A Multitool For Tracking And Locating Nearby Devices Via Their RF Activities.
With dBmonster, you are able to scan for nearby WiFi devices and track them through the signal strength (dBm) of their sent packets. Therefore, you can identify the exact location of nearby WiFi devices (use a directional WiFi antenna for the best results) or find out in which direction your (self made) antenna works the best (antenna radiation patterns).In addition, there are features such as tracking the signal strength of packet types that are often abused in WiFi attacks (ex. Deauthentication Frames) to determine the location of someone attacking your network.You can also check for devices that are sending Probe Requests for an unusual long time. You will then be notified when dBmonster detects that a stalker’s device is following you (inspiration: Matt Edmondson’s BlackHat article).All in all, it's a multitool for tracking and locating nearby devices via their activities in the radio frequency range.
Feature | Linux | MacOS |
---|---|---|
Listing WiFi interfaces | ✅ | ✅ |
Track & scan on 2.4GHz | ✅ | ✅ |
Track & scan on 5GHz | ✅ | ✅ |
Track 802.11 frames (ex. deauth. frames) | ✅ | ✅ |
Track & scan PCAP files | ✅ | ✅ |
Detection of potential stalkers | ✅ | ✅ |
Scanning for AP | ✅ | ✅ |
Scanning for STA | ✅ | ☑️ |
MAC Address Information Gathering (OSINT) | ✅ | ✅ |
Voice notification when device is found | ✅ | ✅ |
git clone https://github.com/90N45-d3v/dBmonster
cd dBmonster
# Install required tools (On MacOS without sudo)
sudo python requirements.py
# Start dBmonster
sudo python dBmonster.py
Platform 💻 | WiFi Adapter 📡 |
---|---|
Kali Linux | ALFA AWUS036NHA, DIY Bi-Quad WiFi Antenna |
MacOS Ventura | Internal card 802.11 a/b/g/n/ac (MBP 2019) |
Normally, you can only enable monitor-mode on the internal wifi card from MacOS with the airport utility from Apple. Somehow, wireshark (or here TShark) can enable it too on MacOS. Cool, but because of the MacOS system and Wireshark’s workaround, there are many issues running dBmonster on MacOS. After some time, it could freeze and/or you have to stop dBmonster/TShark manually from the CLI with the ps
command. If you want to run it anyway, here are some helpful tips:
Look if there are any processes, named dBmonster, tshark or python:
sudo ps -U root
Now kill them with the following command:
sudo kill <PID OF PROCESS>
sudo airport <WiFi INTERFACE NAME> sniff
Press control + c after a few seconds