Tool Documentation:

Screenshots

kismet

kismet

kismet_client

root@kali:~# kismet_client -h
Usage: kismet_client [OPTION]
 *** Generic Options ***
 -h, --help                   The obvious

kismet_drone

root@kali:~# kismet_drone -h
Usage: kismet_drone [OPTION]
Nearly all of these options are run-time overrides for values in the
kismet.conf configuration file.  Permanent changes should be made to
the configuration file.
 *** Generic Options ***
 -f, --config-file            Use alternate configuration file
     --no-line-wrap           Turn of linewrapping of output
                              (for grep, speed, etc)
 -s, --silent                 Turn off stdout output after setup phase
     --daemonize              Spawn detatched in the background

 *** Kismet Remote Drone Options ***
     --drone-listen           Override Kismet drone listen options

 *** Packet Capture Source Options ***
 -c, --capture-source         Specify a new packet capture source
                              (Identical syntax to the config file)
 -C, --enable-capture-sources Enable capture sources (comma-separated
                              list of names or interfaces)

kismet_server Usage Example

Start the Kismet server, using the wireless interface as the capture source (-c wlan0) and use the external GPSD option (–use-gpsd-gps):

root@kali:~# kismet_server -c wlan0 --use-gpsd-gps
ERROR: Kismet was started as root, NOT launching external control binary.
       This is NOT the preferred method of starting Kismet as Kismet will
       continue to run as root the entire time.  Please read the README
       file section about Installation & Security and be sure this is what
       you want to do.
INFO: Reading from config file /etc/kismet/kismet.conf
INFO: No 'dronelisten' config line and no command line drone-listen
      argument given, Kismet drone server will not be enabled.
INFO: Created alert tracker...
INFO: Creating device tracker...
INFO: Registered 80211 PHY as id


Packages and Binaries:

kismet

Kismet is a wireless network and device detector, sniffer, wardriving tool, and WIDS (wireless intrusion detection) framework.

Kismet works with Wi-Fi interfaces, Bluetooth interfaces, some SDR (software defined radio) hardware like the RTLSDR, and other specialized capture hardware.

This is a metapackage containing the kismet tools.

Installed size: 23 KB
How to install: sudo apt install kismet

Dependencies:
  • kismet-capture-hak5-wifi-coconut
  • kismet-capture-linux-bluetooth
  • kismet-capture-linux-wifi
  • kismet-capture-nrf-51822
  • kismet-capture-nrf-52840
  • kismet-capture-nrf-mousejack
  • kismet-capture-nxp-kw41z
  • kismet-capture-rz-killerbee
  • kismet-capture-ti-cc-2531
  • kismet-capture-ti-cc-2540
  • kismet-capture-ubertooth-one
  • kismet-core
  • kismet-logtools
  • python3-kismetcapturebtgeiger
  • python3-kismetcapturefreaklabszigbee
  • python3-kismetcapturertl433
  • python3-kismetcapturertladsb
  • python3-kismetcapturertlamr

kismet-capture-common

Kismet is a wireless network and device detector, sniffer, wardriving tool, and WIDS (wireless intrusion detection) framework.

Kismet works with Wi-Fi interfaces, Bluetooth interfaces, some SDR (software defined radio) hardware like the RTLSDR, and other specialized capture hardware.

This package contains the debconf files for setuid capture binaries.

Installed size: 42 KB
How to install: sudo apt install kismet-capture-common

Dependencies:
  • adduser
  • debconf | debconf-2.0

kismet-capture-hak5-wifi-coconut

Kismet is a wireless network and device detector, sniffer, wardriving tool, and WIDS (wireless intrusion detection) framework.

Kismet works with Wi-Fi interfaces, Bluetooth interfaces, some SDR (software defined radio) hardware like the RTLSDR, and other specialized capture hardware.

This package contains the Kismet Hak5 WiFi Coconut capture helper.

Installed size: 296 KB
How to install: sudo apt install kismet-capture-hak5-wifi-coconut

Dependencies:
  • debconf | debconf-2.0
  • kismet-capture-common
  • libc6
  • libcap2
  • libprotobuf-c1
  • libusb-1.0-0
  • libwebsockets19t64
kismet_cap_hak5_wifi_coconut
root@kali:~# kismet_cap_hak5_wifi_coconut -h
kismet_cap_hak5_wifi_coconut is a capture driver for Kismet.  Typically it is started
automatically by the Kismet server.

kismet_cap_hak5_wifi_coconut supports sending data to a remote Kismet server
usage: kismet_cap_hak5_wifi_coconut [options]
 --connect [host]:[port]      Connect to remote Kismet server on [host] and [port]; by
                               default this now uses the new websockets interface built
                               into the Kismet webserver on port 2501; to connect using
                               the legacy remote capture protocol, specify the '--tcp'
                               option and the appropriate port, by default port 3501.
 --tcp                        Use the legacy TCP remote capture protocol, when combined
                               with the --connect option.  The modern protocol uses 
                               websockets built into the Kismet server and does not
                               need this option.
 --ssl                        Use SSL to connect to a websocket-enabled Kismet server
 --ssl-certificate [certfile] Use SSL to connect to a websocket-enabled Kismet server
                               and use the provided certificate authority certificate
                               to validate the server.
 --user [username]            Kismet username for a websockets-based remote capture
                               source.  A username and password, or an API key, are
                               required for websockets mode.  A username and password
                               are ONLY used in websockets mode.
 --password [password]        Kismet password for a websockets-based remote capture source.
                               A username and password, or an API key, are required for
                               websocket mode.  A username and password are ONLY used in
                               websockets mode.
 --apikey [api key]           A Kismet API key for the 'datasource' role; this may be
                               supplied instead of a username and password for websockets
                               based remote capture.  An API key is ONLY used in websockets
                               mode.
 --endpoint [endpoint]        An alternate endpoint for the websockets connection.  By
                               default remote datasources are terminated at
                                 /datasource/remote/remotesource.ws
                               This should typically only be changed when using a HTTP proxy
                               homing the Kismet service under a directory.  Endpoints 
                               should include the full path to the websocket endpoint, for
                               example:
                                 --endpoint=/kismet/proxy/datasource/remote/remotesource.ws
 --source [source def]        Specify a source to send to the remote 
                              Kismet server; only used in conjunction with remote capture.
 --disable-retry              Do not attempt to reconnect to a remote server if there is an
                               error; exit immediately.  By default a remote capture will
                               attempt to reconnect indefinitely if the server is not
                               available.
 --fixed-gps [lat,lon,alt]    Set a fixed location for this capture (remote only),
                               accepts lat,lon,alt or lat,lon
 --gps-name [name]            Set an alternate GPS name for this source
 --daemonize                  Background the capture tool and enter daemon mode.
 --list                       List supported devices detected
 --autodetect [uuid:optional] Look for a Kismet server in announcement mode, optionally 
                              waiting for a specific server UUID to be seen.  Requires 
                              a Kismet server configured for announcement mode.

kismet-capture-linux-bluetooth

Kismet is a wireless network and device detector, sniffer, wardriving tool, and WIDS (wireless intrusion detection) framework.

Kismet works with Wi-Fi interfaces, Bluetooth interfaces, some SDR (software defined radio) hardware like the RTLSDR, and other specialized capture hardware.

This package contains the Kismet Linux Bluetooth capture helper.

Installed size: 180 KB
How to install: sudo apt install kismet-capture-linux-bluetooth

Dependencies:
  • debconf | debconf-2.0
  • kismet-capture-common
  • libc6
  • libcap2
  • libprotobuf-c1
  • libwebsockets19t64
kismet_cap_linux_bluetooth
root@kali:~# kismet_cap_linux_bluetooth -h
kismet_cap_linux_bluetooth is a capture driver for Kismet.  Typically it is started
automatically by the Kismet server.

kismet_cap_linux_bluetooth supports sending data to a remote Kismet server
usage: kismet_cap_linux_bluetooth [options]
 --connect [host]:[port]      Connect to remote Kismet server on [host] and [port]; by
                               default this now uses the new websockets interface built
                               into the Kismet webserver on port 2501; to connect using
                               the legacy remote capture protocol, specify the '--tcp'
                               option and the appropriate port, by default port 3501.
 --tcp                        Use the legacy TCP remote capture protocol, when combined
                               with the --connect option.  The modern protocol uses 
                               websockets built into the Kismet server and does not
                               need this option.
 --ssl                        Use SSL to connect to a websocket-enabled Kismet server
 --ssl-certificate [certfile] Use SSL to connect to a websocket-enabled Kismet server
                               and use the provided certificate authority certificate
                               to validate the server.
 --user [username]            Kismet username for a websockets-based remote capture
                               source.  A username and password, or an API key, are
                               required for websockets mode.  A username and password
                               are ONLY used in websockets mode.
 --password [password]        Kismet password for a websockets-based remote capture source.
                               A username and password, or an API key, are required for
                               websocket mode.  A username and password are ONLY used in
                               websockets mode.
 --apikey [api key]           A Kismet API key for the 'datasource' role; this may be
                               supplied instead of a username and password for websockets
                               based remote capture.  An API key is ONLY used in websockets
                               mode.
 --endpoint [endpoint]        An alternate endpoint for the websockets connection.  By
                               default remote datasources are terminated at
                                 /datasource/remote/remotesource.ws
                               This should typically only be changed when using a HTTP proxy
                               homing the Kismet service under a directory.  Endpoints 
                               should include the full path to the websocket endpoint, for
                               example:
                                 --endpoint=/kismet/proxy/datasource/remote/remotesource.ws
 --source [source def]        Specify a source to send to the remote 
                              Kismet server; only used in conjunction with remote capture.
 --disable-retry              Do not attempt to reconnect to a remote server if there is an
                               error; exit immediately.  By default a remote capture will
                               attempt to reconnect indefinitely if the server is not
                               available.
 --fixed-gps [lat,lon,alt]    Set a fixed location for this capture (remote only),
                               accepts lat,lon,alt or lat,lon
 --gps-name [name]            Set an alternate GPS name for this source
 --daemonize                  Background the capture tool and enter daemon mode.
 --list                       List supported devices detected
 --autodetect [uuid:optional] Look for a Kismet server in announcement mode, optionally 
                              waiting for a specific server UUID to be seen.  Requires 
                              a Kismet server configured for announcement mode.

kismet-capture-linux-wifi

Kismet is a wireless network and device detector, sniffer, wardriving tool, and WIDS (wireless intrusion detection) framework.

Kismet works with Wi-Fi interfaces, Bluetooth interfaces, some SDR (software defined radio) hardware like the RTLSDR, and other specialized capture hardware.

This package contains the Kismet Linux Wi-Fi capture helper.

Installed size: 249 KB
How to install: sudo apt install kismet-capture-linux-wifi

Dependencies:
  • debconf | debconf-2.0
  • kismet-capture-common
  • libc6
  • libcap2
  • libglib2.0-0t64
  • libnl-3-200
  • libnl-genl-3-200
  • libnm0
  • libpcap0.8t64
  • libprotobuf-c1
  • libwebsockets19t64
kismet_cap_linux_wifi
root@kali:~# kismet_cap_linux_wifi -h
kismet_cap_linux_wifi is a capture driver for Kismet.  Typically it is started
automatically by the Kismet server.

kismet_cap_linux_wifi supports sending data to a remote Kismet server
usage: kismet_cap_linux_wifi [options]
 --connect [host]:[port]      Connect to remote Kismet server on [host] and [port]; by
                               default this now uses the new websockets interface built
                               into the Kismet webserver on port 2501; to connect using
                               the legacy remote capture protocol, specify the '--tcp'
                               option and the appropriate port, by default port 3501.
 --tcp                        Use the legacy TCP remote capture protocol, when combined
                               with the --connect option.  The modern protocol uses 
                               websockets built into the Kismet server and does not
                               need this option.
 --ssl                        Use SSL to connect to a websocket-enabled Kismet server
 --ssl-certificate [certfile] Use SSL to connect to a websocket-enabled Kismet server
                               and use the provided certificate authority certificate
                               to validate the server.
 --user [username]            Kismet username for a websockets-based remote capture
                               source.  A username and password, or an API key, are
                               required for websockets mode.  A username and password
                               are ONLY used in websockets mode.
 --password [password]        Kismet password for a websockets-based remote capture source.
                               A username and password, or an API key, are required for
                               websocket mode.  A username and password are ONLY used in
                               websockets mode.
 --apikey [api key]           A Kismet API key for the 'datasource' role; this may be
                               supplied instead of a username and password for websockets
                               based remote capture.  An API key is ONLY used in websockets
                               mode.
 --endpoint [endpoint]        An alternate endpoint for the websockets connection.  By
                               default remote datasources are terminated at
                                 /datasource/remote/remotesource.ws
                               This should typically only be changed when using a HTTP proxy
                               homing the Kismet service under a directory.  Endpoints 
                               should include the full path to the websocket endpoint, for
                               example:
                                 --endpoint=/kismet/proxy/datasource/remote/remotesource.ws
 --source [source def]        Specify a source to send to the remote 
                              Kismet server; only used in conjunction with remote capture.
 --disable-retry              Do not attempt to reconnect to a remote server if there is an
                               error; exit immediately.  By default a remote capture will
                               attempt to reconnect indefinitely if the server is not
                               available.
 --fixed-gps [lat,lon,alt]    Set a fixed location for this capture (remote only),
                               accepts lat,lon,alt or lat,lon
 --gps-name [name]            Set an alternate GPS name for this source
 --daemonize                  Background the capture tool and enter daemon mode.
 --list                       List supported devices detected
 --autodetect [uuid:optional] Look for a Kismet server in announcement mode, optionally 
                              waiting for a specific server UUID to be seen.  Requires 
                              a Kismet server configured for announcement mode.

kismet-capture-nrf-51822

Kismet is a wireless network and device detector, sniffer, wardriving tool, and WIDS (wireless intrusion detection) framework.

Kismet works with Wi-Fi interfaces, Bluetooth interfaces, some SDR (software defined radio) hardware like the RTLSDR, and other specialized capture hardware.

This package contains the NRF51822 BTLE Sniffer capture helper.

Installed size: 172 KB
How to install: sudo apt install kismet-capture-nrf-51822

Dependencies:
  • debconf | debconf-2.0
  • kismet-capture-common
  • libc6
  • libcap2
  • libprotobuf-c1
  • libwebsockets19t64
kismet_cap_nrf_51822
root@kali:~# kismet_cap_nrf_51822 -h
kismet_cap_nrf_51822 is a capture driver for Kismet.  Typically it is started
automatically by the Kismet server.

kismet_cap_nrf_51822 supports sending data to a remote Kismet server
usage: kismet_cap_nrf_51822 [options]
 --connect [host]:[port]      Connect to remote Kismet server on [host] and [port]; by
                               default this now uses the new websockets interface built
                               into the Kismet webserver on port 2501; to connect using
                               the legacy remote capture protocol, specify the '--tcp'
                               option and the appropriate port, by default port 3501.
 --tcp                        Use the legacy TCP remote capture protocol, when combined
                               with the --connect option.  The modern protocol uses 
                               websockets built into the Kismet server and does not
                               need this option.
 --ssl                        Use SSL to connect to a websocket-enabled Kismet server
 --ssl-certificate [certfile] Use SSL to connect to a websocket-enabled Kismet server
                               and use the provided certificate authority certificate
                               to validate the server.
 --user [username]            Kismet username for a websockets-based remote capture
                               source.  A username and password, or an API key, are
                               required for websockets mode.  A username and password
                               are ONLY used in websockets mode.
 --password [password]        Kismet password for a websockets-based remote capture source.
                               A username and password, or an API key, are required for
                               websocket mode.  A username and password are ONLY used in
                               websockets mode.
 --apikey [api key]           A Kismet API key for the 'datasource' role; this may be
                               supplied instead of a username and password for websockets
                               based remote capture.  An API key is ONLY used in websockets
                               mode.
 --endpoint [endpoint]        An alternate endpoint for the websockets connection.  By
                               default remote datasources are terminated at
                                 /datasource/remote/remotesource.ws
                               This should typically only be changed when using a HTTP proxy
                               homing the Kismet service under a directory.  Endpoints 
                               should include the full path to the websocket endpoint, for
                               example:
                                 --endpoint=/kismet/proxy/datasource/remote/remotesource.ws
 --source [source def]        Specify a source to send to the remote 
                              Kismet server; only used in conjunction with remote capture.
 --disable-retry              Do not attempt to reconnect to a remote server if there is an
                               error; exit immediately.  By default a remote capture will
                               attempt to reconnect indefinitely if the server is not
                               available.
 --fixed-gps [lat,lon,alt]    Set a fixed location for this capture (remote only),
                               accepts lat,lon,alt or lat,lon
 --gps-name [name]            Set an alternate GPS name for this source
 --daemonize                  Background the capture tool and enter daemon mode.
 --list                       List supported devices detected
 --autodetect [uuid:optional] Look for a Kismet server in announcement mode, optionally 
                              waiting for a specific server UUID to be seen.  Requires 
                              a Kismet server configured for announcement mode.

kismet-capture-nrf-52840

Kismet is a wireless network and device detector, sniffer, wardriving tool, and WIDS (wireless intrusion detection) framework.

Kismet works with Wi-Fi interfaces, Bluetooth interfaces, some SDR (software defined radio) hardware like the RTLSDR, and other specialized capture hardware.

This package contains the NRF52840 BTLE Sniffer capture helper.

Installed size: 172 KB
How to install: sudo apt install kismet-capture-nrf-52840

Dependencies:
  • debconf | debconf-2.0
  • kismet-capture-common
  • libc6
  • libcap2
  • libprotobuf-c1
  • libwebsockets19t64
kismet_cap_nrf_52840
root@kali:~# kismet_cap_nrf_52840 -h
kismet_cap_nrf_52840 is a capture driver for Kismet.  Typically it is started
automatically by the Kismet server.

kismet_cap_nrf_52840 supports sending data to a remote Kismet server
usage: kismet_cap_nrf_52840 [options]
 --connect [host]:[port]      Connect to remote Kismet server on [host] and [port]; by
                               default this now uses the new websockets interface built
                               into the Kismet webserver on port 2501; to connect using
                               the legacy remote capture protocol, specify the '--tcp'
                               option and the appropriate port, by default port 3501.
 --tcp                        Use the legacy TCP remote capture protocol, when combined
                               with the --connect option.  The modern protocol uses 
                               websockets built into the Kismet server and does not
                               need this option.
 --ssl                        Use SSL to connect to a websocket-enabled Kismet server
 --ssl-certificate [certfile] Use SSL to connect to a websocket-enabled Kismet server
                               and use the provided certificate authority certificate
                               to validate the server.
 --user [username]            Kismet username for a websockets-based remote capture
                               source.  A username and password, or an API key, are
                               required for websockets mode.  A username and password
                               are ONLY used in websockets mode.
 --password [password]        Kismet password for a websockets-based remote capture source.
                               A username and password, or an API key, are required for
                               websocket mode.  A username and password are ONLY used in
                               websockets mode.
 --apikey [api key]           A Kismet API key for the 'datasource' role; this may be
                               supplied instead of a username and password for websockets
                               based remote capture.  An API key is ONLY used in websockets
                               mode.
 --endpoint [endpoint]        An alternate endpoint for the websockets connection.  By
                               default remote datasources are terminated at
                                 /datasource/remote/remotesource.ws
                               This should typically only be changed when using a HTTP proxy
                               homing the Kismet service under a directory.  Endpoints 
                               should include the full path to the websocket endpoint, for
                               example:
                                 --endpoint=/kismet/proxy/datasource/remote/remotesource.ws
 --source [source def]        Specify a source to send to the remote 
                              Kismet server; only used in conjunction with remote capture.
 --disable-retry              Do not attempt to reconnect to a remote server if there is an
                               error; exit immediately.  By default a remote capture will
                               attempt to reconnect indefinitely if the server is not
                               available.
 --fixed-gps [lat,lon,alt]    Set a fixed location for this capture (remote only),
                               accepts lat,lon,alt or lat,lon
 --gps-name [name]            Set an alternate GPS name for this source
 --daemonize                  Background the capture tool and enter daemon mode.
 --list                       List supported devices detected
 --autodetect [uuid:optional] Look for a Kismet server in announcement mode, optionally 
                              waiting for a specific server UUID to be seen.  Requires 
                              a Kismet server configured for announcement mode.

kismet-capture-nrf-mousejack

Kismet is a wireless network and device detector, sniffer, wardriving tool, and WIDS (wireless intrusion detection) framework.

Kismet works with Wi-Fi interfaces, Bluetooth interfaces, some SDR (software defined radio) hardware like the RTLSDR, and other specialized capture hardware.

This package contains the Kismet nRF MouseJack capture helper.

Installed size: 176 KB
How to install: sudo apt install kismet-capture-nrf-mousejack

Dependencies:
  • debconf | debconf-2.0
  • kismet-capture-common
  • libc6
  • libcap2
  • libprotobuf-c1
  • libusb-1.0-0
  • libwebsockets19t64
kismet_cap_nrf_mousejack
root@kali:~# kismet_cap_nrf_mousejack -h
kismet_cap_nrf_mousejack is a capture driver for Kismet.  Typically it is started
automatically by the Kismet server.

kismet_cap_nrf_mousejack supports sending data to a remote Kismet server
usage: kismet_cap_nrf_mousejack [options]
 --connect [host]:[port]      Connect to remote Kismet server on [host] and [port]; by
                               default this now uses the new websockets interface built
                               into the Kismet webserver on port 2501; to connect using
                               the legacy remote capture protocol, specify the '--tcp'
                               option and the appropriate port, by default port 3501.
 --tcp                        Use the legacy TCP remote capture protocol, when combined
                               with the --connect option.  The modern protocol uses 
                               websockets built into the Kismet server and does not
                               need this option.
 --ssl                        Use SSL to connect to a websocket-enabled Kismet server
 --ssl-certificate [certfile] Use SSL to connect to a websocket-enabled Kismet server
                               and use the provided certificate authority certificate
                               to validate the server.
 --user [username]            Kismet username for a websockets-based remote capture
                               source.  A username and password, or an API key, are
                               required for websockets mode.  A username and password
                               are ONLY used in websockets mode.
 --password [password]        Kismet password for a websockets-based remote capture source.
                               A username and password, or an API key, are required for
                               websocket mode.  A username and password are ONLY used in
                               websockets mode.
 --apikey [api key]           A Kismet API key for the 'datasource' role; this may be
                               supplied instead of a username and password for websockets
                               based remote capture.  An API key is ONLY used in websockets
                               mode.
 --endpoint [endpoint]        An alternate endpoint for the websockets connection.  By
                               default remote datasources are terminated at
                                 /datasource/remote/remotesource.ws
                               This should typically only be changed when using a HTTP proxy
                               homing the Kismet service under a directory.  Endpoints 
                               should include the full path to the websocket endpoint, for
                               example:
                                 --endpoint=/kismet/proxy/datasource/remote/remotesource.ws
 --source [source def]        Specify a source to send to the remote 
                              Kismet server; only used in conjunction with remote capture.
 --disable-retry              Do not attempt to reconnect to a remote server if there is an
                               error; exit immediately.  By default a remote capture will
                               attempt to reconnect indefinitely if the server is not
                               available.
 --fixed-gps [lat,lon,alt]    Set a fixed location for this capture (remote only),
                               accepts lat,lon,alt or lat,lon
 --gps-name [name]            Set an alternate GPS name for this source
 --daemonize                  Background the capture tool and enter daemon mode.
 --list                       List supported devices detected
 --autodetect [uuid:optional] Look for a Kismet server in announcement mode, optionally 
                              waiting for a specific server UUID to be seen.  Requires 
                              a Kismet server configured for announcement mode.

kismet-capture-nxp-kw41z

Kismet is a wireless network and device detector, sniffer, wardriving tool, and WIDS (wireless intrusion detection) framework.

Kismet works with Wi-Fi interfaces, Bluetooth interfaces, some SDR (software defined radio) hardware like the RTLSDR, and other specialized capture hardware.

This package contains the Kismet NXP KW41Z BTLE and Zigbee Sniffer capture helper.

Installed size: 176 KB
How to install: sudo apt install kismet-capture-nxp-kw41z

Dependencies:
  • debconf | debconf-2.0
  • kismet-capture-common
  • libc6
  • libcap2
  • libprotobuf-c1
  • libwebsockets19t64
kismet_cap_nxp_kw41z
root@kali:~# kismet_cap_nxp_kw41z -h
kismet_cap_nxp_kw41z is a capture driver for Kismet.  Typically it is started
automatically by the Kismet server.

kismet_cap_nxp_kw41z supports sending data to a remote Kismet server
usage: kismet_cap_nxp_kw41z [options]
 --connect [host]:[port]      Connect to remote Kismet server on [host] and [port]; by
                               default this now uses the new websockets interface built
                               into the Kismet webserver on port 2501; to connect using
                               the legacy remote capture protocol, specify the '--tcp'
                               option and the appropriate port, by default port 3501.
 --tcp                        Use the legacy TCP remote capture protocol, when combined
                               with the --connect option.  The modern protocol uses 
                               websockets built into the Kismet server and does not
                               need this option.
 --ssl                        Use SSL to connect to a websocket-enabled Kismet server
 --ssl-certificate [certfile] Use SSL to connect to a websocket-enabled Kismet server
                               and use the provided certificate authority certificate
                               to validate the server.
 --user [username]            Kismet username for a websockets-based remote capture
                               source.  A username and password, or an API key, are
                               required for websockets mode.  A username and password
                               are ONLY used in websockets mode.
 --password [password]        Kismet password for a websockets-based remote capture source.
                               A username and password, or an API key, are required for
                               websocket mode.  A username and password are ONLY used in
                               websockets mode.
 --apikey [api key]           A Kismet API key for the 'datasource' role; this may be
                               supplied instead of a username and password for websockets
                               based remote capture.  An API key is ONLY used in websockets
                               mode.
 --endpoint [endpoint]        An alternate endpoint for the websockets connection.  By
                               default remote datasources are terminated at
                                 /datasource/remote/remotesource.ws
                               This should typically only be changed when using a HTTP proxy
                               homing the Kismet service under a directory.  Endpoints 
                               should include the full path to the websocket endpoint, for
                               example:
                                 --endpoint=/kismet/proxy/datasource/remote/remotesource.ws
 --source [source def]        Specify a source to send to the remote 
                              Kismet server; only used in conjunction with remote capture.
 --disable-retry              Do not attempt to reconnect to a remote server if there is an
                               error; exit immediately.  By default a remote capture will
                               attempt to reconnect indefinitely if the server is not
                               available.
 --fixed-gps [lat,lon,alt]    Set a fixed location for this capture (remote only),
                               accepts lat,lon,alt or lat,lon
 --gps-name [name]            Set an alternate GPS name for this source
 --daemonize                  Background the capture tool and enter daemon mode.
 --list                       List supported devices detected
 --autodetect [uuid:optional] Look for a Kismet server in announcement mode, optionally 
                              waiting for a specific server UUID to be seen.  Requires 
                              a Kismet server configured for announcement mode.

kismet-capture-rz-killerbee

Kismet is a wireless network and device detector, sniffer, wardriving tool, and WIDS (wireless intrusion detection) framework.

Kismet works with Wi-Fi interfaces, Bluetooth interfaces, some SDR (software defined radio) hardware like the RTLSDR, and other specialized capture hardware.

This package contains the Kismet Killerbee Sniffer capture helper.

Installed size: 176 KB
How to install: sudo apt install kismet-capture-rz-killerbee

Dependencies:
  • debconf | debconf-2.0
  • kismet-capture-common
  • libc6
  • libcap2
  • libprotobuf-c1
  • libusb-1.0-0
  • libwebsockets19t64
kismet_cap_rz_killerbee
root@kali:~# kismet_cap_rz_killerbee -h
kismet_cap_rz_killerbee is a capture driver for Kismet.  Typically it is started
automatically by the Kismet server.

kismet_cap_rz_killerbee supports sending data to a remote Kismet server
usage: kismet_cap_rz_killerbee [options]
 --connect [host]:[port]      Connect to remote Kismet server on [host] and [port]; by
                               default this now uses the new websockets interface built
                               into the Kismet webserver on port 2501; to connect using
                               the legacy remote capture protocol, specify the '--tcp'
                               option and the appropriate port, by default port 3501.
 --tcp                        Use the legacy TCP remote capture protocol, when combined
                               with the --connect option.  The modern protocol uses 
                               websockets built into the Kismet server and does not
                               need this option.
 --ssl                        Use SSL to connect to a websocket-enabled Kismet server
 --ssl-certificate [certfile] Use SSL to connect to a websocket-enabled Kismet server
                               and use the provided certificate authority certificate
                               to validate the server.
 --user [username]            Kismet username for a websockets-based remote capture
                               source.  A username and password, or an API key, are
                               required for websockets mode.  A username and password
                               are ONLY used in websockets mode.
 --password [password]        Kismet password for a websockets-based remote capture source.
                               A username and password, or an API key, are required for
                               websocket mode.  A username and password are ONLY used in
                               websockets mode.
 --apikey [api key]           A Kismet API key for the 'datasource' role; this may be
                               supplied instead of a username and password for websockets
                               based remote capture.  An API key is ONLY used in websockets
                               mode.
 --endpoint [endpoint]        An alternate endpoint for the websockets connection.  By
                               default remote datasources are terminated at
                                 /datasource/remote/remotesource.ws
                               This should typically only be changed when using a HTTP proxy
                               homing the Kismet service under a directory.  Endpoints 
                               should include the full path to the websocket endpoint, for
                               example:
                                 --endpoint=/kismet/proxy/datasource/remote/remotesource.ws
 --source [source def]        Specify a source to send to the remote 
                              Kismet server; only used in conjunction with remote capture.
 --disable-retry              Do not attempt to reconnect to a remote server if there is an
                               error; exit immediately.  By default a remote capture will
                               attempt to reconnect indefinitely if the server is not
                               available.
 --fixed-gps [lat,lon,alt]    Set a fixed location for this capture (remote only),
                               accepts lat,lon,alt or lat,lon
 --gps-name [name]            Set an alternate GPS name for this source
 --daemonize                  Background the capture tool and enter daemon mode.
 --list                       List supported devices detected
 --autodetect [uuid:optional] Look for a Kismet server in announcement mode, optionally 
                              waiting for a specific server UUID to be seen.  Requires 
                              a Kismet server configured for announcement mode.

kismet-capture-ti-cc-2531

Kismet is a wireless network and device detector, sniffer, wardriving tool, and WIDS (wireless intrusion detection) framework.

Kismet works with Wi-Fi interfaces, Bluetooth interfaces, some SDR (software defined radio) hardware like the RTLSDR, and other specialized capture hardware.

This package contains the Kismet TICC2531 802.15.4 Zigbee Sniffer capture helper.

Installed size: 176 KB
How to install: sudo apt install kismet-capture-ti-cc-2531

Dependencies:
  • debconf | debconf-2.0
  • kismet-capture-common
  • libc6
  • libcap2
  • libprotobuf-c1
  • libusb-1.0-0
  • libwebsockets19t64
kismet_cap_ti_cc_2531
root@kali:~# kismet_cap_ti_cc_2531 -h
kismet_cap_ti_cc_2531 is a capture driver for Kismet.  Typically it is started
automatically by the Kismet server.

kismet_cap_ti_cc_2531 supports sending data to a remote Kismet server
usage: kismet_cap_ti_cc_2531 [options]
 --connect [host]:[port]      Connect to remote Kismet server on [host] and [port]; by
                               default this now uses the new websockets interface built
                               into the Kismet webserver on port 2501; to connect using
                               the legacy remote capture protocol, specify the '--tcp'
                               option and the appropriate port, by default port 3501.
 --tcp                        Use the legacy TCP remote capture protocol, when combined
                               with the --connect option.  The modern protocol uses 
                               websockets built into the Kismet server and does not
                               need this option.
 --ssl                        Use SSL to connect to a websocket-enabled Kismet server
 --ssl-certificate [certfile] Use SSL to connect to a websocket-enabled Kismet server
                               and use the provided certificate authority certificate
                               to validate the server.
 --user [username]            Kismet username for a websockets-based remote capture
                               source.  A username and password, or an API key, are
                               required for websockets mode.  A username and password
                               are ONLY used in websockets mode.
 --password [password]        Kismet password for a websockets-based remote capture source.
                               A username and password, or an API key, are required for
                               websocket mode.  A username and password are ONLY used in
                               websockets mode.
 --apikey [api key]           A Kismet API key for the 'datasource' role; this may be
                               supplied instead of a username and password for websockets
                               based remote capture.  An API key is ONLY used in websockets
                               mode.
 --endpoint [endpoint]        An alternate endpoint for the websockets connection.  By
                               default remote datasources are terminated at
                                 /datasource/remote/remotesource.ws
                               This should typically only be changed when using a HTTP proxy
                               homing the Kismet service under a directory.  Endpoints 
                               should include the full path to the websocket endpoint, for
                               example:
                                 --endpoint=/kismet/proxy/datasource/remote/remotesource.ws
 --source [source def]        Specify a source to send to the remote 
                              Kismet server; only used in conjunction with remote capture.
 --disable-retry              Do not attempt to reconnect to a remote server if there is an
                               error; exit immediately.  By default a remote capture will
                               attempt to reconnect indefinitely if the server is not
                               available.
 --fixed-gps [lat,lon,alt]    Set a fixed location for this capture (remote only),
                               accepts lat,lon,alt or lat,lon
 --gps-name [name]            Set an alternate GPS name for this source
 --daemonize                  Background the capture tool and enter daemon mode.
 --list                       List supported devices detected
 --autodetect [uuid:optional] Look for a Kismet server in announcement mode, optionally 
                              waiting for a specific server UUID to be seen.  Requires 
                              a Kismet server configured for announcement mode.

kismet-capture-ti-cc-2540

Kismet is a wireless network and device detector, sniffer, wardriving tool, and WIDS (wireless intrusion detection) framework.

Kismet works with Wi-Fi interfaces, Bluetooth interfaces, some SDR (software defined radio) hardware like the RTLSDR, and other specialized capture hardware.

This package contains the Kismet TICC2540 BTLE Sniffer capture helper.

Installed size: 176 KB
How to install: sudo apt install kismet-capture-ti-cc-2540

Dependencies:
  • debconf | debconf-2.0
  • kismet-capture-common
  • libc6
  • libcap2
  • libprotobuf-c1
  • libusb-1.0-0
  • libwebsockets19t64
kismet_cap_ti_cc_2540
root@kali:~# kismet_cap_ti_cc_2540 -h
kismet_cap_ti_cc_2540 is a capture driver for Kismet.  Typically it is started
automatically by the Kismet server.

kismet_cap_ti_cc_2540 supports sending data to a remote Kismet server
usage: kismet_cap_ti_cc_2540 [options]
 --connect [host]:[port]      Connect to remote Kismet server on [host] and [port]; by
                               default this now uses the new websockets interface built
                               into the Kismet webserver on port 2501; to connect using
                               the legacy remote capture protocol, specify the '--tcp'
                               option and the appropriate port, by default port 3501.
 --tcp                        Use the legacy TCP remote capture protocol, when combined
                               with the --connect option.  The modern protocol uses 
                               websockets built into the Kismet server and does not
                               need this option.
 --ssl                        Use SSL to connect to a websocket-enabled Kismet server
 --ssl-certificate [certfile] Use SSL to connect to a websocket-enabled Kismet server
                               and use the provided certificate authority certificate
                               to validate the server.
 --user [username]            Kismet username for a websockets-based remote capture
                               source.  A username and password, or an API key, are
                               required for websockets mode.  A username and password
                               are ONLY used in websockets mode.
 --password [password]        Kismet password for a websockets-based remote capture source.
                               A username and password, or an API key, are required for
                               websocket mode.  A username and password are ONLY used in
                               websockets mode.
 --apikey [api key]           A Kismet API key for the 'datasource' role; this may be
                               supplied instead of a username and password for websockets
                               based remote capture.  An API key is ONLY used in websockets
                               mode.
 --endpoint [endpoint]        An alternate endpoint for the websockets connection.  By
                               default remote datasources are terminated at
                                 /datasource/remote/remotesource.ws
                               This should typically only be changed when using a HTTP proxy
                               homing the Kismet service under a directory.  Endpoints 
                               should include the full path to the websocket endpoint, for
                               example:
                                 --endpoint=/kismet/proxy/datasource/remote/remotesource.ws
 --source [source def]        Specify a source to send to the remote 
                              Kismet server; only used in conjunction with remote capture.
 --disable-retry              Do not attempt to reconnect to a remote server if there is an
                               error; exit immediately.  By default a remote capture will
                               attempt to reconnect indefinitely if the server is not
                               available.
 --fixed-gps [lat,lon,alt]    Set a fixed location for this capture (remote only),
                               accepts lat,lon,alt or lat,lon
 --gps-name [name]            Set an alternate GPS name for this source
 --daemonize                  Background the capture tool and enter daemon mode.
 --list                       List supported devices detected
 --autodetect [uuid:optional] Look for a Kismet server in announcement mode, optionally 
                              waiting for a specific server UUID to be seen.  Requires 
                              a Kismet server configured for announcement mode.

kismet-capture-ubertooth-one

Kismet is a wireless network and device detector, sniffer, wardriving tool, and WIDS (wireless intrusion detection) framework.

Kismet works with Wi-Fi interfaces, Bluetooth interfaces, some SDR (software defined radio) hardware like the RTLSDR, and other specialized capture hardware.

This package contains the Kismet Ubertooth One BT Sniffer capture helper.

Installed size: 172 KB
How to install: sudo apt install kismet-capture-ubertooth-one

Dependencies:
  • debconf | debconf-2.0
  • kismet-capture-common
  • libc6
  • libcap2
  • libprotobuf-c1
  • libubertooth1
  • libwebsockets19t64
kismet_cap_ubertooth_one
root@kali:~# kismet_cap_ubertooth_one -h
kismet_cap_ubertooth_one is a capture driver for Kismet.  Typically it is started
automatically by the Kismet server.

kismet_cap_ubertooth_one supports sending data to a remote Kismet server
usage: kismet_cap_ubertooth_one [options]
 --connect [host]:[port]      Connect to remote Kismet server on [host] and [port]; by
                               default this now uses the new websockets interface built
                               into the Kismet webserver on port 2501; to connect using
                               the legacy remote capture protocol, specify the '--tcp'
                               option and the appropriate port, by default port 3501.
 --tcp                        Use the legacy TCP remote capture protocol, when combined
                               with the --connect option.  The modern protocol uses 
                               websockets built into the Kismet server and does not
                               need this option.
 --ssl                        Use SSL to connect to a websocket-enabled Kismet server
 --ssl-certificate [certfile] Use SSL to connect to a websocket-enabled Kismet server
                               and use the provided certificate authority certificate
                               to validate the server.
 --user [username]            Kismet username for a websockets-based remote capture
                               source.  A username and password, or an API key, are
                               required for websockets mode.  A username and password
                               are ONLY used in websockets mode.
 --password [password]        Kismet password for a websockets-based remote capture source.
                               A username and password, or an API key, are required for
                               websocket mode.  A username and password are ONLY used in
                               websockets mode.
 --apikey [api key]           A Kismet API key for the 'datasource' role; this may be
                               supplied instead of a username and password for websockets
                               based remote capture.  An API key is ONLY used in websockets
                               mode.
 --endpoint [endpoint]        An alternate endpoint for the websockets connection.  By
                               default remote datasources are terminated at
                                 /datasource/remote/remotesource.ws
                               This should typically only be changed when using a HTTP proxy
                               homing the Kismet service under a directory.  Endpoints 
                               should include the full path to the websocket endpoint, for
                               example:
                                 --endpoint=/kismet/proxy/datasource/remote/remotesource.ws
 --source [source def]        Specify a source to send to the remote 
                              Kismet server; only used in conjunction with remote capture.
 --disable-retry              Do not attempt to reconnect to a remote server if there is an
                               error; exit immediately.  By default a remote capture will
                               attempt to reconnect indefinitely if the server is not
                               available.
 --fixed-gps [lat,lon,alt]    Set a fixed location for this capture (remote only),
                               accepts lat,lon,alt or lat,lon
 --gps-name [name]            Set an alternate GPS name for this source
 --daemonize                  Background the capture tool and enter daemon mode.
 --list                       List supported devices detected
 --autodetect [uuid:optional] Look for a Kismet server in announcement mode, optionally 
                              waiting for a specific server UUID to be seen.  Requires 
                              a Kismet server configured for announcement mode.

kismet-core

Kismet is a wireless network and device detector, sniffer, wardriving tool, and WIDS (wireless intrusion detection) framework.

Kismet works with Wi-Fi interfaces, Bluetooth interfaces, some SDR (software defined radio) hardware like the RTLSDR, and other specialized capture hardware.

This package contains the Kismet Core.

Installed size: 22.92 MB
How to install: sudo apt install kismet-core

Dependencies:
  • libc6
  • libcap2
  • libgcc-s1
  • libpcap0.8t64
  • libpcre2-8-0
  • libprotobuf-c1
  • libprotobuf32t64
  • libsensors5
  • libsqlite3-0
  • libssl3t64
  • libstdc++6
  • libwebsockets19t64
  • zlib1g
kismet

Wireless sniffer and monitor

root@kali:~# kismet -h
usage: kismet [OPTION]
Nearly all of these options are run-time overrides for values in the
kismet.conf configuration file.  Permanent changes should be made to
the configuration file.
 *** Generic Options ***
 -v, --version                Show version
 -h  --help                   Display this help message
     --no-console-wrapper     Disable server console wrapper
     --no-ncurses-wrapper     Disable server console wrapper
     --no-ncurses             Disable server console wrapper
     --debug                  Disable the console wrapper and the crash
                              handling functions, for debugging
 -c <datasource>              Use the specified datasource
 -f, --config-file <file>     Use alternate configuration file
     --no-line-wrap           Turn off linewrapping of output
                              (for grep, speed, etc)
 -s, --silent                 Turn off stdout output after setup phase
     --daemonize              Spawn detached in the background
     --no-plugins             Do not load plugins
     --homedir <path>         Use an alternate path as the home 
                               directory instead of the user entry
     --confdir <path>         Use an alternate path as the base 
                               config directory instead of the default 
                               set at compile time
     --datadir <path>         Use an alternate path as the data
                               directory instead of the default set at 
                               compile time.
     --override <flavor>      Load an alternate configuration override 
                               from {confdir}/kismet_{flavor}.conf
                               or as a specific override file.
 *** Logging Options ***
 -T, --log-types <types>      Override activated log types
 -t, --log-title <title>      Override default log title
 -p, --log-prefix <prefix>    Directory to store log files
 -n, --no-logging             Disable logging entirely

 *** Device Tracking Options ***
     --device-timeout=n       Expire devices after N seconds

kismet_cap_kismetdb
root@kali:~# kismet_cap_kismetdb -h
kismet_cap_kismetdb is a capture driver for Kismet.  Typically it is started
automatically by the Kismet server.

kismet_cap_kismetdb supports sending data to a remote Kismet server
usage: kismet_cap_kismetdb [options]
 --connect [host]:[port]      Connect to remote Kismet server on [host] and [port]; by
                               default this now uses the new websockets interface built
                               into the Kismet webserver on port 2501; to connect using
                               the legacy remote capture protocol, specify the '--tcp'
                               option and the appropriate port, by default port 3501.
 --tcp                        Use the legacy TCP remote capture protocol, when combined
                               with the --connect option.  The modern protocol uses 
                               websockets built into the Kismet server and does not
                               need this option.
 --ssl                        Use SSL to connect to a websocket-enabled Kismet server
 --ssl-certificate [certfile] Use SSL to connect to a websocket-enabled Kismet server
                               and use the provided certificate authority certificate
                               to validate the server.
 --user [username]            Kismet username for a websockets-based remote capture
                               source.  A username and password, or an API key, are
                               required for websockets mode.  A username and password
                               are ONLY used in websockets mode.
 --password [password]        Kismet password for a websockets-based remote capture source.
                               A username and password, or an API key, are required for
                               websocket mode.  A username and password are ONLY used in
                               websockets mode.
 --apikey [api key]           A Kismet API key for the 'datasource' role; this may be
                               supplied instead of a username and password for websockets
                               based remote capture.  An API key is ONLY used in websockets
                               mode.
 --endpoint [endpoint]        An alternate endpoint for the websockets connection.  By
                               default remote datasources are terminated at
                                 /datasource/remote/remotesource.ws
                               This should typically only be changed when using a HTTP proxy
                               homing the Kismet service under a directory.  Endpoints 
                               should include the full path to the websocket endpoint, for
                               example:
                                 --endpoint=/kismet/proxy/datasource/remote/remotesource.ws
 --source [source def]        Specify a source to send to the remote 
                              Kismet server; only used in conjunction with remote capture.
 --disable-retry              Do not attempt to reconnect to a remote server if there is an
                               error; exit immediately.  By default a remote capture will
                               attempt to reconnect indefinitely if the server is not
                               available.
 --fixed-gps [lat,lon,alt]    Set a fixed location for this capture (remote only),
                               accepts lat,lon,alt or lat,lon
 --gps-name [name]            Set an alternate GPS name for this source
 --daemonize                  Background the capture tool and enter daemon mode.
 --list                       List supported devices detected
 --autodetect [uuid:optional] Look for a Kismet server in announcement mode, optionally 
                              waiting for a specific server UUID to be seen.  Requires 
                              a Kismet server configured for announcement mode.

kismet_cap_pcapfile
root@kali:~# kismet_cap_pcapfile -h
kismet_cap_pcapfile is a capture driver for Kismet.  Typically it is started
automatically by the Kismet server.

kismet_cap_pcapfile supports sending data to a remote Kismet server
usage: kismet_cap_pcapfile [options]
 --connect [host]:[port]      Connect to remote Kismet server on [host] and [port]; by
                               default this now uses the new websockets interface built
                               into the Kismet webserver on port 2501; to connect using
                               the legacy remote capture protocol, specify the '--tcp'
                               option and the appropriate port, by default port 3501.
 --tcp                        Use the legacy TCP remote capture protocol, when combined
                               with the --connect option.  The modern protocol uses 
                               websockets built into the Kismet server and does not
                               need this option.
 --ssl                        Use SSL to connect to a websocket-enabled Kismet server
 --ssl-certificate [certfile] Use SSL to connect to a websocket-enabled Kismet server
                               and use the provided certificate authority certificate
                               to validate the server.
 --user [username]            Kismet username for a websockets-based remote capture
                               source.  A username and password, or an API key, are
                               required for websockets mode.  A username and password
                               are ONLY used in websockets mode.
 --password [password]        Kismet password for a websockets-based remote capture source.
                               A username and password, or an API key, are required for
                               websocket mode.  A username and password are ONLY used in
                               websockets mode.
 --apikey [api key]           A Kismet API key for the 'datasource' role; this may be
                               supplied instead of a username and password for websockets
                               based remote capture.  An API key is ONLY used in websockets
                               mode.
 --endpoint [endpoint]        An alternate endpoint for the websockets connection.  By
                               default remote datasources are terminated at
                                 /datasource/remote/remotesource.ws
                               This should typically only be changed when using a HTTP proxy
                               homing the Kismet service under a directory.  Endpoints 
                               should include the full path to the websocket endpoint, for
                               example:
                                 --endpoint=/kismet/proxy/datasource/remote/remotesource.ws
 --source [source def]        Specify a source to send to the remote 
                              Kismet server; only used in conjunction with remote capture.
 --disable-retry              Do not attempt to reconnect to a remote server if there is an
                               error; exit immediately.  By default a remote capture will
                               attempt to reconnect indefinitely if the server is not
                               available.
 --fixed-gps [lat,lon,alt]    Set a fixed location for this capture (remote only),
                               accepts lat,lon,alt or lat,lon
 --gps-name [name]            Set an alternate GPS name for this source
 --daemonize                  Background the capture tool and enter daemon mode.
 --list                       List supported devices detected
 --autodetect [uuid:optional] Look for a Kismet server in announcement mode, optionally 
                              waiting for a specific server UUID to be seen.  Requires 
                              a Kismet server configured for announcement mode.

kismet_server

Wireless sniffer and monitor

root@kali:~# kismet_server -h
kismet_server is now named just kismet, you may wish to update 
any scripts still using kismet_server to launch.
usage: kismet [OPTION]
Nearly all of these options are run-time overrides for values in the
kismet.conf configuration file.  Permanent changes should be made to
the configuration file.
 *** Generic Options ***
 -v, --version                Show version
 -h  --help                   Display this help message
     --no-console-wrapper     Disable server console wrapper
     --no-ncurses-wrapper     Disable server console wrapper
     --no-ncurses             Disable server console wrapper
     --debug                  Disable the console wrapper and the crash
                              handling functions, for debugging
 -c <datasource>              Use the specified datasource
 -f, --config-file <file>     Use alternate configuration file
     --no-line-wrap           Turn off linewrapping of output
                              (for grep, speed, etc)
 -s, --silent                 Turn off stdout output after setup phase
     --daemonize              Spawn detached in the background
     --no-plugins             Do not load plugins
     --homedir <path>         Use an alternate path as the home 
                               directory instead of the user entry
     --confdir <path>         Use an alternate path as the base 
                               config directory instead of the default 
                               set at compile time
     --datadir <path>         Use an alternate path as the data
                               directory instead of the default set at 
                               compile time.
     --override <flavor>      Load an alternate configuration override 
                               from {confdir}/kismet_{flavor}.conf
                               or as a specific override file.
 *** Logging Options ***
 -T, --log-types <types>      Override activated log types
 -t, --log-title <title>      Override default log title
 -p, --log-prefix <prefix>    Directory to store log files
 -n, --no-logging             Disable logging entirely

 *** Device Tracking Options ***
     --device-timeout=n       Expire devices after N seconds

kismet-logtools

Kismet is a wireless network and device detector, sniffer, wardriving tool, and WIDS (wireless intrusion detection) framework.

Kismet works with Wi-Fi interfaces, Bluetooth interfaces, some SDR (software defined radio) hardware like the RTLSDR, and other specialized capture hardware.

This package contains the Kismet logtools.

Installed size: 2.68 MB
How to install: sudo apt install kismet-logtools

Dependencies:
  • libc6
  • libgcc-s1
  • libpcap0.8t64
  • libpcre2-8-0
  • libsqlite3-0
  • libstdc++6
kismetdb_clean
root@kali:~# kismetdb_clean -h
Kismetdb Cleanup
Performs a basic cleanup of Kismetdb logs with an incomplete journal file
usage: kismetdb_clean [OPTION]
 -i, --in [filename]          Input kismetdb file

kismetdb_dump_devices

Simple tool for converting the device data from a KismetDB log file to a JSON log

root@kali:~# kismetdb_dump_devices -h
Kismetdb to JSON
A simple tool for converting the device data from a KismetDB log file to
a JSON log.
usage: kismetdb_dump_devices [OPTION]
 -i, --in [filename]          Input kismetdb file
 -o, --out [filename]         Output device data into JSON file
 -f, --force                  Force writing to the target file, even if it exists.
 -j, --json-path              Rewrite fields to use '_' instead of '.'
 -e, --ekjson                 Write as ekjson records, one device per line, instead of as
                              a complete JSON array.
 -v, --verbose                Verbose output
 -s, --skip-clean             Don't clean (sql vacuum) input database

kismetdb_statistics

Statistics about a kismetdb file

root@kali:~# kismetdb_statistics -h
Kismetdb statistics
usage: kismetdb_statistics [OPTION]
 -i, --in [filename]          Input kismetdb file
 -s, --skip-clean             Don't clean (sql vacuum) input database
 -j, --json                   Dump stats as a JSON dictionary

kismetdb_strip_packets

Simple tool for stripping the packet data from a KismetDB log file

root@kali:~# kismetdb_strip_packets -h
Kismet packet content strip tool.
A simple tool for stripping the packet data from a KismetDB log file.
usage: kismetdb_strip_packets [OPTION]
 -i, --in [filename]          Input kismetdb file
 -o, --out [filename]         Output kismetdb file with packet content stripped
 -v, --verbose                Verbose output
 -f, --force                  Force writing to the target file, even if it exists.

kismetdb_to_gpx
root@kali:~# kismetdb_to_gpx -h
Kismetdb to GPX
A simple tool for converting the packet data from a KismetDB log file to
a GPX file for plotting in OSM and other tools.
usage: kismetdb_to_gpx [OPTION]
 -i, --in [filename]          Input kismetdb file
 -o, --out [filename]         Output GPX file
 -f, --force                  Force writing to the target file, even if it exists.
 -v, --verbose                Verbose output
 -s, --skip-clean             Don't clean (sql vacuum) input database
 -e, --exclude lat,lon,dist   Exclude records within 'dist' *meters* of the lat,lon
                              provided.  This can be used to exclude packets close to
                              your home, or other sensitive locations.
 --basic-location             Use basic average location information instead of computing a
                              high-precision location; faster, but less accurate

kismetdb_to_kml
root@kali:~# kismetdb_to_kml -h
Kismetdb to KML
A simple tool for converting the packet data from a KismetDB log file to
a KML file for plotting in Google Earth
usage: kismetdb_to_kml [OPTION]
 -i, --in [filename]          Input kismetdb file
 -o, --out [filename]         Output KML file
 -f, --force                  Force writing to the target file, even if it exists.
 -v, --verbose                Verbose output
 -s, --skip-clean             Don't clean (sql vacuum) input database
 -e, --exclude lat,lon,dist   Exclude records within 'dist' *meters* of the lat,lon
                              provided.  This can be used to exclude packets close to
                              your home, or other sensitive locations.
 --basic-location             Use basic average location information instead of computing a
                              high-precision location; faster, but less accurate
 -g, --group                  Group by type into folders

kismetdb_to_pcap
root@kali:~# kismetdb_to_pcap -h
Kismetdb to pcap
Convert packet data from KismetDB logs to standard pcap or pcapng logs for use in
tools like Wireshark and tcpdump
usage: kismetdb_to_pcap [OPTION]
 -i, --in [filename]            Input kismetdb file
 -o, --out [filename]           Output file name
 -f, --force                    Overwrite any existing output files
 -v, --verbose                  Verbose output
 -s, --skip-clean               Don't clean (sql vacuum) input database
     --old-pcap                 Create a traditional pcap file
                                Traditional PCAP files cannot have multiple link types.
     --dlt [linktype #]         Limit pcap to a single DLT (link type); necessary when
                                generating older traditional pcap instead of pcapng.
     --list-datasources         List datasources in kismetdb; do not create a pcap file
     --datasource [uuid]        Include packets from this datasource.  Multiple datasource
                                arguments can be given to include multiple datasources.
     --split-datasource         Split output into multiple files, with each file containing
                                packets from a single datasource.
     --split-packets [num]      Split output into multiple files, with each file containing
                                at most [num] packets
     --split-size [size-in-kb]  Split output into multiple files, with each file containing
                                at most [kb] bytes
     --list-tags                List tags in kismetdb; do not create a pcap file
     --tag [tag]                Only export packets which have a specific tag
                                Specify multiple --tag options to include all packets with
                                those tags.
     --skip-gps                 When generating pcapng logs, don't include GPS information
                                via the Kismet PEN custom fields
     --skip-gps-track           When generating pcapng logs, don't include GPS movement
                                track information

When splitting output by datasource, the file will be named [outname]-[datasource-uuid].

When splitting output into multiple files, file will be named [outname]-0001, 
[outname]-0002, and so forth.

Output can be split by datasource, packet count, or file size.  These options can be
combined as datasource and packet count, or datasource and file size.

When splitting by both datasource and count or size, the files will be named 
[outname]-[datasource-uuid]-0001, and so on.

kismetdb_to_wiglecsv

Simple tool for converting the packet data from a KismetDB log file to the CSV format used by Wigle

root@kali:~# kismetdb_to_wiglecsv -h
Kismetdb to WigleCSV
A simple tool for converting the packet data from a KismetDB log file to
the CSV format used by Wigle
usage: kismetdb_to_wiglecsv [OPTION]
 -i, --in [filename]          Input kismetdb file
 -o, --out [filename]         Output Wigle CSV file
 -f, --force                  Force writing to the target file, even if it exists.
 -r, --rate-limit [rate]      Limit updated records to one update per [rate] seconds
                              per device
 -c, --cache-limit [limit]    Maximum number of device to cache, defaults to 1000.
 -v, --verbose                Verbose output
 -s, --skip-clean             Don't clean (sql vacuum) input database
 -e, --exclude lat,lon,dist   Exclude records within 'dist' *meters* of the lat,lon
                              provided.  This can be used to exclude packets close to
                              your home, or other sensitive locations.

kismet-plugins

Kismet is an 802.11 layer-2 wireless network detector, sniffer, and intrusion detection system. It will work with any wireless card that supports raw monitoring (rfmon) mode, and can sniff 802.11a/b/g/n traffic.

It can use other programs to play audio alarms for network events, read out network summaries, or provide GPS coordinates.

This package provides the following extra plugins for Kismet:

  • autowep: detects the WEP key from BSSID and SSID;
  • btscan: basic scan support for the 802.15.1 (Bluetooth) protocol;
  • ptw: performs the Aircrack-NG PTW attack against captured data;
  • spectools: imports data from the spectools spectrum analyzer;
  • syslog: provides supports for alerts using standard unix syslog services.

Installed size: 377 KB
How to install: sudo apt install kismet-plugins

Dependencies:
  • kismet
  • libc6
  • libgcc-s1
  • libstdc++6
  • python3
  • python3-kismetexternal
kismet_discovery

kismet_eventbus
root@kali:~# kismet_eventbus -h
usage: kismet_eventbus [-h] [--in-fd INFD] [--out-fd OUTFD]

Kismet External Python Example - Eventbus

options:
  -h, --help      show this help message and exit
  --in-fd INFD
  --out-fd OUTFD

kismet_proxytest
root@kali:~# kismet_proxytest -h
usage: kismet_proxytest [-h] [--in-fd INFD] [--out-fd OUTFD]

Kismet External Python Example

options:
  -h, --help      show this help message and exit
  --in-fd INFD
  --out-fd OUTFD

python3-kismetcapturebtgeiger

Kismet is a wireless network and device detector, sniffer, wardriving tool, and WIDS (wireless intrusion detection) framework.

Kismet works with Wi-Fi interfaces, Bluetooth interfaces, some SDR (software defined radio) hardware like the RTLSDR, and other specialized capture hardware.

This package contains the Kismet BLTE geiger datasource.

Installed size: 109 KB
How to install: sudo apt install python3-kismetcapturebtgeiger

Dependencies:
  • python3
  • python3-bluepy
  • python3-protobuf
  • python3-websockets
kismet_cap_bt_geiger
root@kali:~# kismet_cap_bt_geiger -h
usage: kismet_cap_bt_geiger [-h] [--in-fd INFD] [--out-fd OUTFD]
                            [--connect CONNECT] [--source SOURCE] [--tcp]
                            [--ssl] [--ssl-certificate SSLCERTIFICATE]
                            [--user USER] [--password PASSWORD]
                            [--apikey APIKEY] [--endpoint ENDPOINT]
                            [--disable-retry ENDPOINT]
                            [--autodetect [AUTODETECT]]

BTLE Geiger counter Kismet datasource

options:
  -h, --help            show this help message and exit
  --in-fd INFD          incoming fd pair (IPC mode only)
  --out-fd OUTFD        outgoing fd pair (IPC mode only)
  --connect CONNECT     remote kismet server on host:port; by default this
                        uses websocket mode, to use the legacy tcp mode,
                        specify the --tcp argument
  --source SOURCE       capture source definition, required for remote capture
  --tcp                 enable legacy tcp mode
  --ssl                 enable SSL
  --ssl-certificate SSLCERTIFICATE
                        provide a SSL CA certificate to validate server
  --user USER           Kismet username for websockets-based remote capture
  --password PASSWORD   Kismet password for websockets-based remote capture
  --apikey APIKEY       Kismet API key for websockets-based remote capture
  --endpoint ENDPOINT   alternate endpoint for websockets remote capture
  --disable-retry ENDPOINT
                        disable automatic reconnection
  --autodetect [AUTODETECT]
                        look for a Kismet server in announce mode, optionally
                        waiting for a specific server UUID

python3-kismetcapturefreaklabszigbee

Kismet is a wireless network and device detector, sniffer, wardriving tool, and WIDS (wireless intrusion detection) framework.

Kismet works with Wi-Fi interfaces, Bluetooth interfaces, some SDR (software defined radio) hardware like the RTLSDR, and other specialized capture hardware.

This package contains the Kismet Freaklabs Zigbee datasource.

Installed size: 116 KB
How to install: sudo apt install python3-kismetcapturefreaklabszigbee

Dependencies:
  • python3
  • python3-protobuf
  • python3-serial
  • python3-websockets
kismet_cap_freaklabs_zigbee
root@kali:~# kismet_cap_freaklabs_zigbee -h
usage: kismet_cap_freaklabs_zigbee [-h] [--in-fd INFD] [--out-fd OUTFD]
                                   [--connect CONNECT] [--source SOURCE]
                                   [--tcp] [--ssl]
                                   [--ssl-certificate SSLCERTIFICATE]
                                   [--user USER] [--password PASSWORD]
                                   [--apikey APIKEY] [--endpoint ENDPOINT]
                                   [--disable-retry ENDPOINT]
                                   [--autodetect [AUTODETECT]]

Kismet datasource to capture from Freaklabs Zigbee hardware

options:
  -h, --help            show this help message and exit
  --in-fd INFD          incoming fd pair (IPC mode only)
  --out-fd OUTFD        outgoing fd pair (IPC mode only)
  --connect CONNECT     remote kismet server on host:port; by default this
                        uses websocket mode, to use the legacy tcp mode,
                        specify the --tcp argument
  --source SOURCE       capture source definition, required for remote capture
  --tcp                 enable legacy tcp mode
  --ssl                 enable SSL
  --ssl-certificate SSLCERTIFICATE
                        provide a SSL CA certificate to validate server
  --user USER           Kismet username for websockets-based remote capture
  --password PASSWORD   Kismet password for websockets-based remote capture
  --apikey APIKEY       Kismet API key for websockets-based remote capture
  --endpoint ENDPOINT   alternate endpoint for websockets remote capture
  --disable-retry ENDPOINT
                        disable automatic reconnection
  --autodetect [AUTODETECT]
                        look for a Kismet server in announce mode, optionally
                        waiting for a specific server UUID

Requires Freaklabs hardware (or compatible SenSniff-based device)

python3-kismetcapturertl433

Kismet is a wireless network and device detector, sniffer, wardriving tool, and WIDS (wireless intrusion detection) framework.

Kismet works with Wi-Fi interfaces, Bluetooth interfaces, some SDR (software defined radio) hardware like the RTLSDR, and other specialized capture hardware.

This package contains the Kismet rtl_433 datasource.

Installed size: 115 KB
How to install: sudo apt install python3-kismetcapturertl433

Dependencies:
  • librtlsdr0
  • python3
  • python3-protobuf
  • python3-websockets
kismet_cap_sdr_rtl433
root@kali:~# kismet_cap_sdr_rtl433 -h
usage: kismet_cap_sdr_rtl433 [-h] [--in-fd INFD] [--out-fd OUTFD]
                             [--connect CONNECT] [--source SOURCE] [--tcp]
                             [--ssl] [--ssl-certificate SSLCERTIFICATE]
                             [--user USER] [--password PASSWORD]
                             [--apikey APIKEY] [--endpoint ENDPOINT]
                             [--disable-retry ENDPOINT]
                             [--autodetect [AUTODETECT]]

RTL433 to Kismet bridge - Creates a rtl433 data source on a Kismet server and
passes JSON-based records from the rtl_433 binary

options:
  -h, --help            show this help message and exit
  --in-fd INFD          incoming fd pair (IPC mode only)
  --out-fd OUTFD        outgoing fd pair (IPC mode only)
  --connect CONNECT     remote kismet server on host:port; by default this
                        uses websocket mode, to use the legacy tcp mode,
                        specify the --tcp argument
  --source SOURCE       capture source definition, required for remote capture
  --tcp                 enable legacy tcp mode
  --ssl                 enable SSL
  --ssl-certificate SSLCERTIFICATE
                        provide a SSL CA certificate to validate server
  --user USER           Kismet username for websockets-based remote capture
  --password PASSWORD   Kismet password for websockets-based remote capture
  --apikey APIKEY       Kismet API key for websockets-based remote capture
  --endpoint ENDPOINT   alternate endpoint for websockets remote capture
  --disable-retry ENDPOINT
                        disable automatic reconnection
  --autodetect [AUTODETECT]
                        look for a Kismet server in announce mode, optionally
                        waiting for a specific server UUID

Requires the rtl_433 tool (install your distributions package or compile from
https://github.com/merbanan/rtl_433)

python3-kismetcapturertladsb

Kismet is a wireless network and device detector, sniffer, wardriving tool, and WIDS (wireless intrusion detection) framework.

Kismet works with Wi-Fi interfaces, Bluetooth interfaces, some SDR (software defined radio) hardware like the RTLSDR, and other specialized capture hardware.

This package contains the Kismet rtladsb datasource.

Installed size: 141 KB
How to install: sudo apt install python3-kismetcapturertladsb

Dependencies:
  • librtlsdr0
  • python3
  • python3-numpy
  • python3-protobuf
  • python3-websockets
kismet_cap_sdr_rtladsb
root@kali:~# kismet_cap_sdr_rtladsb -h
usage: kismet_cap_sdr_rtladsb [-h] [--in-fd INFD] [--out-fd OUTFD]
                              [--connect CONNECT] [--source SOURCE] [--tcp]
                              [--ssl] [--ssl-certificate SSLCERTIFICATE]
                              [--user USER] [--password PASSWORD]
                              [--apikey APIKEY] [--endpoint ENDPOINT]
                              [--disable-retry ENDPOINT]
                              [--autodetect [AUTODETECT]]

RTLadsb to Kismet bridge - Creates a rtladsb data source on a Kismet server
and passes JSON-based records from the rtladsb binary

options:
  -h, --help            show this help message and exit
  --in-fd INFD          incoming fd pair (IPC mode only)
  --out-fd OUTFD        outgoing fd pair (IPC mode only)
  --connect CONNECT     remote kismet server on host:port; by default this
                        uses websocket mode, to use the legacy tcp mode,
                        specify the --tcp argument
  --source SOURCE       capture source definition, required for remote capture
  --tcp                 enable legacy tcp mode
  --ssl                 enable SSL
  --ssl-certificate SSLCERTIFICATE
                        provide a SSL CA certificate to validate server
  --user USER           Kismet username for websockets-based remote capture
  --password PASSWORD   Kismet password for websockets-based remote capture
  --apikey APIKEY       Kismet API key for websockets-based remote capture
  --endpoint ENDPOINT   alternate endpoint for websockets remote capture
  --disable-retry ENDPOINT
                        disable automatic reconnection
  --autodetect [AUTODETECT]
                        look for a Kismet server in announce mode, optionally
                        waiting for a specific server UUID

python3-kismetcapturertlamr

Kismet is a wireless network and device detector, sniffer, wardriving tool, and WIDS (wireless intrusion detection) framework.

Kismet works with Wi-Fi interfaces, Bluetooth interfaces, some SDR (software defined radio) hardware like the RTLSDR, and other specialized capture hardware.

This package contains the Kismet rtlamr datasource.

Installed size: 131 KB
How to install: sudo apt install python3-kismetcapturertlamr

Dependencies:
  • librtlsdr0
  • python3
  • python3-numpy
  • python3-protobuf
  • python3-websockets
kismet_cap_sdr_rtlamr
root@kali:~# kismet_cap_sdr_rtlamr -h
usage: kismet_cap_sdr_rtlamr [-h] [--in-fd INFD] [--out-fd OUTFD]
                             [--connect CONNECT] [--source SOURCE] [--tcp]
                             [--ssl] [--ssl-certificate SSLCERTIFICATE]
                             [--user USER] [--password PASSWORD]
                             [--apikey APIKEY] [--endpoint ENDPOINT]
                             [--disable-retry ENDPOINT]
                             [--autodetect [AUTODETECT]]

RTL-SDR AMR Kismet datasource

options:
  -h, --help            show this help message and exit
  --in-fd INFD          incoming fd pair (IPC mode only)
  --out-fd OUTFD        outgoing fd pair (IPC mode only)
  --connect CONNECT     remote kismet server on host:port; by default this
                        uses websocket mode, to use the legacy tcp mode,
                        specify the --tcp argument
  --source SOURCE       capture source definition, required for remote capture
  --tcp                 enable legacy tcp mode
  --ssl                 enable SSL
  --ssl-certificate SSLCERTIFICATE
                        provide a SSL CA certificate to validate server
  --user USER           Kismet username for websockets-based remote capture
  --password PASSWORD   Kismet password for websockets-based remote capture
  --apikey APIKEY       Kismet API key for websockets-based remote capture
  --endpoint ENDPOINT   alternate endpoint for websockets remote capture
  --disable-retry ENDPOINT
                        disable automatic reconnection
  --autodetect [AUTODETECT]
                        look for a Kismet server in announce mode, optionally
                        waiting for a specific server UUID

Updated on: 2024-Nov-17