Code Monkey home page Code Monkey logo

spyguard's Introduction

title

Description

SpyGuard is a forked and enhanced version of TinyCheck, developed by the same author when he was working at Kaspersky. SpyGuard's main objective is to detect signs of compromise by monitoring network flows transmitted by a device.

As it uses WiFi, SpyGuard can be used against a wide range of devices, such as smartphones, laptops, IOTs or workstations. To do its job, the analysis engine of SpyGuard is using Indicators of Compromise (IOCs), anomaly detection and is supported by Suricata.

Installation

You need a debian-like operating system to install it easly by using the provided bash script. Once you've cloned the repository, just launch install.sh as root. Here are the command lines to do that:

cd /tmp/ && git clone https://github.com/SpyGuard/spyguard
cd spyguard && sudo bash install.sh

Once installed, you can go to the backend interface located at https://localhost:8443 to manage the device and setup the right network interfaces to get it working. Please look at the dedicated wiki page to get some tips regarding it.

Please check prior the installation that your Linux distribution is using nmcli to manage networks. If you want to install it on a Raspberry Pi you need to activate it via the raspi-config interface.

Smartphone analysis best practices

  • Do the interception in a public place (library, restaurant...) or common place (office, home...);
  • Intercept the network communications of the device for at least 10 minutes;
  • Interact with the analysed device during the interception (reboot it, take a photo, send a message...);

SpyGuard and Stalkerware threat

The indicators of compromise (IOCs) linked to stalkerware are now fully managed by ECHAP, a French association working against cyberviolence. Even though stalkerware still remains a threat, remember that most of digital violence and surveillance is done by using simple means, such as hacking cloud & mail accounts. Therefore, we encourage you to consult the ECHAP guides and apply their advice to your digital life alongside of device checks.

It is worth mentioning that the IOCs are distributed under the Creative Common BY-NC-SA licence. This imply a non commercial use of them. Please respect this licence and ask ECHAP for any question related to that.

Commercial use

You can use SpyGuard in a commercial product. However, you can't use SpyGuard as the name of your product and you’re still required to follow the terms and conditions that the Apache License imposes, like refering to the SpyGuard project in customer documentation. Moreover, a sweet note to explain your use to the author is always appreciated, please see the contact below.

Contact

If you need an express help or have a specific demand/question, do not hesitate to contact the author via Twitter or by sending an email at [email protected]. A bug? Do not hesitate to open a new issue.

They have contributed to or helped this project

  

To work, Spyguard is using a lot of awesome opensource projects, libraries, and fonts, kudos to them:

Dumpcap, Dig, Suricata, NetworkManager, Python, VueJS, Pip, pydig, pymisp, netaddr, pyyaml, flask, flask_httpauth, pyjwt, sqlalchemy, psutil, pyudev, qrcode, netifaces, weasyprint, python-whois, publicsuffix2, six, Exo2 font, Virtual Keyboard, OpenSSL, Spectre CSS.

Icons and design created via Figma, list of active TOR nodes taken from Dan.me.uk

spyguard's People

Contributors

felixaime avatar spyguard avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.