4 |
5 | **Based on a Raspberry Pi 3B+ with Kali Linux installed, the "NightPi" is a briefcase designed to learn and perform penetration testing, investigation (OSINT) and radio exploration.**
6 |
7 | This repository contain usefull informations, in the hope you'll be inspired for a similar project :wink:
8 |
9 |
10 | 
11 | 
12 |
17 |
18 | While Kali Linux come with a incredible amount of software, if you want to learn how to use them, you'll need to rely on a internet connection and search for each documentation separately. **Centralizing all these usefull informations in one database by using a open source software like HTTrack is way more convenient :)**
19 |
20 | For each site, you may have to change some parameters (especially in `limits` panel, depending on the structure of the website).
21 | **Here is the general options that you can apply :**
22 |
23 | - *Scan rules* (to prevent to download unwanted files) :
24 | `+*.png +*.gif +*.jpg +*.jpeg
25 | +*.css +*.js -ad.doubleclick.net/* -mime:application/foobar
26 | -*.zip -*.tar -*.tgz -*.gz
27 | -*.rar -*.z -*.exe -*.7z -*.pdf -*.xz -*.iso`
28 |
29 | - *Build* : activate `No error page` and `No external page`
30 | - *Link* : activate `Attempt to detect all links`, `Get non-html files related to a link`, `Test validity of all links`
31 | and `Get HTML files first`
32 | - *Log, index, cache* : activate `Force to store all files in cache`
33 |
34 | To learn how to use it, I strongly recommand to have a look on the website : https://www.httrack.com/html/index.html
35 |
36 | ### Extra tools
37 | Some interesting tools to perform OSINT and radio exploration has been added :
38 | - Sherlock => A command-line tool used to scan many social network (like Facebook, Twitter, Tinder...) to find a user's account. All requests can be made over TOR.
39 | - GQRX => A software-defined radio that allow you to demodulate AM, FM and SSB and is compatible with many hardware (RTL-SDR, HackRF, BladeFR...).
40 | - Twint => This advanced Twitter OSINT tool allow you to scrap a user's Tweet, followers... without any API required.
41 | - Photon => A command-line tool that allow you to extract data of a website (subdomain, picture, email adress...).
42 | - Keytap => Theses experimental tools can be used for analyzing mechanical keyboard input with microphone capture to predict the content of a written text.
43 | - Exiftool => A command-line tool used to analyze, modify and erase metadata in a wide variety of file (supported format include JPEG, PNG, DOC, MP4...).
44 |
45 | Even if I wasn't able to install it, you might also have a look at this last program. **Based on TEMPEST attack, a technic discovered by the National Security Agency in the 70's, this tool allow you to eavesdrop unintentional electromagnetic emanations** that come from cables carrying video signals and converted back into a live image of what is displayed on the screen.
46 |
47 | ### Enhanced security browser
48 | Due to incompatibility of Tor Browser with Raspberry's architecture (ARM), **one possible alternative is to install Mozilla Firefox (ERS) and drastically renforced its security**.
49 |
50 | > (1) These **open-source add-on** has been added : uBlock Origin, Privacy Badger, HTTPS Everywhere, Cookie Autodelete, Decentralised and Noscript.
51 |
52 | > (2) To use **Firefox over TOR**, you need to install it and set up a proxy in *Connection setting* :
53 | `SOCKS Host : 127.0.0.1`, `Port : 9050`, `SOCKS v5` and activate `Remote DNS`
54 |
55 | > (3) Regarding **fingerprint protection**, you'll have to configure `about:config` by your own, depending on the level of protection you need. Remember that theses modifications might break some websites and prevent them to load correctly.
56 |
57 | >> :wrench: Here are some usefull ressources for creating your own settings. Don't hesitate to also use theses tools to test your browser security/fingerprint !
58 |
59 | >> :warning: **Fingerprint tracking techniques are very complex** and new ones continue to be developped, as this example clearly illustrate. **You have to keep in mind that :**
60 | >> - The fact of non-giving an information (ex: disable `media.navigator.enabled`) can also be an information.
61 | >> - The more you modified your browser, the more you will stick out from the masse
62 | >> - Your browser value will remain fixed
63 |
64 | > (4) **By default, your browser trust 100 % of Certificate Authorities (CAs)**, which is a bad security practice ! In addition to the risk of a MIMT ("Man In The Middle"), some shady companies are also seeking to be approved as a top-level CA. This extension might help you to trust only a restricted number of CAs.
65 |
66 | ## Hardware
67 | Here is the hardware that I've used. Feel free to choose them according to your needs (dimension, powerfull equipment...).
68 | **Cost estimated :** around 500 $
69 |
70 | | **Raspberry Pi 3B+** | **64GB SD Card** | **Wired keyboard** | **External Hard Drive** | **Portable screen** |
71 | | :---: | :---: | :---: | :---: | :---: |
72 | |**RFID RC 522** | **RTL-SDR** | **Wireless module** | **Battery** | **USB cable** |
73 | | **Powered USB hub** | **Fans** | **Briefcase** | **Foldable headphone** | **Jack cable** |
74 |
75 | 
76 |
77 |
If you're interested about making one, here are some tips : 78 | 79 | - **Try to privilege full-aluminium briefcase** instead of a plastic/aluminium mix (which, in addition, are often made with cardboard inside). It will probably be a bit more expensive, but more resistant and easier to work on. 80 | - **Avoid using low-quality fixer like glue or nails**, prefer screws and nuts. Keep in mind that, if something needs to be fixed, you'll prefer to be able to easily disassembled it and work on it. 81 | - **Check the voltage/amperage of your hardware, they will have an impact on your battery size !** 82 | - **Draw a plan of the inside, including all component's size**. It is very important to make sure that you have enough space before buying everything, because you'll probably need more than expected. 83 | 84 | ## Further improvements 85 | - [ ] Battery-capacity monitoring 86 | - [ ] Full-disk encryption 87 | - [ ] Better range for WIFI and radio 88 | --------------------------------------------------------------------------------