// the find
infobyte/doggie
Welcome to the Doggie and EvilDoggie repository by Faraday Security! Doggie is a modular DIY CAN Bus to serial adapter (USB, BLE, UART) using the slcan protocol, compatible with SocketCAN and python-can. EvilDoggie adds offensive features like dominant-override, spoofing and custom attacks for automotive security testing and research.
Doggie is a DIY CAN bus adapter firmware written in Rust, targeting RP2040, STM32F103 (Bluepill), and ESP32 boards with USB/UART/BLE connectivity via the slcan protocol. EvilDoggie is the same codebase's offensive sibling, adding dominant-override and spoofing attacks for automotive security research. It's for hardware hackers and automotive pen testers who want a cheap, buildable alternative to commercial CAN interfaces like CANtact or Kvaser.
The multi-target Rust workspace is cleanly separated: shared logic lives in doggie_core and evil_core, with per-MCU crates that only contain board-specific glue. That's real modularity, not fake modularity. slcan compatibility means you get SocketCAN and python-can for free without writing any host-side tooling. The evil_core attack engine uses a command builder pattern that lets you compose low-level CAN manipulation (bus-off, double-receive, spoofing) into higher-level attack sequences — that's a useful abstraction for research. Shipping prebuilt binaries in doggie_esp32/bin means someone without a Rust toolchain can still flash and test it.
The ESP32 firmware builds against esp-idf via esp-rs, which has a notoriously rough toolchain setup — the README doesn't warn you that you'll need to install the Xtensa LLVM fork and espup before anything compiles. BLE support exists only for ESP32, and looking at doggie_ble/src/server.rs the protocol is custom serial-over-BLE, not standard Nordic UART or anything python-can supports out of the box. The Bluepill (STM32F103) is listed as supported but its evil_doggie variant has a main.rs that defers entirely to evil_core — no documentation on what attacks actually work on that target given its limited peripheral set. 80 stars after a Black Hat presentation suggests the project hasn't gained traction beyond the Faraday Security team, which means you're largely on your own when something doesn't work.