v1.1.0

Conversation

@matthewkayne
Copy link
Copy Markdown

@matthewkayne matthewkayne commented Apr 2, 2026
edited by xMasterX
Loading

Application Submission

  • Flipper Access Audit is a defensive security auditing tool for NFC and RFID access-control credentials. It allows users to scan cards (NFC, 125 kHz RFID, and HID iCLASS), automatically classify them (e.g. MIFARE Classic, DESFire, NTAG, HID formats), and generate an instant 0–100 risk score with a clear label (HIGH RISK / MODERATE / LOW RISK / SECURE). The app provides plain-English per-card recommendations, supports multi-scan sessions (up to 20 cards), and saves timestamped reports to the SD card. It also includes an on-device report viewer for reviewing past scans. The app performs all analysis passively without authentication or modification of card data, making it suitable for authorized security auditing, research, and system evaluation.

Extra Requirements

  • No extra hardware is required beyond the Flipper Zero device itself. The application uses the built-in NFC (13.56 MHz), 125 kHz RFID, and iCLASS capabilities. An SD card is required for saving and viewing session reports.

Author Checklist (Fill this out)

  • I've read the contribution guidelines and my PR follows them
  • I own the code I'm submitting or have code owner's permission to submit it
  • I have validated the manifest file(s) with python3 tools/bundle.py --nolint applications/CATEGORY/APPID/manifest.yml bundle.zip

Reviewer Checklist (Don't fill this out)

  • Bundle is valid
  • There are no obvious issues with the source code
  • I've ran this application and verified its functionality

xMasterX
xMasterX requested changes Apr 15, 2026
View reviewed changes
Copy link
Copy Markdown
Collaborator

@xMasterX xMasterX left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hello, app does not read NFC MF Classic 1k cards, tested with 2 verified working tags

@xMasterX xMasterX added the fixes needed Unresolved issues with the app requiring maintainer's attention label Apr 15, 2026
@matthewkayne
Copy link
Copy Markdown
Author

matthewkayne commented Apr 15, 2026

On cards of that spec it was reading for me. Could you send over a read dump (or any info) of one of the cards so I can solve the issue.

@xMasterX
Copy link
Copy Markdown
Collaborator

xMasterX commented Apr 15, 2026

MFC_1K_g.nfc.zip

Dump of the test card made on flipper

@matthewkayne
Copy link
Copy Markdown
Author

matthewkayne commented Apr 15, 2026

Thanks for the report and the dump - that was really helpful for tracking this down.

The root cause was MfClassicPollerEventTypeCardDetected firing before the first RequestReadSector event in MfClassicPollerModeRead. It was hitting the catch-all handler, setting a read-failed state and stopping the poller before sector 0 was ever requested. Fixed in v1.8.1 by handling CardDetected and DataUpdate explicitly with NfcCommandContinue.

Manifest updated to v1.8.1 - happy to hear if that resolves it on your end.

@matthewkayne
Copy link
Copy Markdown
Author

matthewkayne commented Apr 15, 2026

I have also just updated documentation

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@xMasterX xMasterX xMasterX requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

app (new) fixes needed Unresolved issues with the app requiring maintainer's attention

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@matthewkayne @xMasterX