Trackerjacker is designed to track Wi-Fi networks and devices that you are not connected to. The principle of the program is based on listening to raw 802.11 frames of wireless networks.
Supported platforms: Linux (tested on Ubuntu, Kali and RPi) and macOS (pre-alpha).
trackerjacker can help with the following:
- I want to know all the nearby wifi networks and know all the devices connected to each network.
- I want to know who's hogging all the bandwidth.
- I want to run a command when this MAC address sends more than 100000 bytes in a 30 second window (maybe to determine when an IP camera is uploading a video, which is indicative that it just saw motion).
- I want to deauth anyone who uses more than 100000 bytes in a 10 second window.
- I want to deauth every Dropcam in the area so my Airbnb hosts don't spy on me.
- I want to be alerted when any MAC address is seen at a power level greater than -40dBm that I've never seen before.
- I want to see when this particular person is nearby (based on the MAC of their mobile phone) and run a command to alert me.
- I want to write my own plugin to run some script to do something fun every time a new Apple device shows up nearby.
Author: Caleb Madrigal
trackerjacker [-h] [--map] [--track] [--remove-unseen-devices] [--monitor-mode-on] [--monitor-mode-off] [--set-channel CHANNEL] [--mac-lookup MAC_LOOKUP] [--print-default-config] [-v] [-i IFACE] [-m DEVICES_TO_WATCH] [-a APS_TO_WATCH] [--channels-to-monitor CHANNELS_TO_MONITOR] [--channel-switch-scheme CHANNEL_SWITCH_SCHEME] [--time-per-channel TIME_PER_CHANNEL] [-w THRESHOLD_WINDOW] [--map-save-interval MAP_SAVE_INTERVAL] [--threshold THRESHOLD] [--power POWER] [--plugin TRIGGER_PLUGIN] [--trigger-plugin TRIGGER_PLUGIN] [--plugin-config PLUGIN_CONFIG] [--trigger-command TRIGGER_COMMAND] [--trigger-cooldown TRIGGER_COOLDOWN] [--display-all-packets] [--beep-on-trigger] [--map-file MAP_FILE] [--log-path LOG_PATH] [--log-level LOG_LEVEL] [-c CONFIG]
-h, --help show this help message and exit --map Map mode - output map to wifi_map.yaml --track Track mode --remove-unseen-devices If enabled, map will forget about devices not seen for over five minutes --monitor-mode-on Enables monitor mode on the specified interface and exit --monitor-mode-off Disables monitor mode on the specified interface and exit --set-channel CHANNEL Set the specified wireless interface to the specified channel and exit --mac-lookup MAC_LOOKUP Lookup the vendor of the specified MAC address and exit --print-default-config Print boilerplate config file and exit -v, --version Display trackerjacker version -i IFACE, --interface IFACE Network interface to use; if empty, try to find monitor inferface -m DEVICES_TO_WATCH, --macs DEVICES_TO_WATCH MAC(s) to track; comma separated for multiple -a APS_TO_WATCH, --access-points APS_TO_WATCH Access point(s) to track - specified by BSSID; comma separated for multiple --channels-to-monitor CHANNELS_TO_MONITOR Channels to monitor; comma separated for multiple --channel-switch-scheme CHANNEL_SWITCH_SCHEME Options: "round_robin" or "traffic_based" --time-per-channel TIME_PER_CHANNEL Seconds spent on each channel before hopping -w THRESHOLD_WINDOW, --time-window THRESHOLD_WINDOW Time window (in seconds) which alert threshold is applied to --map-save-interval MAP_SAVE_INTERVAL Number of seconds between saving the wifi map to disk --threshold THRESHOLD Default data threshold (unless overridden on a per-dev basis) for triggering --power POWER Default power threshold (unless overridden on a per- dev basis) for triggering --plugin TRIGGER_PLUGIN Python trigger plugin file path; for more information --trigger-plugin TRIGGER_PLUGIN Python trigger plugin file path; for more information --plugin-config PLUGIN_CONFIG Config to pass to python trigger plugin. Must be a python dict or json obj. --trigger-command TRIGGER_COMMAND Command to execute upon alert --trigger-cooldown TRIGGER_COOLDOWN Time in seconds between trigger executions for a particular device --display-all-packets If true, displays all packets matching filters --beep-on-trigger If enabled, beep each time a trigger hits (off by default) --map-file MAP_FILE File path to which to output wifi map; default: wifi_map.yaml --log-path LOG_PATH Log path; default is stdout --log-level LOG_LEVEL Log level; Options: DEBUG, INFO, WARNING, ERROR, CRITICAL -c CONFIG, --config CONFIG Path to config json file; For example config file, use --print-default-config
Usage Example trackerjacker
Running trackerjacker on the specified wireless interface (-i wlan0) in the mode of information gathering (--track) with a plug-in that will show the MAC addresses of devices in the district, their signal strength and vendors (--trigger-plugin foxhunt):
sudo trackerjacker -i wlan0 --track --trigger-plugin foxhunt
How to install trackerjacker
Installation on Kali Linux
sudo pip3 install trackerjacker
Installation on BlackArch
sudo pacman -S python-trackerjacker sudo pip3 install scapy==2.4.0
Installation on Linux (Debian, Mint, Ubuntu)
sudo pip3 install trackerjacker