Mirror/flock-you
1
0
Fork 0
mirror of https://github.com/colonelpanichacks/flock-you.git synced 2026-06-10 06:03:31 -07:00
Code Issues Packages Projects Releases Wiki Activity
4 Commits 4 Branches 0 Tags
56bad2bad35ea8bb2880280ad25381cfe15e954c
T
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Colonel Panic 56bad2bad3 Add files via upload
2025-08-22 07:25:49 -04:00
datasets
Add files via upload
2025-08-20 21:28:23 -04:00
src
Add files via upload
2025-08-22 07:12:03 -04:00
platformio.ini
Add files via upload
2025-08-20 21:28:23 -04:00
README.md
Add files via upload
2025-08-22 07:12:03 -04:00

README.md

Flock Squawk - Enhanced Flock Safety Detector

A PlatformIO project for the Xiao ESP32 S3 that detects Flock Safety cameras via multiple detection methodologies including WiFi sniffing, BLE scanning, MAC address detection, and device name patterns.

Enhanced Detection Methods

1. WiFi SSID Detection

  • Promiscuous Mode: Captures probe requests and beacon frames in real-time
  • Active Scanning: Monitors all WiFi traffic on 2.4GHz channels (1-13)
  • Detects SSIDs containing: "flock", "Flock", "FLOCK", "FS Ext Battery", "Penguin", "Pigvision"
  • Channel Hopping: Automatically cycles through channels every 2.5 seconds
  • Probe Request Monitoring: Captures device probe requests even for hidden networks

2. BLE Device Detection

  • Passive BLE scanning for nearby devices
  • MAC address prefix matching from known Flock Safety device ranges
  • Device name pattern matching in BLE advertisement data
  • Detects devices broadcasting names like "FS Ext Battery", "Penguin", etc.

3. MAC Address Detection

  • 35+ known MAC address prefixes from real Flock Safety devices
  • Covers multiple device types: FS Ext Battery, Penguin, Flock WiFi, Pigvision
  • Detects devices even when SSIDs are randomized or hidden

4. Device Name Detection

  • Pattern matching for device names in BLE advertisements
  • Case-insensitive matching for maximum detection coverage

Features

  • Multi-Method Detection: WiFi + BLE + MAC + Device Names
  • Promiscuous WiFi Monitoring: Captures probe requests and beacons in real-time
  • JSON Detection Output: Structured data with timestamps, RSSI, MAC addresses, and device info
  • Audio Alerts: Buzzer notifications with distinct sound patterns
  • Boot Sequence: Two beeps (low, medium) on startup
  • Detection Alert: Three consecutive high-pitch beeps when Flock device detected
  • Channel Hopping: Automatically cycles through 2.4GHz WiFi channels
  • Passive Operation: No signals transmitted, only receives and monitors

Hardware Requirements

  • Xiao ESP32 S3 board
  • Buzzer connected to GPIO3 (D2) and GND
  • USB-C cable for programming and power

Wiring

Xiao ESP32 S3    Buzzer
GPIO3 (D2)  ---> Positive (+)
GND         ---> Negative (-)

Installation

  1. Install PlatformIO (if not already installed):

    pip install platformio

  2. Clone or download this project

  3. Build and upload:

    cd flock-squawk
pio run --target upload

  4. Monitor serial output:

    pio device monitor

Usage

  1. Power on the device - you'll hear two beeps (low, then medium pitch)
  2. Wait for the device to start scanning (WiFi + BLE simultaneously)
  3. When a Flock Safety device is detected, you'll hear three consecutive high-pitch beeps
  4. Check the serial monitor for JSON detection output including:
    • Timestamp: Milliseconds since boot
    • Detection Type: "wifi" or "ble"
    • Detection Method: "probe_request", "beacon", "mac_prefix", "device_name"
    • RSSI: Signal strength in dBm
    • MAC Address: Full device MAC address
    • SSID: Network name (for WiFi detections)
    • Device Name: BLE advertised name (for BLE detections)
    • Matched Pattern: Specific pattern that triggered detection

Example JSON Output

WiFi Probe Request Detection:

{
  "timestamp": 45230,
  "type": "wifi",
  "detection_method": "probe_request",
  "ssid": "Flock-Cam-01",
  "rssi": -65,
  "mac": "70:c9:4e:12:34:56",
  "matched_pattern": "Flock"
}

BLE Device Detection:

{
  "timestamp": 47890,
  "type": "ble", 
  "detection_method": "mac_prefix",
  "mac": "58:8e:81:ab:cd:ef",
  "rssi": -72,
  "device_name": "FS Ext Battery",
  "matched_pattern": "58:8e:81"
}

Detection Coverage

WiFi Detection

  • Channels: 2.4GHz (1-13) with automatic channel hopping
  • Scan Method: WiFi promiscuous mode - captures all frames in real-time
  • Frame Types: Probe requests, beacon frames, and other management frames
  • SSID Patterns: 6 different patterns covering all known Flock Safety naming conventions
  • Channel Hop Interval: Every 2.5 seconds

BLE Detection

  • Scan Type: Passive scanning (no interference)
  • MAC Prefixes: 35+ known Flock Safety device MAC address ranges
  • Device Names: Pattern matching for 4 different device name types
  • Advertisement Parsing: Complete and short local name detection

MAC Address Ranges Detected

  • FS Ext Battery: 58:8e:81, cc:cc:cc, ec:1b:bd, 90:35:ea, 04:0d:84, f0:82:c0, etc.
  • Flock WiFi: 70:c9:4e, 3c:91:80, d8:f3:bc, 80:30:49, 14:5a:fc, etc.
  • Penguin: cc:09:24, ed:c7:63, e8:ce:56, ea:0c:ea, d8:8f:14, etc.
  • Pigvision: Various manufacturer-specific ranges

Technical Details

  • Framework: Arduino (with NimBLE for BLE)
  • Board: Xiao ESP32 S3
  • Buzzer Pin: GPIO3 (D2)
  • WiFi Channels: 2.4GHz (1-13)
  • Channel Hop Interval: 2.5 seconds per channel
  • JSON Output: Structured detection data with full device information
  • BLE Scanning: Continuous passive scanning
  • Detection Patterns: 6 SSID + 35 MAC + 4 Device Name patterns

Detection Accuracy

High Detection Rate

  • Multiple detection vectors ensure devices are caught even if one method fails
  • MAC address detection works regardless of SSID naming
  • BLE scanning detects devices that may not broadcast WiFi
  • Pattern matching covers various naming conventions

False Positive Reduction

  • Specific MAC address ranges from real device databases
  • Multiple pattern confirmation before alerting
  • Case-insensitive matching with exact pattern requirements

Limitations

  • Requires devices to be within WiFi/BLE range (~100m)
  • May miss devices using only cellular connectivity
  • Some devices may use randomized MAC addresses
  • Detection depends on devices actively broadcasting

Real-World Effectiveness

This enhanced system significantly improves detection rates by:

  1. Covering multiple communication protocols (WiFi + BLE)
  2. Using real device databases for accurate MAC address ranges
  3. Implementing pattern matching for various naming conventions
  4. Providing redundant detection methods for maximum coverage

Credits

Based on the original Flock Safety Trap Shooter Sniffer Alarm concept. Enhanced with real-world device data from multiple Flock Safety deployments.

Real-World Device Data

The detection patterns in this system are based on real device databases located in the datasets/ folder:

  • FS+Ext+Battery: 4,908 Flock Safety Extended Battery devices
  • Penguin: Large dataset of Penguin surveillance devices
  • Flock WiFi: Standard Flock Safety WiFi network data
  • Pigvision: Physical camera location data
  • Maximum Dots: Multi-manufacturer surveillance system data

See datasets/README.md for detailed information about the data sources and analysis.

License

Same as original project - see LICENSE file.

Reference in New Issue View Git Blame Copy Permalink
S
Description
No description provided
Readme 7.8 MiB
Languages
HTML 50.4%
Python 30.6%
C++ 19%