PandwaRF Rogue Pro

From Embedded Lab Vienna for IoT & Security
Jump to navigation Jump to search
Name PandwaRF Rogue Pro
Manufacturer ComThings
Technologies USB, Supports ASK/OOK/MSK/2-FSK/GFSK modulation, 300-928 MHz band, 10000 Bits/s data rate
Included equipment 1x bag, 1x PandwaRF Rogue Pro, 3x Antennas (300-400MHZ, 400-500MHZ, 800-1000MHZ range), 1x micro USB to USB C cable


Bluetooth Smart (BLE) to Sub-1 GHz module. PandwaRF (formerly GollumRF) is a RF analysis tool with a sub-1 GHz wireless transceiver controlled by a smartphone or a PC


General Overview

PandwaRF is a Radio Frequency hacking tool used to:[1]


  • Capture any data in ASK/OOK/MSK/2-FSK/GFSK modulation from the frequency range: 300-348 MHz, 391-464 MHz and 782-928 MHz
  • Transfer the captured data to your smartphone & save/share it
  • Send the captured data in JSON to your own server for post-processing
  • Write your own scripts or use a provided one


  • Transmit previously captured data or write your own
  • Transmit data from a smartphone or directly from PandwaRF
  • Brute force with a predefined transmission pattern (encoders or devices)
  • Transmit power: +10dBm


  • Visualize the frequency used by any device using the PandwaRF built-in Spectrum Analyzer
  • Directly show the maximum and average RSSI for a specific frequency band

    Technical Overview

    PandwaRF is composed of 2 elements:

  • PandwaRF HW dongle
  • PandwaRF Android application

    PandwaRF HW dongle

    The PandwaRF dongle contains[2]:

  • Bluetooth Smart Module ISP130301, based on nRF51
  • CC1111 Low-Power SoC with Sub-1 GHz RF Transceiver
  • 16 Mbit Flash Memory to save custom RF protocols
  • Rechargeable battery powered for stand-alone operation
  • Battery fuel gauge
  • SMA connector
  • 4 buttons
  • 4 Status LEDs
  • Debug connectors & GPIOs

    Possible applications

  • Receive keyfobs transmission (car, alarm, gate opener, …)
  • Replay captured transmission from keyfobs
  • Replay a modified captured transmission
  • Transmit your own custom payload
  • Capture RF data and transmit it on another frequency
  • Brute force wireless devices (alarms, gate openers etc)[3]
  • Spectrum Analyzer
  • Find the frequency used by a RF device
  • Reverse engineer unknown protocols
  • Measure the data rate of a transmission
  • Check the RF jam-resistance of your own devices
  • Send captured data to a server for post-processing
  • Write custom Javascript scenarios
  • Develop your own Android application

    Hardware Antennas

    In its antenna pack version, PandwaRF is shipped with 3 miniature SMA antennas (315/433/868-915 MHz).

    Using the proper antenna is critical to have good RF performance. Antennas are labelled with the first digit of their frequency band:

  • 3 for 315 MHz,
  • 4 for 433 MHz,
  • 8/9 for 868/915 MHz


    PandwaRF is a test equipment for RF systems. It has not been tested for compliance with the regulations governing the transmission of radio signals. You are responsible for using your PandwaRF legally. The intentional jamming of RF signals is ILLEGAL. PandwaRF should only be used for testing the robustness of your own devices.