https://github.com/sekhan/nightpi

An all-in-one briefcase for pentesting, OSINT and radio exploration
https://github.com/sekhan/nightpi

briefcase osint pentesting radio raspberry-pi

Last synced: about 2 months ago
JSON representation

An all-in-one briefcase for pentesting, OSINT and radio exploration

• Host: GitHub
• URL: https://github.com/sekhan/nightpi
• Owner: Sekhan
• Created: 2019-05-01T18:18:34.000Z (over 5 years ago)
• Default Branch: master
• Last Pushed: 2019-07-02T15:51:37.000Z (over 5 years ago)
• Last Synced: 2024-02-17T20:36:10.627Z (11 months ago)
• Topics: briefcase, osint, pentesting, radio, raspberry-pi
• Homepage:
• Size: 10.4 MB
• Stars: 77
• Watchers: 6
• Forks: 5
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        




**Based on a Raspberry Pi 3B+ with Kali Linux  installed, the "NightPi" is a briefcase designed to learn and perform penetration testing, investigation (OSINT) and radio exploration.**

This repository contain usefull informations, in the hope you'll be inspired for a similar project :wink:



  

   



### Offline database



While Kali Linux come with a incredible amount of software, if you want to learn how to use them, you'll need to rely on a internet connection and search for each documentation separately. **Centralizing all these usefull informations in one database by using a open source software like HTTrack is way more convenient :)**

For each site, you may have to change some parameters (especially in `limits` panel, depending on the structure of the website). 

**Here is the general options that you can apply :**

- *Scan rules* (to prevent to download unwanted files) :

`+*.png +*.gif +*.jpg +*.jpeg

+*.css +*.js -ad.doubleclick.net/* -mime:application/foobar

-*.zip -*.tar -*.tgz -*.gz

-*.rar -*.z -*.exe -*.7z -*.pdf -*.xz -*.iso`

- *Build* : activate `No error page` and `No external page`

- *Link* : activate `Attempt to detect all links`, `Get non-html files related to a link`, `Test validity of all links`

and `Get HTML files first`

- *Log, index, cache* : activate `Force to store all files in cache`

To learn how to use it, I strongly recommand to have a look on the website : https://www.httrack.com/html/index.html

### Extra tools

Some interesting tools to perform OSINT and radio exploration has been added :

- Sherlock  => A command-line tool used to scan many social network (like Facebook, Twitter, Tinder...) to find a user's account. All requests can be made over TOR.

- GQRX  => A software-defined radio that allow you to demodulate AM, FM and SSB and is compatible with many hardware (RTL-SDR, HackRF, BladeFR...).

- Twint  => This advanced Twitter OSINT tool allow you to scrap a user's Tweet, followers... without any API required.

- Photon  => A command-line tool that allow you to extract data of a website (subdomain, picture, email adress...).

- Keytap  => Theses experimental tools can be used for analyzing mechanical keyboard input with microphone capture to predict the content of a written text.

- Exiftool  => A command-line tool used to analyze, modify and erase metadata in a wide variety of file (supported format include JPEG, PNG, DOC, MP4...).

Even if I wasn't able to install it, you might also have a look at this last program. **Based on TEMPEST attack, a technic discovered by the National Security Agency in the 70's, this tool allow you to eavesdrop unintentional electromagnetic emanations** that come from cables carrying video signals and converted back into a live image of what is displayed on the screen.

### Enhanced security browser

Due to incompatibility of Tor Browser with Raspberry's architecture (ARM), **one possible alternative is to install Mozilla Firefox (ERS) and drastically renforced its security**. 

> (1) These **open-source add-on** has been added : uBlock Origin, Privacy Badger, HTTPS Everywhere, Cookie Autodelete, Decentralised and Noscript.

> (2) To use **Firefox over TOR**, you need to install it and set up a proxy in *Connection setting* : 

`SOCKS Host : 127.0.0.1`, `Port : 9050`, `SOCKS v5` and activate `Remote DNS`

> (3) Regarding **fingerprint protection**, you'll have to configure `about:config` by your own, depending on the level of protection you need. Remember that theses modifications might break some websites and prevent them to load correctly.

>> :wrench: Here are some usefull ressources for creating your own settings. Don't hesitate to also use theses tools to test your browser security/fingerprint !

>> :warning: **Fingerprint tracking techniques are very complex** and new ones continue to be developped, as this example clearly illustrate. **You have to keep in mind that :**

>> - The fact of non-giving an information (ex: disable `media.navigator.enabled`) can also be an information.

>> - The more you modified your browser, the more you will stick out from the masse

>> - Your browser value will remain fixed

> (4) **By default, your browser trust 100 % of Certificate Authorities (CAs)**, which is a bad security practice ! In addition to the risk of a MIMT ("Man In The Middle"), some shady companies are also seeking to be approved as a top-level CA. This extension might help you to trust only a restricted number of CAs.

## Hardware

Here is the hardware that I've used. Feel free to choose them according to your needs (dimension, powerfull equipment...). 

**Cost estimated :** around 500 $

| **Raspberry Pi 3B+** | **64GB SD Card** | **Wired keyboard** | **External Hard Drive** | **Portable screen** |

| :---: | :---: | :---: | :---: | :---: |

|**RFID RC 522** | **RTL-SDR** | **Wireless module** | **Battery** | **USB cable** |

| **Powered USB hub** | **Fans** |  **Briefcase** | **Foldable headphone** | **Jack cable** |



If you're interested about making one, here are some tips :

- **Try to privilege full-aluminium briefcase** instead of a plastic/aluminium mix (which, in addition, are often made with cardboard inside). It will probably be a bit more expensive, but more resistant and easier to work on.

- **Avoid using low-quality fixer like glue or nails**, prefer screws and nuts. Keep in mind that, if something needs to be fixed, you'll prefer to be able to easily disassembled it and work on it.

- **Check the voltage/amperage of your hardware, they will have an impact on your battery size !**

- **Draw a plan of the inside, including all component's size**. It is very important to make sure that you have enough space before buying everything, because you'll probably need more than expected.

## Further improvements

- [ ] Battery-capacity monitoring

- [ ] Full-disk encryption

- [ ] Better range for WIFI and radio