Added build and runtime dependencies for AIS-catcher, readsb (SoapySDR enabled), direwolf, and hcxtools. Included rx_tools build from source. Updated dependency checker to potentialy verify SoapySDR modules.
Handle various data types safely when converting manufacturer_data
in the TSCM-specific BLE scanner module.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Handle various data types safely when converting manufacturer_data
and service_data in the bleak fallback scanner.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Fix "cannot convert 'str' object to bytes" error in BLE identity engine
by adding robust _convert_to_bytes() helper that handles bytes, hex
strings, bytearrays, and arrays
- Improve DBus scanner to safely handle various data types for
manufacturer_data and service_data with proper error handling
- Add monitor mode interface detection in WiFi scanner to provide clear
error message when quick scan is attempted on monitor mode interface
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Implement reliable tracker detection for AirTag, Tile, Samsung SmartTag,
and other BLE trackers based on manufacturer data patterns, service UUIDs,
and advertising payload analysis.
Key changes:
- Add TrackerSignatureEngine with signatures for major tracker brands
- Device fingerprinting to track devices across MAC randomization
- Suspicious presence heuristics (persistence, following patterns)
- New API endpoints: /api/bluetooth/trackers, /diagnostics
- UI updates with tracker badges, confidence, and evidence display
- TSCM integration updated to use v2 tracker detection data
- Unit tests and smoke test scripts for validation
Detection is heuristic-based with confidence scoring (high/medium/low)
and evidence transparency. Backwards compatible with existing APIs.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add fallback mechanism to try multiple tools (nmcli -> iw -> iwlist)
- Improve error messages for iw/iwlist with root privilege detection
- Enhance nmcli scanner to try without interface if specific scan fails
- Better error reporting in frontend showing actual backend errors
- Add logging throughout scan process for debugging
This fixes quick scan immediately failing on Linux systems by trying
multiple tools and providing meaningful error messages.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add v2 capabilities, quick scan, deep scan, and status endpoints
- Add v2 networks, clients, probes, and channels endpoints
- Add v2 SSE stream, export (CSV/JSON), and baseline management
- Add recommendation_rank field to ChannelRecommendation model
The frontend was already wired up to call these v2 endpoints but they
were missing from the backend. This completes the WiFi module v2 API.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Frontend (wifi.js):
- Show helpful message when quick scan returns no networks
- Suggest using Deep Scan as fallback
- Better error messages with actionable suggestions
Backend (scanner.py):
- Add proper error messages from airport scan failures
- Add proper error messages from nmcli scan failures
- Handle timeouts and missing tools explicitly
- Raise RuntimeError with descriptive messages
These changes help users understand when quick scan tools (airport/nmcli)
aren't working and guide them to use Deep Scan instead.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Backend:
- New utils/wifi/ package with models, scanner, parsers, channel analyzer
- Quick Scan mode using system tools (nmcli, iw, iwlist, airport)
- Deep Scan mode using airodump-ng with monitor mode
- Hidden SSID correlation engine
- Channel utilization analysis with recommendations
- v2 API endpoints at /wifi/v2/* with SSE streaming
- TSCM integration updated to use new scanner (backwards compatible)
Frontend:
- WiFi mode controller (wifi.js) with dual-mode support
- Channel utilization chart component (channel-chart.js)
- Updated wifi.html template with scan mode tabs and export
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Backend:
- Add device_key.py for stable device identification (identity > public MAC > fingerprint)
- Add distance.py with DistanceEstimator class (path-loss formula, EMA smoothing, confidence scoring)
- Add ring_buffer.py for time-windowed RSSI observation storage
- Extend BTDeviceAggregate with proximity_band, estimated_distance_m, distance_confidence, rssi_ema
- Add new API endpoints: /proximity/snapshot, /heatmap/data, /devices/<key>/timeseries
- Update TSCM integration to include new proximity fields
Frontend:
- Add proximity-radar.js: SVG radar with concentric rings, device dots positioned by distance
- Add timeline-heatmap.js: RSSI history grid with time buckets and color-coded signal strength
- Update bluetooth.js to initialize and feed data to new components
- Replace zone counters with radar visualization and zone summary
- Add proximity-viz.css for component styling
Tests:
- Add test_bluetooth_proximity.py with unit tests for device key stability, EMA smoothing,
distance estimation, band classification, and ring buffer functionality
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add null checks to legacy refreshBtInterfaces() function
- Redirect to BluetoothMode.checkCapabilities() when available
- Fix Bleak deprecation: use AdvertisementData.connectable instead of device.metadata
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add 'available' alias for 'can_scan' in capabilities
- Add 'preferred_backend' alias for 'recommended_backend'
- Add 'id' field to adapter info for frontend compatibility
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
DBus/BlueZ requires a GLib main loop which Flask doesn't have.
Reordered backend priority: bleak > hcitool > bluetoothctl > dbus
Removed DBus option from UI since it won't work with Flask.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The fallback wasn't being triggered because when mode='auto' was
replaced with the recommended backend ('dbus'), the fallback condition
failed. Now properly tracks original_mode to allow fallback.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add SUBPROCESS_TIMEOUT_SHORT to bluetooth constants
- Fix test imports to use correct constant names
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Major changes:
- Add utils/bluetooth/ package with DBus scanner, fallback scanners
(bleak, hcitool, bluetoothctl), device aggregation, and heuristics
- New unified API at /api/bluetooth/ with REST endpoints and SSE streaming
- Device observation aggregation with RSSI statistics and range bands
- Behavioral heuristics: new, persistent, beacon-like, strong+stable
- Frontend components: DeviceCard, MessageCard, RSSISparkline
- TSCM integration via get_tscm_bluetooth_snapshot() helper
- Unit tests for aggregator, heuristics, and API endpoints
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Implements heuristic-based signal identification that provides
plain-English guesses for detected signals based on frequency,
modulation, bandwidth, and burst behavior.
Features:
- Python backend engine (utils/signal_guess.py)
- JavaScript client-side engine with UI components
- Hedged language output (never claims certainty)
- UK/EU and US region support
- Confidence levels (LOW/MEDIUM/HIGH)
- 50+ unit tests for deterministic verification
Supported signal types: FM broadcast, airband, cellular/LTE,
ISM bands (433/868/915/2.4GHz), TPMS, amateur radio, marine VHF,
DAB, pager networks, weather satellites, ADS-B, and more.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Introduces standardized RSSI-to-label mapping (minimal/weak/moderate/strong/very_strong)
and duration-based confidence modifiers for client-facing reports and dashboards.
- New signal_classification.py module with hedged language generation
- Updated detector.py to use standardized signal descriptions
- Enhanced reports.py with signal classification in findings
- Added JS SignalClassification and signal indicator components
- CSS styles for signal strength bars and assessment panels
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add verbose_results flag to store full device details in sweep results
- Add non-interactive mode (--non-interactive) to setup.sh
- Add ask_yes_no helper for interactive prompts with TTY detection
- Update reports.py to handle new results structure with fallbacks
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Implement 9 major TSCM feature enhancements:
1. Capability & Coverage Reality Panel - Exposes what sweeps can/cannot
detect based on OS, privileges, adapters, and SDR limits
2. Baseline Diff & Health - Shows changes vs baseline with health scoring
(healthy/noisy/stale) based on age and device churn
3. Per-Device Timelines - Time-bucketed observations with RSSI stability,
movement patterns, and meeting correlation
4. Whitelist/Known-Good Registry + Case Grouping - Global and per-location
device registry with case management for sweeps/threats/notes
5. Meeting-Window Summary Enhancements - Tracks devices first seen during
meetings with scoring modifiers
6. Client-Ready PDF Report + Technical Annex - Executive summary, findings
by risk tier, JSON/CSV annex export
7. WiFi Advanced Indicators - Evil twin detection, probe request tracking,
deauth burst detection (auto-disables without monitor mode)
8. Bluetooth Risk Explainability - Proximity estimates, tracker brand
explanations, human-readable risk descriptions
9. Operator Playbooks - Procedural guidance by risk level with steps,
safety notes, and documentation requirements
All features include mandatory disclaimers, preserve existing architecture,
and follow TSCM best practices (no packet capture, no surveillance claims).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add spectrum monitoring via rtl_power with configurable presets
- Add OpenCelliD tower integration with Leaflet map display
- Add grgsm_scanner integration for passive GSM cell detection (alpha)
- Add rules engine for anomaly detection and findings
- Add baseline recording and comparison system
- Add setup.sh support for gr-gsm installation on Debian/Ubuntu
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add propagate=False to prevent child loggers from duplicating
messages through parent handler
- Only log SBS connection errors once until successful reconnect
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Fix bias-t option in rtl_433 for RTL-SDR and HackRF:
- rtl_433's -T flag is for timeout, not bias-t
- RTL-SDR: Use :biast=1 suffix on device string
- HackRF: Use bias_t=1 in SoapySDR device string
- Add "Listen (FM/AM)" buttons to TSCM RF signal details
- Switches to Listening Post mode and tunes to frequency
- Fix device detail header padding to prevent protocol badge
overlapping with close button
- New device_identity.py: Clusters BLE/WiFi observations into probable
physical devices using passive fingerprinting (not MAC addresses)
- Fingerprinting based on manufacturer data, service UUIDs, capabilities,
timing patterns, and RSSI trajectories
- Session tracking with automatic gap detection
- Risk indicators: stable RSSI, MAC rotation, ESP32 chipsets, audio-capable
- Full audit trail for all clustering decisions
- New ble_scanner.py: Cross-platform BLE scanning with bleak library
- Detects AirTags, Tile, SmartTags, ESP32 by manufacturer ID
- Fallback to system tools (btmgmt, hcitool, system_profiler)
- Added API endpoints for device identity clustering (/tscm/identity/*)
- Updated setup.sh with bleak dependency
- Updated documentation with TSCM features and hardware requirements
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
WiFi Scanning:
- Add 'iw' scan method as primary (sometimes works without root)
- Auto-detect wireless interface from /sys/class/net
- Better error logging for permission issues
- Fall back to iwlist if iw fails
UI Updates:
- Replace Critical/High/Medium/Low cards with new scoring model
- Now shows: High Interest (6+), Needs Review (3-5), Informational (0-2)
- Add Correlations count card
- Update counts based on device classification scores
Tracker Detection:
- Add detection for Apple AirTag (by OUI and name)
- Add detection for Tile trackers
- Add detection for Samsung SmartTag
- Add detection for ESP32/ESP8266 devices (Espressif chipset)
- Add generic chipset vendor detection
- New indicator types with appropriate scoring weights
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Classification levels:
- Green (Informational): Known devices in baseline, expected infrastructure
- Yellow (Needs Review): Unknown BLE devices, new WiFi APs, unidentified RF
- Red (High Interest): Persistent transmitters, audio-capable BLE, trackers,
devices with repeat detections across scans
Features:
- Device history tracking for repeat detection (24-hour window)
- Audio-capable BLE detection (headphones, mics, speakers)
- Classification reasons shown under each device
- Color-coded indicators with visual styling
- Microphone badge for audio-capable BLE devices
- Create routes/aprs.py with start/stop/stream endpoints for APRS decoding
- Support multiple regional frequencies (North America, Europe, Australia, etc.)
- Use direwolf (preferred) or multimon-ng as AFSK1200 decoder
- Parse APRS packets for position, weather, messages, and telemetry
- Add APRS visualization panel with Leaflet map and station tracking
- Include station list with callsigns, distance, and last heard time
- Add packet log with raw APRS data display
- Register APRS blueprint and add global state management
- Add direwolf and multimon-ng to dependency definitions
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Update acarsdec install instruction to point to ./setup.sh
- Add ACARS Messaging to README features list
- Add acarsdec to README acknowledgments section
- All sources now consistently recommend ./setup.sh for acarsdec
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Fix multimon-ng GitHub URL typo (EliasOewornal -> EliasOenal)
- Fix acarsdec install info (not in apt repos, must build from source)
- Add hcxdumptool to quick install command
- Add note about acarsdec requiring source build with link to setup.sh
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add routes/acars.py with start/stop/stream endpoints for ACARS decoding
- Build acarsdec from source in Dockerfile (not available in Debian slim)
- Add acarsdec installation script to setup.sh for native installs
- Add ACARS to dependency checker in utils/dependencies.py
- Add collapsible ACARS sidebar next to map in aircraft tracking tab
- Add collapsible ACARS panel in ADS-B dashboard with same layout
- Include guidance about needing two SDRs for simultaneous ADS-B + ACARS
- Support regional frequency presets (N.America, Europe, Asia-Pacific)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Replaces hardcoded admin credentials with a users table in the database, storing hashed passwords and user roles. Updates the login logic in app.py to authenticate against the database using Werkzeug's password hashing utilities. Adds admin credential configuration to config.py and ensures a default admin user is created during database initialization.
Adds support for SDRPlay RSP devices (RSPdx, RSP1A, RSPduo, etc.)
through the SoapySDR interface. Closes#44.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Same fix as build_fm_demod_command() - the parameter was being
passed but not defined in the method signatures.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The bias_t parameter was being passed to build_fm_demod_command()
but wasn't defined in the method signatures, causing an unexpected
keyword argument error.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Remove direct serial GPS dongle support in favor of gpsd daemon connectivity.
The UI now auto-connects to gpsd on page load and shows a GPS indicator when connected.
Simplify ADS-B dashboard controls bar for a cleaner, more compact layout.
Add setup-dev.sh for streamlined development environment setup.
- Remove GPSReader class and NMEA parsing (utils/gps.py)
- Consolidate to GPSDClient only with auto-connect endpoint
- Add GPS indicator with pulsing dot animation
- Compact controls bar with smaller fonts and tighter spacing
- Add aircraft database download banner/functionality
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add get_tool_path() to check /usr/sbin and /sbin for tools
- Update wifi.py to use full paths for airmon-ng, airodump-ng, aireplay-ng, aircrack-ng
- Add hcxdumptool and hcxtools to setup.sh for Debian and macOS
- Update check_cmd() in setup.sh to also check /usr/sbin and /sbin
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add debug stats (bytes_received, lines_received) to diagnose connection issues
- Capture stderr from dump1090 to show actual error messages on failure
- Add dump1090_running status to /adsb/status endpoint
- Fix aircraft_db.lookup() to handle Mictronics array format [reg, type, flags]
instead of expecting dict format {r: reg, t: type}
- Add logging for first few SBS lines to help debug parsing issues
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
