Open-Source Platform for Mobile Device Forensics and Digital Investigations

PiRogue Tool Suite (PTS) is a comprehensive, open-source digital investigation platform designed to empower organizations in an increasingly complex digital landscape. We provide accessible and powerful tools for network analysis, mobile forensics, and collaborative case management, specifically tailored for civil society, digital rights defenders, researchers, journalists, and regulatory bodies.

Open-source AGPL v3 licensed

Get started >>

Uncover Digital Truth

In a world awash with digital information, PTS offers clarity. Whether you're investigating human rights abuses, ensuring regulatory compliance, researching digital threats, or conducting in-depth journalistic inquiries, our tool suite provides the capabilities you need to uncover evidence, protect individuals, and hold power accountable.
Network Traffic Analysis
Capture and dissect network communications from various devices to understand data flows, identify destinations, and detect anomalies.
Mobile Device Forensics
Extract and examine data from mobile devices to analyze application behavior, uncover malware, and investigate data exposure with user consent.
Dynamic Application Analysis
Observe and trace the behavior of mobile applications to understand communication patterns, data handling, and privacy risks.
Case Management
Systematically organize evidence, notes, findings within a structured investigative framework, share information, and build collective insights.
Knowledge Management
Visually map relationships between entities to uncover complex patterns and enable teams to work together on investigations.
Evidence Preservation
Collect, manage, preserve digital evidence, and enrich investigations by incorporating external threat feeds and intelligence data.

PiRogue: Portable Network Traffic Analyzer

PiRogue is a portable or virtualized and powerful network traffic analysis and mobile device forensics. Built on Raspberry Pi, it puts sophisticated interception and inspection capabilities directly into your hands, enabling you to understand how devices and applications are communicating and what data they are exposing.
Network Traffic Analysis
Passively intercept and analyze network traffic from any connected device (smartphones, computers). Identify suspicious connections, data leaks, and communication patterns without altering the device itself.
Consensual Mobile Forensics
With consent, extract and analyze data from Android devices. Investigate app behavior, identify malware, and understand how personal data is being handled, supporting your work in digital rights and device security.
Application Behavior Monitoring
Observe how mobile apps communicate. Track data transmission, cryptographic operations, and interactions with remote servers, crucial for identifying insecure apps or surveillance tools.

Colander: Organize, Analyze, and Collaborate

Colander is our intuitive, web-based case management, digital investigations and knowledge-building platform. It seamlessly integrates with PiRogue and other data sources, allowing you to structure your investigative findings, visualize complex relationships, collaborate securely with your team, and share your findings with other organizations.
Centralized Case Management
Organize all your digital evidence, observations, and artifacts within distinct cases. Maintain a clear overview of complex investigations and ensure a methodical approach to evidence analysis or preservation.
Collaborative Investigation
Securely share case information and collaborate with team members or trusted partners. Work together on analyzing data, building timelines, and developing investigative leads, regardless of geographical location.
Visual Knowledge Graphing
Transform disparate pieces of information into interactive visual graphs. Map relationships between individuals, organizations, devices, malware, and online infrastructure to uncover hidden connections and patterns.

Testimonials

" PiRogue and Colander tools from the PiRogue Tool Suite were instrumental for our project in conducting the analysis and identifying privacy violations in the mobile apps.
As strategic litigators, it is crucial for us to collect solid evidence of privacy violations to support our arguments during the procedure. The two tools provide a comprehensive setup for mobile app investigations and are open source.
PiRogue helps record network traffic and other evidence such as cryptographic activity, SSL keylog files, socket activity, and even a screencast of the app from the viewpoint of the app user. Thanks to Colander, we were able to analyse the entire network traffic of the apps tested and identify suspicious activities. Both tools are intuitive to use and deliver reliable results.
As an NGO, we highly value the tool's reliability and accessibility, as it empowers us to investigate mobile apps that would otherwise be very difficult to explore.

Supported by

Logo of Digital Defenders Partnership
Logo of Internews
Logo of Open Technology Fund
Logo of Defensive Lab Agency