Posts by Collection

docs

Helper tools

The Kismet external tool API defines how Kismet talks to capture and helper binaries.

Kismetdb logs

The kismetdb log file is the new unified system for storing data, state, snapshots, devices, and all other info in Kismet.

Creating Kismet plugins

Kismet plugins can change server behavior (via C++ plugins), interface behavior (via Javascript), or both

Exploring endpoints

Exploring the REST API should be simple, here’s how to get the most out of the endpoints and self-documenting fields.

Serialization types

Data can be serialized in several different ways, as traditional JSON, streaming pseudo-JSON for large queries, and as ‘pretty’ output for learning the API.

Logins and sessions

Kismet uses a standard login and session cookie system which is easily supported by most HTTP libraries.

Commands

Commands (actionable API calls) use a common method for defining arguments and options.

Devices

Device listing, sorting, and related interfaces.

Device views

A common ‘device view’ API which is used by many components of Kismet to present different views of the device data while retaining identical API calls.

Messages

Kismet exposes the console messages via the messagebus API.

Alerts

The alerts API allows for fetching raised alerts, defining new custom alerts purely via the API interface, and raising alerts via the API interface, allowing...

Channels

Observed channels and channel traffic API.

Datasources

APIs for accessing defined, and potential, datasources, as well as controlling the behavior of datasources.

GPS

Supported GPS devices, defined GPS devices, and current location information.

Packet capture

Access the packet stream live with optional datasource and device filtering.

Filters

Dynamically control filtering options to include or exclude devices and packets; the filtering API is used by multiple components in Kismet to define filters.

Plugins

Information about running Kismet plugins.

Streams

Logging and long-running live exports of data are classified as streams and can be observed and manipulated via the stream API.

Logging

View and control logging attributes live.

Points of interest

Points-of-interest can be tagged live, allowing for integration of physical buttons or other scripts to make a kismetdb entry for future analysis.

KismetDB logs

Kismet stores all of its information in the kismetdb log; by exposing interfaces to the kismetdb log via the REST api, it becomes possible to access not only...

Phy80211 Wi-Fi

The 802.11 Wi-Fi subsystem defines a set of Wi-Fi specific APIs for accessing information about APs, related devices, and more.

Wi-Fi fingerprinting

Live manipulation of the fingerprinting system, which will be used in the future for whitelisting, alerts, and complex Wi-Fi device tracking.

Phy802.11 SSID Scan module

Still under development, the ssidscan module will allow for targetting devices by SSID and automatically searching for behavior.

UAV / Drones

Kismet can track additional information about UAV/Drone/Quadcopter devices based on manufacturer, SSID, and packet contents.

Creating tracked components

The tracked_component system is the Kismet internal architecture for introspectable and serializable data storage, and is used to define tracked structures l...

Extending the web ui

The web UI can be extended via Javascript and the UI pluggable interface, allowing for alterations and entirely new web UI systems.

Git and Beta

Welcome to the new, MAJOR rewrite of Kismet! If you’re using the Git and Beta versions, you’ll want to do some housekeeping…

Compiling quickstart

Kismet has many many configuration knobs and options, but check here for the quickest way to get Kismet working with the latest release (or git version) and ...

Official Kismet packages

Most distributions will not have the latest Kismet versions, but you can install the official Kismet packages for many common distros and platforms.

Installing Kismet: SUID vs Non-SUID

Kismet can be installed and configured multiple ways; the most secure is to allow Kismet to be installed suidroot and executable by users in the kismet group...

Starting Kismet

When starting Kismet you can define multiple options on the command line, config files, or perform many operations via the web interface.

Upgrading

If you’re upgrading from the old Kismet legacy release, or following the new git code, you may need to do some special care and feeding of your setup when yo...

Debugging

As hard as we try, everything has bugs. If you’re having trouble with Kismet, here’s how to help with the debugging!

Config Files

Kismet has a large set of options which can be configured via configuration files - and sanely managed during upgrades with kismet_site.conf

Packaging

Recommendations for package maintainers

Logging

Kismet has many logging options; here’s how to pick which options you need.

Data sources

Data sources are how Kismet gets packets (and packet-like) data; many can be automatically configured but some need special options.

Wi-Fi sources

Wi-Fi (802.11) data sources capture packets from an interface in monitor mode.

Bluetooth sources

Bluetooth datasources capture BT and BTLE scanning and advertised data.

SDR rtl433 sources

SDR-based rtl433 sources use the rtl-sdr radio to capture a wide range of sensors, thermometers, and switches.

SDR rtlamr sources

SDR-based rtlamr sources use the rtl-sdr radio to capture AMR based power and water meter readings.

SDR rtladsb sources

SDR-based rtladsb sources use the rtl-sdr radio to capture airplane ADSB/Mode-S location and telemetry packets.

nRF Mousejack sources

nRF Mosuejack based datasources use a nRF USB device to detect many common wireless keyboards and mice.

Alerts and WIDS

Kismet can also function as a WIDS (Wireless Intrusion Detection System) with configurable alerts.

Remote capture

Remote network capture allows Kismet to receive packets from distributed sensors installed on other hardware, such as OpenWRT routers.

Webserver

The Kismet webserver has many optional configuration values which can be tuned in the config files.

GPS

Kismet can use serial, network, and USB GPS receivers to track the location where signals are seen.

Performance and Memory Tuning

Tuning options for performance and memory can resolve issues when dealing with very large data sets or very small servers.

Kismet and Wigle

Kismetdb logs can be easily exported to the wigle CSV format for uploading.

Kismetdb to JSON

Kismetdb logs can be exported to JSON records describing all seen devices, making it easy to process capture history.

Stripping Kismetdb packet data

Kismetdb logs typically contain packet data; sometimes you may wish to strip the packet contents while keeping the device records.

Kismetdb Statistics

Quick summarization of kismetdb logs, with optional JSON output for scripting an index of captured log data.

Kismet and KML

Kismetdb logs can be easily exported to KML for use with Google Earth

Included libraries

Kismet wouldn’t be possible without other open source projects and includes several open source libraries.