This is a canari framework based Maltego transform pack that allows you to perform wireless sniffing within Maltego. It uses a sqlite3 database to store collected data allowing for future expansion of the project and to use the data elsewhere.
It has been tested on Kali and requires the following additional software (outside of Python).
aircrack-ng
The following python modules are also required:
sqlite3 requests canari (goes without saying)
To install the transform pack you need to do the following (make sure you have canari installed already):
- clone this repo
git clone https://github.com/catalyst256/Watcher.git
- change to the
src
directorycd src/
canari create-profile Watcher -w [full path to src folder]
on my machine this is:canari create-profile Watcher -w /root/localTransforms/Watcher/src
- Load Maltego and import configuration file that was just created in the
src
folder.
You will have a number of new transforms, entities and a Maltego machine to use.
To use Watcher the process is as follows:
- Create an interface entity in Maltego (set to your wireless interface name)
- Run the
Watcher - Set Interface into Monitor Mode
- Run the
Watcher - Create database
(this creates a sqlite database in thesrc/Watcher/resource/database
folder) - Run the
Watcher - Sniff wireless sniff
transform (leave this running) - Run the Maltego Machine
Watcher - Hunter
(accessible from the monitor interface entity)
Leave it running to see all the beacon and probe requests from devices flow into a beautiful graph..
Enjoy!! (any issues raise a ticket on GitHub)