kSnarf is a tool written in Python that extracts various data points in real time or for a period of time in the past.
Point retention is handled by a local or remote PostgreSQL instance allowing for multi-user interaction.
Data visualization is left to the user. Some ideas that come to mind are Grafana, Plotly and Maltego.
The default usage for kSnarf is aimed at wireless traffic and works with any network card so long as it can drop to Monitor Mode at a minimum. piCopilot is one such tool leveraging the kSnarf libraries in this manner.
New public modules are added to kSnarf by request or as development takes place. Current development for kSnarf is focused on SDR.
Support for various things such as Ethernet monitoring (802.3), IDS or IPS, non-root code execution and so forth may be requested via chat.
- Any 802.11 NIC capable of Monitor mode
Install PostgreSQL locally
CREATE ROLE root WITH SUPERUSER LOGIN;
ALTER USER root WITH PASSWORD 'idrop';
CREATE DATABASE idrop;
python3 -m venv env
source env/bin/activate
python3 -m pip install RESOURCEs/*.tar.gz
Getting started with 802.11 (Scapy)
Modify ./system.conf if nothing else to ensure prop.nic makes sense, by default prop.nic is set to wlan1mon.
sudo python3 ./kSnarf.py
sudo psql idrop
SELECT * FROM main;
Getting started with 802.15 (Ubertooth One)
sudo python3 ./kBlue.py
sudo psql idrop
SELECT * FROM blue;
Getting started with TPMS (rtl_433)
The current implementation is a proof of concept which will be classed out and grown as more vendors are verified.
python3 ./kTpms.py
SELECT * FROM tpms;