The PiRogue

What a PiRogue is

The PiRogue is an open hardware device based on a Raspberry Pi operating as a network router (like any ISP router) analyzing network traffic in real time.

It can operate in three different modes:

  • a kiosk mode for anyone who wants to know which servers a mobile device is communicating with

    • useful for non-profit that want to know if a victim is targeted by stalkerware
    • useful for educational purposes to highlight surveillance capitalism
    • more generally assess if a mobile device is spied on/compromised by utilizing detection rules such as Suricata and others
  • an on-the-field mode

    • for emergency response (active spying, device tampering, …) useful for responders in repressive environment
    • conduct forensics analysis and network detection using a pre-installed set of tools
  • an expert mode for technical people to:

    • determine the list of collected data
    • assess regulatory compliance
    • conduct penetration testing
    • analyze malware’s behavior
    • ensure reproducible analysis
    • generate comprehensive reports