Add satellite countdown, Leaflet map, theme toggle, and UI improvements

- Replace canvas aircraft map with Leaflet.js + OpenStreetMap
- Add dark/light theme toggle with localStorage persistence
- Add satellite pass countdown with live timer
- Add countdown to satellite popout with selectable passes
- Add client probe analysis for WiFi privacy leak detection
- Hide waterfall and output console in satellite mode
- Fix satellite countdown to update when selecting different passes
- Update documentation with new features

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

README.md

@@ -8,12 +8,12 @@
 </p>
 
 <p align="center">
-  <strong>Signal Intelligence</strong>
+  <strong>Signal Intelligence Platform</strong>
 </p>
 
 <p align="center">
   A sleek, modern web-based front-end for signal intelligence tools.<br>
-  Unified interface for pager decoding, 433MHz sensors, WiFi reconnaissance, and Bluetooth scanning.
+  Unified interface for pager decoding, 433MHz sensors, ADS-B aircraft tracking, satellite monitoring, WiFi reconnaissance, and Bluetooth scanning.
 </p>
 
 ## Screenshot
@@ -27,8 +27,10 @@ INTERCEPT is a **web-based front-end** that provides a unified, modern interface
 
 - **rtl_fm + multimon-ng** - For decoding POCSAG and FLEX pager signals
 - **rtl_433** - For decoding 433MHz ISM band devices (weather stations, sensors, etc.)
-- **aircrack-ng / kismet** - For WiFi reconnaissance and network analysis
-- **hcitool / bluetoothctl / ubertooth** - For Bluetooth device scanning and tracking
+- **dump1090 / rtl_adsb** - For ADS-B aircraft tracking with real-time map visualization
+- **Satellite tracking** - Pass prediction and Iridium burst detection using TLE data
+- **aircrack-ng** - For WiFi reconnaissance and network analysis
+- **hcitool / bluetoothctl** - For Bluetooth device scanning and tracking
 
 Instead of running command-line tools manually, INTERCEPT handles the process management, output parsing, and presents decoded data in a clean, real-time web interface.
 
@@ -36,39 +38,126 @@ Instead of running command-line tools manually, INTERCEPT handles the process ma
 
 ## Features
 
-### Pager Decoding
+### 📟 Pager Decoding
 - **Real-time decoding** of POCSAG (512/1200/2400) and FLEX protocols
 - **Customizable frequency presets** stored in browser
 - **Auto-restart** on frequency change while decoding
 
-### 433MHz Sensor Decoding
+### 📡 433MHz Sensor Decoding
 - **200+ device protocols** supported via rtl_433
 - **Weather stations** - temperature, humidity, wind, rain
 - **TPMS** - Tire pressure monitoring sensors
 - **Doorbells, remotes, and IoT devices**
 - **Smart meters** and utility monitors
 
-### WiFi Reconnaissance
+### ✈️ ADS-B Aircraft Tracking
+- **Real-time aircraft tracking** via dump1090 or rtl_adsb
+- **Interactive Leaflet map** with OpenStreetMap tiles
+- **Dark-themed map** matching application aesthetic
+- **Aircraft details** - callsign, altitude, speed, heading, squawk
+- **Click aircraft markers** for detailed popup information
+- **Auto-fit view** to show all tracked aircraft
+- **Emergency aircraft highlighting** in red
+
+### 🛰️ Satellite Tracking
+- **Pass prediction** for satellites using TLE data
+- **Add satellites** via manual TLE entry or Celestrak import
+- **Celestrak integration** - fetch satellites by category (Amateur, Weather, ISS, Starlink, etc.)
+- **Iridium burst detection** monitoring
+- **Next pass countdown** with elevation and duration
+- **Multiple satellite tracking** simultaneously
+
+### 📶 WiFi Reconnaissance
 - **Monitor mode** management via airmon-ng
-- **Network scanning** with airodump-ng or Kismet
+- **Network scanning** with airodump-ng
 - **Channel hopping** or fixed channel monitoring
 - **Deauthentication attacks** for authorized testing
-- **Handshake capture** for WPA/WPA2 networks
-- **Channel utilization** visualization (2.4GHz)
+- **Handshake capture** with real-time status and auto-detection
+- **Channel utilization** visualization (2.4GHz and 5GHz)
 - **Security overview** chart (WPA3/WPA2/WEP/Open)
 - **Real-time radar** display of nearby networks
+- **Client vendor lookup** via OUI database
+- **Proximity alerts** - watch list for specific MAC addresses
 
-### Bluetooth Scanning
+#### 🚁 Drone Detection
+- **Automatic detection** of drones via SSID patterns and manufacturer OUI
+- **Supported brands**: DJI, Parrot, Autel, Skydio, Holy Stone, and many more
+- **Distance estimation** from signal strength
+- **Visual alerts** with triple audio notification
+- **Clickable drone counter** - view all detected drones with details
+
+#### ⚠️ Rogue AP Detection
+- **Automatic detection** of same SSID on multiple BSSIDs
+- **Clickable counter** - view which SSIDs triggered alerts
+- **Detailed popup** showing all BSSIDs, channels, and signal strength
+
+#### 📈 Signal History Graph
+- **Real-time line chart** showing signal strength over time
+- **Track any device** - click the 📈 button on any network
+- **Visual movement detection** - see devices approaching or departing
+
+#### 🕸️ Network Topology Graph
+- **Visual map** of all access points and connected clients
+- **Color-coded nodes** - cyan for APs, green for clients, orange for drones
+- **Auto-updating** as new devices are discovered
+
+#### 💡 Channel Recommendation
+- **Automatic analysis** of channel congestion
+- **Recommends optimal channels** for both 2.4GHz and 5GHz
+- **Considers channel overlap** for accurate 2.4GHz recommendations
+
+#### 👁️ Hidden SSID Revealer
+- **Captures hidden SSIDs** from probe requests
+- **Displays revealed networks** with BSSID mapping
+- **Desktop notifications** when new hidden SSIDs are revealed
+
+#### 🔗 Device Correlation
+- **Matches WiFi and Bluetooth devices** with same manufacturer
+- **OUI-based correlation** to identify multi-radio devices
+- **Useful for tracking** devices across protocols
+
+#### 📡 Client Probe Analysis
+- **Track client probe requests** - see what networks devices are looking for
+- **Privacy leak detection** - highlights sensitive network names (home, office, hotel, airport)
+- **Vendor identification** - shows device manufacturer
+- **Sorted by exposure** - most revealing clients shown first
+- **Unique SSID counter** - total unique networks being probed
+
+### 🔵 Bluetooth Scanning
 - **BLE and Classic** Bluetooth device scanning
-- **Multiple scan modes** - hcitool, bluetoothctl, Ubertooth, Bettercap
+- **Multiple scan modes** - hcitool, bluetoothctl
 - **Tracker detection** - AirTag, Tile, Samsung SmartTag, Chipolo
 - **Device classification** - phones, audio, wearables, computers
 - **Manufacturer lookup** via OUI database
-- **Service enumeration** via SDP
-- **L2CAP ping** for device reachability
 - **Proximity radar** visualization
 - **Device type breakdown** chart
 
+### 🔔 Browser Notifications
+- **Desktop notifications** for critical events (even when tab is in background)
+- **Alerts for**: Drone detection, Rogue APs, Handshake capture, Hidden SSID reveals
+- **Permission requested** on first interaction
+
+### ❓ Help System
+- **Built-in help page** accessible via ? button in header
+- **Icon legend** for all stats bar icons
+- **Mode-by-mode guides** with tips and instructions
+- **Keyboard shortcut**: Press Escape to close
+
+### 🎨 User Interface
+- **Collapsible sections** - click any header to collapse/expand
+- **Icon-based stats bar** with tooltips
+- **Tabbed mode selector** with icons (grouped by SDR/RF and Wireless)
+- **Compact, modern design** with consistent styling
+- **Dark/Light theme toggle** - click moon/sun icon in header, preference saved
+- **Keyboard shortcuts** - F1 or ? to open help
+
+### ⌨️ Keyboard Shortcuts
+| Key | Action |
+|-----|--------|
+| F1 | Open help |
+| ? | Open help (when not typing) |
+| Escape | Close help/modals |
+
 ### General
 - **Web-based interface** - no desktop app needed
 - **Live message streaming** via Server-Sent Events (SSE)
@@ -82,23 +171,46 @@ Instead of running command-line tools manually, INTERCEPT handles the process ma
 - **Disclaimer acceptance** on first use
 - **Auto-stop** when switching between modes
 
+---
+
+## Stats Bar Icons
+
+| Icon | Meaning |
+|------|---------|
+| 📟 | POCSAG messages decoded |
+| 📠 | FLEX messages decoded |
+| 📨 | Total messages received |
+| 🌡️ | Unique sensors detected |
+| 📊 | Device types found |
+| ✈️ | Aircraft being tracked |
+| 🛰️ | Satellites being monitored |
+| 📡 | WiFi Access Points |
+| 👤 | Connected WiFi clients |
+| 🤝 | Captured handshakes |
+| 🚁 | Detected drones (click for details) |
+| ⚠️ | Rogue APs (click for details) |
+| 🔵 | Bluetooth devices |
+| 📍 | BLE beacons detected |
+
+---
 
 ## Requirements
 
 ### Hardware
 - RTL-SDR compatible dongle (RTL2832U based)
+- WiFi adapter capable of monitor mode (for WiFi features)
+- Bluetooth adapter (for Bluetooth features)
 
 ### Software
 - Python 3.7+
 - Flask
+- requests (for Celestrak API)
 - rtl-sdr tools (`rtl_fm`)
 - multimon-ng (for pager decoding)
 - rtl_433 (for 433MHz sensor decoding)
+- dump1090 or rtl_adsb (for ADS-B aircraft tracking)
 - aircrack-ng (for WiFi reconnaissance)
-- kismet (optional, alternative WiFi scanner)
-- BlueZ tools - hcitool, bluetoothctl, sdptool, l2ping (for Bluetooth)
-- Ubertooth tools (optional, for advanced BLE sniffing)
-- Bettercap (optional, alternative BLE scanner)
+- BlueZ tools - hcitool, bluetoothctl (for Bluetooth)
 
 ## Installation
 
@@ -175,7 +287,27 @@ brew install aircrack-ng
 sudo apt-get install aircrack-ng
 ```
 
-### 5. Install Bluetooth tools (optional)
+### 5. Install dump1090 (optional, for ADS-B aircraft tracking)
+
+**macOS (Homebrew):**
+```bash
+brew install dump1090-mutability
+```
+
+**Ubuntu/Debian:**
+```bash
+sudo apt-get install dump1090-mutability
+```
+
+**From source:**
+```bash
+git clone https://github.com/flightaware/dump1090.git
+cd dump1090
+make
+sudo cp dump1090 /usr/local/bin/
+```
+
+### 6. Install Bluetooth tools (optional)
 
 **Ubuntu/Debian:**
 ```bash
@@ -185,30 +317,62 @@ sudo apt-get install bluez bluetooth
 **macOS:**
 Bluetooth tools are built-in, though with limited functionality compared to Linux.
 
-### 6. Install Python dependencies
+### 7. Install Python dependencies
 
 ```bash
 pip install -r requirements.txt
 ```
 
-### 7. Clone and run
+### 8. Clone and run
 
 ```bash
-git clone https://github.com/yourusername/intercept.git
+git clone https://github.com/smittix/intercept.git
 cd intercept
-python3 intercept.py
+sudo python3 intercept.py
 ```
 
 Open your browser to `http://localhost:5050`
 
+> **Note:** Running as root/sudo is recommended for full functionality (monitor mode, raw sockets, etc.)
+
+---
+
 ## Usage
 
+### Pager Mode
 1. **Select Device** - Choose your RTL-SDR device from the dropdown
 2. **Set Frequency** - Enter a frequency in MHz or use a preset
 3. **Choose Protocols** - Select which protocols to decode (POCSAG/FLEX)
 4. **Adjust Settings** - Set gain, squelch, and PPM correction as needed
 5. **Start Decoding** - Click the green "Start Decoding" button
-6. **View Messages** - Decoded messages appear in real-time in the output panel
+
+### WiFi Mode
+1. **Select Interface** - Choose a WiFi adapter capable of monitor mode
+2. **Enable Monitor Mode** - Click "Enable Monitor" (uncheck "Kill processes" to preserve other connections)
+3. **Start Scanning** - Click "Start Scanning" to begin
+4. **View Networks** - Networks appear in the output panel with signal strength
+5. **Track Devices** - Click 📈 on any network to track its signal over time
+6. **Capture Handshakes** - Click "Capture" on a network to start handshake capture
+
+### Bluetooth Mode
+1. **Select Interface** - Choose your Bluetooth adapter
+2. **Choose Mode** - Select scan mode (hcitool, bluetoothctl)
+3. **Start Scanning** - Click "Start Scanning"
+4. **View Devices** - Devices appear with name, address, and classification
+
+### Aircraft Mode
+1. **Check Tools** - Ensure dump1090 or rtl_adsb is installed
+2. **Start Tracking** - Click "Start Tracking" to begin ADS-B reception
+3. **View Map** - Aircraft appear on the interactive Leaflet map
+4. **Click Aircraft** - Click markers for detailed information (altitude, speed, heading)
+5. **Toggle Labels** - Use checkboxes to show/hide callsigns and flight levels
+
+### Satellite Mode
+1. **Add Satellites** - Click "Add Satellite" to enter TLE data manually, or use "Celestrak" to fetch by category
+2. **Select Category** - Choose from Amateur, Weather, ISS, Starlink, GPS, etc.
+3. **View Passes** - Next pass predictions shown with elevation and duration
+4. **Track Multiple** - Add multiple satellites to track simultaneously
+5. **Iridium Bursts** - Monitor for Iridium satellite burst transmissions
 
 ### Frequency Presets
 
@@ -217,23 +381,7 @@ Open your browser to `http://localhost:5050`
 - Right-click a preset to remove it
 - Click "Reset to Defaults" to restore default frequencies
 
-### Message Logging
-
-Enable logging in the Logging section to save decoded messages to a file. Messages are saved with timestamp, protocol, address, and content.
-
-## Default Frequencies
-
-### Pager (UK)
-- **153.350 MHz** - UK pager frequency
-- **153.025 MHz** - UK pager frequency
-
-### 433MHz Sensors
-- **433.92 MHz** - EU/UK ISM band (most common)
-- **315.00 MHz** - US ISM band
-- **868.00 MHz** - EU ISM band
-- **915.00 MHz** - US ISM band
-
-You can customize pager presets in the web interface.
+---
 
 ## API Endpoints
 
@@ -249,8 +397,6 @@ You can customize pager presets in the web interface.
 | `/status` | GET | Get decoder status |
 | `/stream` | GET | SSE stream for pager messages |
 | `/stream_sensor` | GET | SSE stream for sensor data |
-| `/logging` | POST | Toggle message logging |
-| `/killall` | POST | Kill all decoder processes |
 
 ### WiFi
 | Endpoint | Method | Description |
@@ -260,6 +406,8 @@ You can customize pager presets in the web interface.
 | `/wifi/scan/start` | POST | Start WiFi scanning |
 | `/wifi/scan/stop` | POST | Stop WiFi scanning |
 | `/wifi/deauth` | POST | Send deauthentication packets |
+| `/wifi/handshake/capture` | POST | Start handshake capture |
+| `/wifi/handshake/status` | POST | Check handshake capture status |
 | `/wifi/networks` | GET | Get discovered networks |
 | `/wifi/stream` | GET | SSE stream for WiFi events |
 
@@ -270,10 +418,29 @@ You can customize pager presets in the web interface.
 | `/bt/scan/start` | POST | Start Bluetooth scanning |
 | `/bt/scan/stop` | POST | Stop Bluetooth scanning |
 | `/bt/enum` | POST | Enumerate device services |
-| `/bt/ping` | POST | L2CAP ping a device |
 | `/bt/devices` | GET | Get discovered devices |
 | `/bt/stream` | GET | SSE stream for Bluetooth events |
 
+### Aircraft (ADS-B)
+| Endpoint | Method | Description |
+|----------|--------|-------------|
+| `/adsb/start` | POST | Start ADS-B tracking |
+| `/adsb/stop` | POST | Stop ADS-B tracking |
+| `/adsb/aircraft` | GET | Get tracked aircraft |
+| `/adsb/stream` | GET | SSE stream for aircraft data |
+| `/adsb/tools` | GET | Check ADS-B tool availability |
+
+### Satellite
+| Endpoint | Method | Description |
+|----------|--------|-------------|
+| `/satellite/add` | POST | Add satellite with TLE data |
+| `/satellite/remove` | POST | Remove satellite from tracking |
+| `/satellite/list` | GET | Get tracked satellites |
+| `/satellite/passes` | GET | Get pass predictions |
+| `/satellite/celestrak/<category>` | GET | Fetch satellites from Celestrak |
+
+---
+
 ## Troubleshooting
 
 ### No devices found
@@ -287,10 +454,17 @@ You can customize pager presets in the web interface.
 - Check that pager services are active in your area
 - Ensure antenna is connected
 
+### WiFi monitor mode fails
+- Ensure you're running as root/sudo
+- Check your adapter supports monitor mode: `iw list | grep monitor`
+- Try: `airmon-ng check kill` to stop interfering processes
+
 ### Device busy error
 - Click "Kill All Processes" to stop any stale processes
 - Unplug and replug the RTL-SDR device
 
+---
+
 ## License
 
 MIT License - see [LICENSE](LICENSE) for details.
@@ -305,12 +479,11 @@ Created by **smittix** - [GitHub](https://github.com/smittix)
 - [multimon-ng](https://github.com/EliasOenal/multimon-ng) - Multi-protocol pager decoder
 - [rtl_433](https://github.com/merbanan/rtl_433) - 433MHz sensor decoder
 - [aircrack-ng](https://www.aircrack-ng.org/) - WiFi security auditing tools
-- [Kismet](https://www.kismetwireless.net/) - Wireless network detector and sniffer
 - [BlueZ](http://www.bluez.org/) - Official Linux Bluetooth protocol stack
-- [Ubertooth](https://greatscottgadgets.com/ubertoothone/) - Open source Bluetooth research tool
-- [Bettercap](https://www.bettercap.org/) - Network reconnaissance and MITM framework
 - Inspired by the SpaceX mission control aesthetic
 
+---
+
 ## ⚠️ Disclaimer
 
 **This software is for educational purposes only and intended for use by cybersecurity professionals in controlled environments.**
@@ -323,5 +496,3 @@ By using INTERCEPT, you acknowledge that:
 - The developers assume no liability for misuse of this software
 
 A disclaimer must be accepted when first launching the application.
-
-