Real-time threat intelligence is now live in Colander, with network flows and Suricata alerts streaming directly from PiRogue devices, plus Threatr queries and flow imports straight into cases. We also enabled PiRogue as an emergency VPN server for supporting at-risk individuals without physical device access. On the maintenance side, we tightened up the UX across the board, better status monitoring, quick system version checks, simpler team access management, and a leaner device monitoring workflow.

Project overview

PiRogue Tool Suite (PTS) provides a platform combining analysis tools, knowledge management, incident response management and artifact management, which allows civil society organizations with limited resources to equip themselves at a low cost. The project consists of an open source tool suite that provides a comprehensive mobile device forensics and digital investigations platform.

• Website: pts-project.org
• Email: hello [at] pts-project.org
• GitHub: Source code - Roadmap
• Get support: Discord
• Support us: OpenCollective

📢 Announcements

🚀️ PTS Community Meeting on Friday, March 27 · 2:00 – 3:00pm CEST. Join us, we are looking forward to hear from you htps://meet.google.com/arx-tpra-euz

🎉 Impacts and results

• Real-time threat intelligence is now supported in Colander. Network flows and Suricata security alerts from PiRogue devices are now displayed directly in Colander. Users can query Threatr for threat intelligence on any IP address and import flows into their cases.
• The core functionality for deploying PiRogue as an emergency VPN server is now possible, enabling organizations to analyze network traffic from at-risk individuals who don’t have physical access to a PiRogue device.

📒 Activity report

You can find more details about the different activities in the project roadmap.

📦 US101 - Maintenance#

We manufacture PiRogues to supply organizations, while taking care of its maintenance. We will include OS upgrades, improvement of the documentation and fixing bugs. Regarding Colander and Threatr, we maintain the public Colander server, upgrade dependencies, improve the documentation and fix bugs.

This month#

Better PiRogue status monitoring consultation#

We enhanced the display and the expiration of PiRogue statues.

At-a-glance overview of PiRogue system versions#

A PiRogue owner can quickly check system updates.

Better remote PiRogue User Access management#

A PiRogue owner can now easily create and share accesses to Colander teams. Colander operators assigned to these teams will be able to use the access granted to them for their investigations.

Simplified device monitoring workflow#

We have simplified the configuration and start-up of device monitoring. A Colander operator can now launch profiling with fewer fields and clicks.

Next month#

We will continue the maintenance of the tools, Debian packages we maintain and Colander ecosystem.

📦 US104 - Product management#

This month#

• We are happy to announce that our collaboration have started with the Impact & Engagement Lab from OTF. We are closely collaborating together on imporving the User Experiences and looks and feel of different PTS products to better serve our community.
• We have received very community survey and interviews feedback conducted by The Engine Room. The feedback mainly focused on different aspects our community would like us to improve and work on on the next roll-outs of our products. We took them into account and will be happy to announce them soon.
• PTS documentation restructuring and redefinition

Next month#

• Continue working on the documentation of PTS- Accelerating the collaboration with the Impact & Engagement Lab from OTF. S
• Accelerating the collaboration with the Impact & Engagement Lab from OTF.