[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-72540":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":9,"language":10,"languages":9,"totalLinesOfCode":9,"stars":11,"forks":12,"watchers":13,"openIssues":14,"contributorsCount":15,"subscribersCount":15,"size":15,"stars1d":16,"stars7d":17,"stars30d":18,"stars90d":15,"forks30d":15,"starsTrendScore":19,"compositeScore":20,"rankGlobal":9,"rankLanguage":9,"license":21,"archived":22,"fork":22,"defaultBranch":23,"hasWiki":24,"hasPages":22,"topics":25,"createdAt":9,"pushedAt":9,"updatedAt":26,"readmeContent":27,"aiSummary":28,"trendingCount":15,"starSnapshotCount":15,"syncStatus":29,"lastSyncTime":30,"discoverSource":31},72540,"Chasing-Your-Tail-NG","ArgeliusLabs\u002FChasing-Your-Tail-NG","ArgeliusLabs","MUCH Improved version of the Python Chasing Your Tail Tool to help you determine if you're being followed",null,"Python",2303,420,118,12,0,9,17,56,27,91.97,"MIT License",false,"main",true,[],"2026-06-12 04:01:06","# Chasing Your Tail (CYT)\n\nA comprehensive Wi-Fi probe request analyzer that monitors and tracks wireless devices by analyzing their probe requests. The system integrates with Kismet for packet capture and WiGLE API for SSID geolocation analysis, featuring advanced surveillance detection capabilities.\n\n## 🚨 Security Notice\n\nThis project has been security-hardened to eliminate critical vulnerabilities:\n- **SQL injection prevention** with parameterized queries\n- **Encrypted credential management** for API keys\n- **Input validation** and sanitization\n- **Secure ignore list loading** (no more `exec()` calls)\n\n**⚠️ REQUIRED: Run `python3 migrate_credentials.py` before first use to secure your API keys!**\n\n## Features\n\n- **Real-time Wi-Fi monitoring** with Kismet integration\n- **Advanced surveillance detection** with persistence scoring\n- **🆕 Automatic GPS integration** - extracts coordinates from Bluetooth GPS via Kismet\n- **GPS correlation** and location clustering (100m threshold)\n- **Spectacular KML visualization** for Google Earth with professional styling and interactive content\n- **Multi-format reporting** - Markdown, HTML (with pandoc), and KML outputs\n- **Time-window tracking** (5, 10, 15, 20 minute windows)\n- **WiGLE API integration** for SSID geolocation\n- **Multi-location tracking algorithms** for detecting following behavior\n- **Enhanced GUI interface** with surveillance analysis button\n- **Organized file structure** with dedicated output directories\n- **Comprehensive logging** and analysis tools\n\n## Requirements\n\n- Python 3.6+\n- Kismet wireless packet capture\n- Wi-Fi adapter supporting monitor mode\n- Linux-based system\n- WiGLE API key (optional)\n\n## Installation & Setup\n\n### 1. Install Dependencies\n```bash\npip3 install -r requirements.txt\n```\n\n### 2. Security Setup (REQUIRED FIRST TIME)\n```bash\n# Migrate credentials from insecure config.json\npython3 migrate_credentials.py\n\n# Verify security hardening\npython3 chasing_your_tail.py\n# Should show: \"🔒 SECURE MODE: All SQL injection vulnerabilities have been eliminated!\"\n```\n\n### 3. Configure System\nEdit `config.json` with your paths and settings:\n- Kismet database path pattern\n- Log and ignore list directories\n- Time window configurations\n- Geographic search boundaries\n\n## Usage\n\n### GUI Interface\n```bash\npython3 cyt_gui.py  # Enhanced GUI with surveillance analysis\n```\n**GUI Features:**\n- 🗺️ **Surveillance Analysis** button - GPS-correlated persistence detection with spectacular KML visualization\n- 📈 **Analyze Logs** button - Historical probe request analysis\n- Real-time status monitoring and file generation notifications\n\n### Command Line Monitoring\n```bash\n# Start core monitoring (secure)\npython3 chasing_your_tail.py\n\n# Start Kismet (ONLY working script - July 23, 2025 fix)\n.\u002Fstart_kismet_clean.sh\n```\n\n### Data Analysis\n```bash\n# Analyze collected probe data (past 14 days, local only - default)\npython3 probe_analyzer.py\n\n# Analyze past 7 days only\npython3 probe_analyzer.py --days 7\n\n# Analyze ALL logs (may be slow for large datasets)\npython3 probe_analyzer.py --all-logs\n\n# Analyze WITH WiGLE API calls (consumes API credits!)\npython3 probe_analyzer.py --wigle\n```\n\n### Surveillance Detection & Advanced Visualization\n```bash\n# 🆕 NEW: Automatic GPS extraction with spectacular KML visualization\npython3 surveillance_analyzer.py\n\n# Run analysis with demo GPS data (for testing - uses Phoenix coordinates)\npython3 surveillance_analyzer.py --demo\n\n# Analyze specific Kismet database\npython3 surveillance_analyzer.py --kismet-db \u002Fpath\u002Fto\u002Fkismet.db\n\n# Focus on stalking detection with high persistence threshold\npython3 surveillance_analyzer.py --stalking-only --min-persistence 0.8\n\n# Export results to JSON for further analysis\npython3 surveillance_analyzer.py --output-json analysis_results.json\n\n# Analyze with external GPS data from JSON file\npython3 surveillance_analyzer.py --gps-file gps_coordinates.json\n```\n\n### Ignore List Management\n```bash\n# Create new ignore lists from current Kismet data\npython3 legacy\u002Fcreate_ignore_list.py  # Moved to legacy folder\n```\n**Note**: Ignore lists are now stored as JSON files in `.\u002Fignore_lists\u002F`\n\n## Core Components\n\n- **chasing_your_tail.py**: Core monitoring engine with real-time Kismet database queries\n- **cyt_gui.py**: Enhanced Tkinter GUI with surveillance analysis capabilities\n- **surveillance_analyzer.py**: GPS surveillance detection with automatic coordinate extraction and advanced KML visualization\n- **surveillance_detector.py**: Core persistence detection engine for suspicious device patterns\n- **gps_tracker.py**: GPS tracking with location clustering and spectacular Google Earth KML generation\n- **probe_analyzer.py**: Post-processing tool with WiGLE integration\n- **start_kismet_clean.sh**: ONLY working Kismet startup script (July 23, 2025 fix)\n\n### Security Components\n- **secure_database.py**: SQL injection prevention\n- **secure_credentials.py**: Encrypted credential management\n- **secure_ignore_loader.py**: Safe ignore list loading\n- **secure_main_logic.py**: Secure monitoring logic\n- **input_validation.py**: Input sanitization and validation\n- **migrate_credentials.py**: Credential migration tool\n\n## Output Files & Project Structure\n\n### Organized Output Directories\n- **Surveillance Reports**: `.\u002Fsurveillance_reports\u002Fsurveillance_report_YYYYMMDD_HHMMSS.md` (markdown)\n- **HTML Reports**: `.\u002Fsurveillance_reports\u002Fsurveillance_report_YYYYMMDD_HHMMSS.html` (styled HTML with pandoc)\n- **KML Visualizations**: `.\u002Fkml_files\u002Fsurveillance_analysis_YYYYMMDD_HHMMSS.kml` (spectacular Google Earth files)\n- **CYT Logs**: `.\u002Flogs\u002Fcyt_log_MMDDYY_HHMMSS`\n- **Analysis Logs**: `.\u002Fanalysis_logs\u002Fsurveillance_analysis.log`\n- **Probe Reports**: `.\u002Freports\u002Fprobe_analysis_report_YYYYMMDD_HHMMSS.txt`\n\n### Configuration & Data\n- **Ignore Lists**: `.\u002Fignore_lists\u002Fmac_list.json`, `.\u002Fignore_lists\u002Fssid_list.json`\n- **Encrypted Credentials**: `.\u002Fsecure_credentials\u002Fencrypted_credentials.json`\n\n### Archive Directories (Cleaned July 23, 2025)\n- **old_scripts\u002F**: All broken startup scripts with hanging pkill commands\n- **docs_archive\u002F**: Session notes, old configs, backup files, duplicate logs\n- **legacy\u002F**: Original legacy code archive (pre-security hardening)\n\n## Technical Architecture\n\n### Time Window System\nMaintains four overlapping time windows to detect device persistence:\n- Recent: Past 5 minutes\n- Medium: 5-10 minutes ago\n- Old: 10-15 minutes ago\n- Oldest: 15-20 minutes ago\n\n### Surveillance Detection\nAdvanced persistence detection algorithms analyze device behavior patterns:\n- **Temporal Persistence**: Consistent device appearances over time\n- **Location Correlation**: Devices following across multiple locations\n- **Probe Pattern Analysis**: Suspicious SSID probe requests\n- **Timing Analysis**: Unusual appearance patterns\n- **Persistence Scoring**: Weighted scores (0-1.0) based on combined indicators\n- **Multi-location Tracking**: Specialized algorithms for detecting following behavior\n\n### GPS Integration & Spectacular KML Visualization (Enhanced!)\n- **🆕 Automatic GPS extraction** from Kismet database (Bluetooth GPS support)\n- **Location clustering** with 100m threshold for grouping nearby coordinates\n- **Session management** with timeout handling for location transitions\n- **Device-to-location correlation** links Wi-Fi devices to GPS positions\n- **Professional KML generation** with spectacular Google Earth visualizations featuring:\n  - Color-coded persistence level markers (green\u002Fyellow\u002Fred)\n  - Device tracking paths showing movement correlation\n  - Rich interactive balloon content with detailed device intelligence\n  - Activity heatmaps and surveillance intensity zones\n  - Temporal analysis overlays for time-based pattern detection\n- **Multi-location tracking** detects devices following across locations with visual tracking paths\n\n## Configuration\n\nAll settings are centralized in `config.json`:\n```json\n{\n  \"kismet_db_path\": \"\u002Fpath\u002Fto\u002Fkismet\u002F*.kismet\",\n  \"log_directory\": \".\u002Flogs\u002F\",\n  \"ignore_lists_directory\": \".\u002Fignore_lists\u002F\",\n  \"time_windows\": {\n    \"recent\": 5,\n    \"medium\": 10,\n    \"old\": 15,\n    \"oldest\": 20\n  }\n}\n```\n\nWiGLE API credentials are now securely encrypted in `secure_credentials\u002Fencrypted_credentials.json`.\n\n## Security Features\n\n- **Parameterized SQL queries** prevent injection attacks\n- **Encrypted credential storage** protects API keys\n- **Input validation** prevents malicious input\n- **Audit logging** tracks all security events\n- **Safe ignore list loading** eliminates code execution risks\n\n## Author\n\n@matt0177\n\n## License\n\nMIT License\n\n## Disclaimer\n\nThis tool is intended for legitimate security research, network administration, and personal safety purposes. Users are responsible for complying with all applicable laws and regulations in their jurisdiction.","Chasing Your Tail (CYT) 是一个改进版的Wi-Fi探针请求分析工具，旨在帮助用户检测是否被跟踪。其核心功能包括实时Wi-Fi监控、高级监视检测和自动GPS集成等，通过与Kismet和WiGLE API的结合使用，能够提供精准的位置分析和可视化报告。项目特别注重安全性，采取了SQL注入预防、加密凭证管理和输入验证等多项措施以保护用户数据。适用于需要进行无线设备追踪分析或安全监测的场景，如个人隐私保护、企业安全管理等领域。",2,"2026-06-11 03:42:29","high_star"]