Infosec Person of the Purple Ether
Joined December 2022
- Tweets 596
- Following 989
- Followers 3,038
- Likes 5,517
178 Photos and videos
Decoding analog 5.8 GHz FPV with a HackRF
Sweeps all channels, locks a feed (not Wi-Fi or noise). Live spectrum and video recording.
Wild that a "lower-end" 8-bit SDR nails it. (It runs on any SoapySDR or UHD radio that reaches 5.8.)
Built on gr-ntsc-rc by Simon Bicais & Leonardo Cardoso.
1
18
162
6,328
Jun 10
Great tool. Ported to macOS it’s become a daily driver. Catches most everything I throw at it.
PCAP -> Suricata -> events.db, YARA scan, and a real Zircolite Sigma detection all run end to end. Free version is still feature packed- thanks @dougburks
macOS native: github.com/lukeswitz/so-crat…
Jun 9
🚀Introducing SO-CRATES 1.0 — Security Onion Containerized Rapid Analysis of Threats, Evil, and Sus!
SO-CRATES is a single container image for analyzing pcap files, log files, and binary files. It was formerly known as OhMyPCAP.
Here's what you can do with SO-CRATES:
✅analyze pcap files and then review Suricata alerts, metadata, and extracted files
✅import log files and then review Sigma alerts and the original log entries
✅import binary files and then review YARA matches and file metadata
All of this runs in a single Docker/Podman container — perfect for air-gapped environments, malware analysis, incident response, threat hunting, forensics & teaching.
Who’s trying it out? Drop a ❤️ and reply with your main use case!
#DFIR #Cybersecurity #BlueTeam #ThreatHunting #Suricata #YARA #Sigma
@Suricata_IDS @lennyzeltser @chrissanders88 @sansforensics @TomLawrenceTech
1
15
2,862
Jun 9
After a bunch of trial and mostly error, it’s ready to be called a beta
Map drones, Flock, any target in the 2.4GHz band, simultaneously. It’s also a full blown wardrive app for iOS/macOS/Android.
@_colonel_panic approved ☑️
App & Firmware: github.com/lukeswitz/oui-spy…
4
15
92
5,251
Jun 9
DragonSync v2.2 is out 🛜
Passive drone aircraft detection for iOS/macOS. Remote ID (WiFi BLE), ADS-B, FPV, encrypted DJI — all on one live map.
New: Drones tab with live flight pilot path tracks. Plug-and-play with WarDragon Pro via the new droneid-go backend by @cemaxecuter
No WarDragon? Flash a ~$7 ESP32 with the firmware in the repo and you've got standalone WiFi RID detection (83% of all consumer grade drones in 2025)
FOSS: github.com/Root-Down-Digital…
10
100
3,641
Jun 4
Linked up the parts for AntiHunter. Sourcing the kit is a little less intimidating. Reply if you find better ones to use.
Manuf, Ali & Amazon included by request 🔗
DIGI parts: github.com/lukeswitz/AntiHun…
2
12
138
10,546
May 24
6
16
291
23,392
May 23
AntiHunter v0.9.5
Stable: pulled the platform onto Arduino 3.x / IDF 5, AP now runs WPA3 mixed-mode, PSRAM routing cleaned up.
Beta channel gets the real news- Sentinel. Passive WiFi counter-intel. 19 detections across DoS, rogue AP, recon, physical layer, and mesh disruption.
Field-verified against deauth, beacon/auth flood, SAE DoS, Karma, evil-twin, probe flood, handshake capture. (OWE abuse, PMKID harvest, FragAttacks, TSF twin, simple jamming, and mesh disruption are experimental).
Now: Hunt with the scanners, or sit dark with Sentinel and see who comes for you.
Both live. Flash whichever fits the mission github.com/lukeswitz/AntiHun…
1
6
27
1,868
May 18
mmWave may be cheaper and reliable- but this DensePose shit is too much fun
10
844
May 18
Got the T1 speaking Linux, then wired the strip into my pentest flow.
Old hardware's got more in it than people think.
1
10
692
May 10
Dragonsync iOS: default support for @cemaxecuter droneid-go. Out of the box support for dragon kits is coming back 🐉
No more running three terminals/services- Single binary handles it all.
TAK almost there- UDP working, keychain storage for certs. Android/Linux coming soon.
2
1
16
1,442
May 13
Tested on latest WarDragon image with droneid-go. Enter IP, done.
4
261
Lμke Swi☨zer retweeted
May 8
Meshtastic-Sniffer is live
github.com/alphafox02/meshta…
Wideband passive receiver for Meshtastic LoRa. One SDR, every preset, channel, and slot in your region decoded in parallel. JSON / ZMQ / MQTT / CoT / pcap out.
Happy hunting. Mileage may vary.
May 4
Meshtastic-sniffer dropping soon.
May the mesh be with you.
10
50
239
15,475
May 5
OUISPY by @_colonel_panic companion app, chaos firmware.
Wardrive, spot Flock on BLE & WiFi. Tap to foxhunt a device. Drone spotting and robot pwning. Simultaneously.
5/7 engines (ported to dual-core and dual radio) can be combined. All controlled from Android/iOS
2
7
42
2,395
May 5
Fleet of AntiHunters headed to another stress test
Radar C5 compliment node in the works with @SirhaXalot_
1
2
22
1,444
May 4
Due to Tindie not distributing funds (but still accepting orders) we are looking for an alternative. Open to suggestions…
5
2
9
786
May 4
Also, beware of a Mexican product that is being sold and branded as AntiHunter. We said no, they did it anyway. Could name and shame but that’s not my style so just look out for it.
1
5
311
I’ve learned some uncomfortable things over my career trajectory.
SysAdmin/HelpDesk/IT = We are the Digital Janitors. I learned people’s confidence in almost any complex system far exceeds their understanding.
InfoSec = We are specialized QA. I learned everything is much more fragile than people believe. A well placed nudge topples many security layers.
Entrepreneurship = I learned that popular understanding of business taxes/regulations/economy/money is built on vibes, not understanding.
Voicing any of this can make you lose friends. People prefer vibes & narrative driven approaches. But reality is constraint driven. So… 🤷♂️
🧵
7
13
159
14,850
Apr 28
- Probe request sniffer/analyzer
- Data explorer for loot and logs
- Web flasher/config tool: lukeswitz.github.io/AntiHunt…
- 70% less ugly UI
All sorts of goodies in the latest AntiHunter update github.com/lukeswitz/AntiHun…
1
16
731
Apr 27
Your device screams the names of every network it's ever loved.
AntiHunter reads all three address fields in every frame to expose hidden devices, ghost networks, and the access points that answered. Logs to SD for persistent intelligence.
Other tools listen. AntiHunter knows.
1
2
26
1,664