Posts by Collection


Extending device and data tracking

Adding parsers for new IE tags in Kismet is relatively simple; there’s a handful of files you need to modify and coding conventions you should follow, howeve...

Creating Kismet datasources

These docs represent a protocol that is still heavily under development - until the first internal implementations are done, it would be unwise to start an i...

Datasource capframework library

These docs represent an API that is still heavily under development - until the first internal implementations are done, it would be unwise to start an indep...

Extending device and data tracking

Once data has been captured (see the datasource docs for more details about creating a data source) and handled by the DLT handler, additional processing can...

Helper tools

Kismet helper tools are external programs which Kismet uses; splitting functionality into an external helper can be for several reasons:

Kismetdb logs

These docs represent a logfile which is under current development; until the first full release is done, the contents of the Kismet log are subject to change...

REST webserver endpoints

Kismet uses a REST-like interface for the embedded webserver, which provides data and accepts commands.

Logins and sessions

Kismet uses HTTP basic-auth to submit login information, and session cookies to retain login state.


Commands are sent via HTTP POST. Command options are sent as a JSON dictionary object in the POST field json


A device is the central record of a tracked entity in Kismet. Clients, bridges, access points, wireless sensors, and any other type of entity seen by Kismet...


Device views Device views are optimized subsets of the global device list. Device views can be defined by PHY handlers, plugins, as part of the base Kismet ...


Kismet uses an internal messagebus system for communicating text messages from system components to the user. The messagebus is used to pass error, state, a...


Kismet alerts notify the user of critical Kismet events and wireless intrusion events. Alerts are generated as messages (sent via the messagebus) and as ale...


System status URL /channels/channels.json


Datasources in Kismet capture information - typically packets - and return them to the Kismet server for processing. Typically, a datasource is analogous to...


Kismet now supports multiple simultaneous GPS devices, and can select the ‘best’ quality device based on priority and GPS signal.

Packet capture

Kismet can export packets in the pcap-ng format; this is a standard, extended version of the traditional pcap format. Tools such as Wireshark (and tshark) c...


Kismet plugins may be active C++ code (loaded as a shared object file) or they may be web content only which is loaded into the UI without requirin...


A Kismet stream is linked to an export of data of prolonged length; for instance, packet capture logs to disk or streamed over the web API.


Kismet uses a centralized logging architecture which manages enabling and tracking the status of logs. The logging system integrates with the streaming syte...

KismetDB logs

If the Kismet Databaselog is enabled, Kismet will expose an API for extracting historic data. If the databaselog is not enabled, these APIs will not be avai...

Phy80211 Wi-Fi

The 802.11 Wi-Fi phy defines extra endpoints for manipulating Wi-Fi devices seen by Kismet, and for extracting packets of special types.

Wi-Fi fingerprinting

The Kismet phy80211 fingerprinting system is used for device whitelisting, device modification alerts, and other device tracking.

UAV / Drones

The UAV/Drone phy defines extra endpoints for matching UAVs based on manufacturer and SSID.

Creating tracked components

Kismet manages complex objects with arbitrary serialization and logging by implementing “tracked elements”; Tracked elements are introspectable in C++ and ca...

Extending the webui - device data

It’s often desireable to display simple data in Kismet as a table. Kismet handles this in the web UI as a jquery plugin, jquery.kismet.devicedata.

Extending the web ui

Kismet self-serves its web UI via the built-in webserver. The web UI can interact with any exposed REST endpoint on the server. Kismet does not currently s...

REST endpoints

Kismet uses a REST-like interface on the embedded web server for providing data and accepting commands. Generally, data is fetched via HTTP GET and commands...

Official Kismet Deb repos

There are automatically-built repositories for Kismet on common Deb-based distributions (Ubuntu and Kali, currently).

Official Kismet packages

There are automatically-built repositories for Kismet on several Linux distributions. More are being added over time, and your distribution may already have...