- Add verbose_results flag to store full device details in sweep results
- Add non-interactive mode (--non-interactive) to setup.sh
- Add ask_yes_no helper for interactive prompts with TTY detection
- Update reports.py to handle new results structure with fallbacks
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add check_optional() function for non-critical tools
- Change rtlamr from required to optional tool
- Add install_rtlamr_from_source() that auto-installs Go and compiles rtlamr
- Prompt user during setup whether to install rtlamr
- Fixes setup failure for users who don't need utility meter monitoring
Added 'bleak', 'flask-sock', and 'requests' to pyproject.toml and updated requirements.txt to include 'Werkzeug' and 'bleak'. Introduced tests/test_requirements.py to ensure consistency between requirements files and the installed environment.
Added a new login.js script to provide visual feedback and prevent double submission on the login form. Updated login.html to include the script and wire up the login button. Clarified credential configuration instructions in README.md.
- Added rtlamr mode for decoding utility meters (water, gas, electric)
- Starts rtl_tcp server first, then connects rtlamr to it
- Supports multiple message types: SCM, SCM+, IDM, NetIDM, R900, R900 BCD
- Added frequency presets for 912 MHz (NA) and 868 MHz (EU)
- Includes meter ID filtering and unique message options
- Updated setup.sh to check and install rtlamr and rtl_tcp
- Added UI components: navigation button, mode template, JavaScript functions
- Integrated into SDR/RF dropdown menu with lightning bolt icon
- Updates mode indicator with frequency when listening
- Added help documentation and requirements section
Increase sidebar width from 250px to 300px to prevent region dropdown
from being cut off. Add flex layout to keep header and controls visible
while messages area scrolls.
Introduced Flask-Limiter to restrict login attempts to 5 per minute per IP, enhancing security against brute-force attacks. Updated error handling to display a user-friendly message when the rate limit is exceeded. Minor improvements to the login page, including clearer error messages and display of the user's IP address.
The #depsBtn and #helpBtn had old right positioning rules
that conflicted with the flex layout, causing them to appear
in wrong positions.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Remove margin-left: auto from mode-nav-actions
- Set nav-utilities to use margin-left: auto for right alignment
- Increase gaps: nav-utilities 16px, nav-tools 12px
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Increased gap between tool buttons from 4px to 8px
- Added min-width to prevent button shrinking
- Added overflow: hidden to contain absolutely positioned icons
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Both .mode-nav-actions and .nav-utilities had margin-left: auto,
causing them to compete for space in the flexbox layout.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add New Zealand (144.575 MHz) to APRS region dropdown
- Add Argentina, Brazil, and China regions
- Add custom frequency input option for user-specified frequencies
- Custom frequency field shows/hides dynamically when selected
- Properly disable/enable custom frequency control during operation
- CSS improvements for nav element flex behavior
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
The previous detection logic incorrectly matched '-o' in help text for
version 4.x, causing startup failures. Now properly detects version:
- Version 4.0+: uses -j for JSON stdout
- Version 3.x: uses -o 4 for JSON stdout
Parses version from acarsdec output (e.g., "Acarsdec v4.3.1" or
"Acarsdec/acarsserv 3.7") to determine the correct flag.
Fixes: "invalid option -- 'o'" error on modern acarsdec builds
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
The get_acarsdec_json_flag() function was defaulting to the obsolete '-o'
flag when detection failed, causing "invalid option -- 'o'" errors with
modern acarsdec builds from TLeconte repository.
Changes:
- Try both -h and --help flags for better compatibility
- Improve -j flag detection patterns
- Default to -j (modern standard) instead of -o
- Only use -o if explicitly documented in help text
This fixes ACARS decoder startup failures on systems where acarsdec was
built from source using setup.sh.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Revamps the login page layout and styles for a more modern, 'hacker' terminal look. Adds animated background effects, updates the login box and input styling, and enhances error messages with a new format. Also removes the tracked intercept.db file and ensures it is ignored in .gitignore.
Aggressively handle broken rtl-sdr package states:
- Use dpkg --force-remove-reinstreq to remove broken rtl-sdr
- Use dpkg --force-all to force remove librtlsdr2
- Run apt-get --fix-broken install after cleanup
- Improved detection of broken package states
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Remove all packages that depend on librtlsdr2 before upgrading:
- dump1090-mutability (will be rebuilt from source later)
- libgnuradio-osmosdr0.2.0t64
- rtl-433 (will be reinstalled)
- librtlsdr2 and rtl-sdr
This resolves the file conflict between librtlsdr2 (2.0.1) and librtlsdr0 (2.0.2).
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Fix broken package states by:
- Running apt --fix-broken install before attempting installation
- Removing both librtlsdr2 and rtl-sdr when conflict detected
- Cleaning up with autoremove
- Running dpkg --configure -a to fix partial installations
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Remove conflicting librtlsdr2 package before installing rtl-sdr to prevent dpkg errors when librtlsdr0 tries to overwrite shared library files.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Consolidate sweep config and scan sources into one section
- Group baseline recording and meeting window under "Advanced"
- Create 2x2 grid layout for tool buttons
- Use visual dividers instead of separate sections
- Keep all functionality and IDs intact
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Show all controls directly instead of hiding them in collapsed
sections which was causing confusion.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Redesign the sidebar to be more minimal with collapsible sections
for Settings and Advanced options. Primary sweep action is now
prominently displayed, with tool buttons condensed to compact icons.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Fix tscmShowCapabilities to parse nested API response structure
- Build can/cannot detect lists dynamically from actual capabilities
- Display system info, limitations, and disclaimer
- Add 'Add to Known Devices' button in device detail modal
- New tscmAddToKnownDevices function with custom name prompt
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Change /tscm/playbooks to return array instead of dict
- Add id, name, category fields to each playbook for JS compatibility
- Fix tscmViewPlaybook JS to use correct field names (action/details/safety_note)
- Display when_to_escalate and documentation_required sections
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Implement 9 major TSCM feature enhancements:
1. Capability & Coverage Reality Panel - Exposes what sweeps can/cannot
detect based on OS, privileges, adapters, and SDR limits
2. Baseline Diff & Health - Shows changes vs baseline with health scoring
(healthy/noisy/stale) based on age and device churn
3. Per-Device Timelines - Time-bucketed observations with RSSI stability,
movement patterns, and meeting correlation
4. Whitelist/Known-Good Registry + Case Grouping - Global and per-location
device registry with case management for sweeps/threats/notes
5. Meeting-Window Summary Enhancements - Tracks devices first seen during
meetings with scoring modifiers
6. Client-Ready PDF Report + Technical Annex - Executive summary, findings
by risk tier, JSON/CSV annex export
7. WiFi Advanced Indicators - Evil twin detection, probe request tracking,
deauth burst detection (auto-disables without monitor mode)
8. Bluetooth Risk Explainability - Proximity estimates, tracker brand
explanations, human-readable risk descriptions
9. Operator Playbooks - Procedural guidance by risk level with steps,
safety notes, and documentation requirements
All features include mandatory disclaimers, preserve existing architecture,
and follow TSCM best practices (no packet capture, no surveillance claims).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
