{"id":21599236,"url":"https://github.com/t04glovern/traffic-cop","last_synced_at":"2025-07-24T15:35:51.495Z","repository":{"id":102176811,"uuid":"151951296","full_name":"t04glovern/traffic-cop","owner":"t04glovern","description":"WiFi Beacon \u0026 Client sniffing pipeline for analysing the movements of Human Traffickers.","archived":false,"fork":false,"pushed_at":"2018-10-09T16:51:29.000Z","size":3710,"stargazers_count":13,"open_issues_count":0,"forks_count":4,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-07-19T15:44:44.935Z","etag":null,"topics":["aws-cloudformation","aws-dynamodb","aws-iot","aws-serverless","esp8266","espressif","wifi-scanner"],"latest_commit_sha":null,"homepage":"http://traffic-cop.s3-website-us-east-1.amazonaws.com/","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/t04glovern.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2018-10-07T14:41:25.000Z","updated_at":"2025-07-02T19:18:21.000Z","dependencies_parsed_at":null,"dependency_job_id":"38026909-e7a6-474f-b81a-325767e13fe0","html_url":"https://github.com/t04glovern/traffic-cop","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/t04glovern/traffic-cop","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/t04glovern%2Ftraffic-cop","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/t04glovern%2Ftraffic-cop/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/t04glovern%2Ftraffic-cop/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/t04glovern%2Ftraffic-cop/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/t04glovern","download_url":"https://codeload.github.com/t04glovern/traffic-cop/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/t04glovern%2Ftraffic-cop/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266862632,"owners_count":23996867,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-24T02:00:09.469Z","response_time":99,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws-cloudformation","aws-dynamodb","aws-iot","aws-serverless","esp8266","espressif","wifi-scanner"],"created_at":"2024-11-24T18:14:46.783Z","updated_at":"2025-07-24T15:35:51.485Z","avatar_url":"https://github.com/t04glovern.png","language":"C++","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Traffic Cop\n\n[http://traffic-cop.s3-website-us-east-1.amazonaws.com/](http://traffic-cop.s3-website-us-east-1.amazonaws.com/)\n\nWiFi Beacon \u0026 Client sniffing pipeline for analysing the movements of Human Traffickers.\n\n![img/web-demo.png](img/web-demo.png)\n\n## Authors\n\n* Nathan Glover [@nathangloverAUS (Twitter)](https://twitter.com/nathangloverAUS), [@t04glovern (Github)](https://github.com/t04glovern)\n* Stephen Mott [@SrzStephen (Github)](https://github.com/SrzStephen)\n* Rico Beti [@SilentyByte (Github)](https://github.com/SilentByte)\n\n## Proof of Concept\n\n![img/poc-circuit.jpg](img/poc-circuit.jpg)\n\n## Circuit Diagram\n\n![circuit/circuit-diagram_bb.jpg](circuit/circuit-diagram_bb.jpg)\n\n### BOM\n\n* [2x NodeMCU 1.0 (ESP 12 E Module)](https://www.amazon.com/NodeMCU-ESP8266-Microcontroller-Arduino-Makerdo/dp/B07BGCF3NY)\n* [1x U-blox NEO-6M GPS Module](https://core-electronics.com.au/u-blox-neo-6m-gps-module.html)\n* 1x ~200kΩ+ Resistor\n* 5x M2M Jumper Wires\n\n## Architecture\n\n![img/aws-architecture.png](img/aws-architecture.png)\n\n## Deploying CF\n\n### IoT Vending Machine\n\nDeploys a IoT Vending machine instances that can be used to generate certificates for new devices\n\n```bash\naws cloudformation create-stack --stack-name \"TrafficCop-IoT-Vending-Machine\" \\\n--template-body file://aws/Iot-Certificate-Vending-Machine.json \\\n--parameters file://aws/Iot-Certificate-Vending-Machine-Params.json \\\n--capabilities CAPABILITY_IAM\n```\n\n#### Create Device\n\nCheck the outputs from your cloudformation stack and retrieve the *RequestUrlExample*, It'll look like the following:\n\n```bash\nhttps://\u003capi-gateway-id\u003e.execute-api.us-east-1.amazonaws.com/LATEST/getcert?serialNumber=value1\u0026deviceToken=value2\n```\n\nCreate a new item in the DynamoDB instance that was created by the previous CloudFormation script (the DB is called deviceInfo)\n\n![img/dynamodb-deviceInfo.png](img/dynamodb-deviceInfo.png)\n\n* **serialNumber**: This should be something unique and will be the identifier for the IoT device you are onboarding (*e.g. gps-glover-01*)\n* **deviceToken**: This should be a private hash/secret that you will use to generate certificates for your new device securely (*e.g. 572589798725*)\n\nSubstitute these two into your API Gateway query\n\n```bash\nhttps://\u003capi-gateway-id\u003e.execute-api.us-east-1.amazonaws.com/LATEST/getcert?serialNumber=gps-glover-01\u0026deviceToken=572589798725\n```\n\nYou'll be returned a json response:\n\n```json\n{\n    \"certificateArn\": \"arn:aws:iot:us-east-1:\u003caccount-id\u003e:cert/009ff6ee0.........\",\n    \"certificateId\": \"009ff6ee092e......\",\n    \"certificatePem\": \"-----BEGIN CERTIFICATE-----\\nMIIDWTCCAkGgAwIBAgIUZiIgLi......-----END CERTIFICATE-----\\n\",\n    \"keyPair\": {\n        \"PublicKey\": \"-----BEGIN PUBLIC KEY-----\\nMIIBIjANBgkqhkiG9w0BAQEFAAO.......-----END PUBLIC KEY-----\\n\",\n        \"PrivateKey\": \"-----BEGIN RSA PRIVATE KEY-----\\nMIIEpAIBAAKCAQ........-----END RSA PRIVATE KEY-----\\n\"\n    },\n    \"RootCA\": \"-----BEGIN CERTIFICATE-----\\r\\nMIIE0zCCA7ugAwIBAgIQGNrRniZ96Lt........-----END CERTIFICATE-----\"\n}\n```\n\nPlace the outputs for each of the three fields below into new files in [esp8266-gps/certs](esp8266-gps/certs)\n\n* **esp8266-gps/certs/certificate.pem.crt**: certificatePem\n* **esp8266-gps/certs/private.pem.key**: keyPair.PrivateKey\n* **esp8266-gps/certs/root-CA.pem**: RootCA\n\nFollow the instructions in [esp8266-gps/README.md](esp8266-gps/README.md) on how to convert and upload these certificates to the ESP8266\n\n### DynamoDB Instance\n\nDeploys the DynamoDB table + an action rule to push data from a topic into said Dynamo instance\n\n```bash\naws cloudformation create-stack --stack-name \"TrafficCop-IoT-TopicRule\" \\\n--template-body file://aws/IoT-TopicRule.json \\\n--parameters file://aws/IoT-TopicRule-Params.json \\\n--capabilities CAPABILITY_IAM\n```\n\n### DynamoDB API\n\nBuild the API zip\n\n```bash\ncd api\n./package-lambda.sh\n```\n\nUpload the API to S3 bucket (this same S3 bucket should be used in the Parameters of the `aws/DynamoDB-Frontend-Params.json` file)\n\n```bash\ncd api\naws s3 cp dynamodb-api.zip s3://waanimals-deployment-scripts/traffic-cop/dynamodb-api.zip\n```\n\nDeploy the API to CloudFormation\n\n```bash\naws cloudformation deploy --template-file aws/DynamoDB-Frontend.json \\\n--stack-name \"TrafficCop-DynamoDB-API\" \\\n--capabilities CAPABILITY_IAM\n```\n\nRetrieve the stacks API endpoint\n\n```bash\naws cloudformation describe-stacks --stack-name \"TrafficCop-DynamoDB-API\"  --query Stacks[].Outputs[].OutputValue[] --output text\n```\n\nPlace the output from this command into the `frontend/index.html` file under replacing the `api_gateway_url` variable.\n\n```html\nvar api_gateway_url = 'https://\u003capi_gateway_id\u003e.execute-api.us-east-1.amazonaws.com/prod';\n```\n\n### Frontend\n\nDeploy the frontend HTML to an S3 bucket with site capability\n\nThe bucket policy should be the following for public access\n\n```json\n{\n    \"Version\": \"2012-10-17\",\n    \"Statement\": [\n        {\n            \"Sid\": \"PublicReadGetObject\",\n            \"Effect\": \"Allow\",\n            \"Principal\": \"*\",\n            \"Action\": [\n                \"s3:GetObject\"\n            ],\n            \"Resource\": [\n                \"arn:aws:s3:::traffic-cop/*\"\n            ]\n        }\n    ]\n}\n```\n\nPush the frontend to the bucket.\n\n```bash\naws s3 sync frontend/ s3://traffic-cop/\n```\n\n### Extras\n\nThe `db_tools` can be used in order to add new entries to the DynamoDB instance manually while testing. To use it simply run `npm install` then `npm run test`. You will need to also change the DynamoDB instance name in `db_tools/test.js` first.\n\n### Deploy to SAM\n\n#### Create a bucket\n\n```bash\naws s3 mb s3://traffic-cop-api --region us-east-1\n```\n\n#### Package\n\n```bash\nsam package --template-file aws/DynamoDB-Frontend.json \\\n--s3-bucket traffic-cop-api \\\n--output-template-file aws/packaged.yaml\n```\n\n#### Deploy\n\n```bash\nsam deploy --template-file ./aws/packaged.yaml \\\n--stack-name \"traffic-cop-query-engine\" \\\n--capabilities CAPABILITY_IAM\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ft04glovern%2Ftraffic-cop","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ft04glovern%2Ftraffic-cop","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ft04glovern%2Ftraffic-cop/lists"}