September 30, 2022 in activity reports by Esther Onfroy3 minutes
PiRogue Tool Suite (PTS) is a reboot of PiRanhaLysis project. PiRanhaLysis serves different use-cases, ranging from universities (the University of Yale as an example), activists, NGOs and although archived, still gets a lot of traction. In fact, too much traction for it to be maintained as a hobby project as it has been done until now. Currently, PiRogue Tool Suite is at the proof-of-concept stage. To get to wider adoption by the general public, the build process must be streamlined and the interface smoothened. Our goal is to make PiRogue Tool Suite accessible to anyone.
The problem: the lack of open-source tooling (hardware + software) to assess both the privacy and the security of mobile devices. Depending on Human Right Defenders’ goals, the tooling should enable them to educate, conduct emergency assessment or off-the-field investigations.
The plan: As with all the other projects we do, we are the first users of the technologies we develop and we aim to provide open-source, low-cost, well maintained, easy to use and easy to build hardware and software.
We have three modes for PTS:
a kiosk mode for anyone who wants to know which servers a mobile device is communicating with
an on-the-field mode
an expert mode for technical people to:
The PiRogue is an open hardware device based on a Raspberry Pi operating as a network router (like any ISP router) analyzing network traffic in real time.
You can check out our work on GitHub at https://github.com/PiRogueToolSuite/ or on our website at https://pts-project.org/.
We finally released a tool allowing the user to intercept and decrypt the TLS traffic of a given Android application. This tool dumps:
Once dumped, user can use another command line tool to see each different network exchanges displaying:
The documentation of this feature is available at https://pts-project.org/docs/recipes/how-to-intercept-and-decrypt-tls-traffic/.
The Tool Suite is a software stack, its architecture is distributed and easy to scale based on:
This stack is not cloud-depend, that means it can be deployed on a bare metal server as well as on any cloud platform supporting Docker.
The Tool Suite is meant to offer the following features:
It is difficult for us to keep the various third-party libraries we package up to date.