Resources
🌱 Beginner
T1588

Tools & Resources

This page catalogs the essential tools for counter-surveillance research: facial recognition testing, adversarial ML evaluation, tracker detection, infrastructure mapping, metadata hygiene, and voice/gait analysis. All tools listed are open-source or free-tier and intended for authorized defensive research.

Responsible Use

These tools are for authorized security research, personal privacy defense, and legal assessment only. Many of these tools have dual-use potential — always obtain written authorization before testing against any system you do not own.

Complete Tool Catalog

DeepFace

Facial Recognition
Docs

Multi-model face verification and analysis framework. Supports VGG-Face, FaceNet, ArcFace, DeepID, and more. Essential for testing recognition accuracy and threshold calibration.

Fawkes

Image Privacy
Docs

Image cloaking tool from SAND Lab (U. Chicago). Adds minimal perturbations to photos that disrupt face recognition model training while remaining visually imperceptible.

LowKey

Image Privacy
Docs

Research tool for adversarial perturbation against facial recognition. Targets commercial FR APIs. Useful for evaluating perturbation effectiveness against different backend models.

IBM ART

Adversarial ML
Docs

Comprehensive adversarial robustness testing framework. Supports 30+ attack methods, 10+ defenses, and multiple ML frameworks (PyTorch, TensorFlow, Keras, scikit-learn).

Foolbox

Adversarial ML
Docs

Clean adversarial attack library with consistent API. Supports decision-based, score-based, and gradient-based attacks. Good for quick benchmarking.

CleverHans

Adversarial ML
Docs

Google Brain adversarial ML library. Implements FGSM, PGD, C&W, and other standard attacks. Designed for adversarial training research.

AirGuard

Tracker Detection
Docs

Detects unknown AirTag, SmartTag, and Tile trackers following you. Open-source alternative to Apple's built-in detection. Works on Android devices.

nRF Connect

BLE Analysis
Docs

Professional BLE scanner and analyzer. View all BLE advertisements, GATT services, and device characteristics. Essential for tracker detection.

SnoopSnitch

Cellular Security
Docs

Detects IMSI catchers and rogue base stations on compatible Android devices. Monitors for suspicious cellular network behavior including silent SMS and tracking requests.

Wigle.net

Wi-Fi Mapping
Docs

Global database of Wi-Fi access points and cell towers. Useful for identifying known AP locations and detecting new/rogue access points in your environment.

EFF Atlas of Surveillance

Infrastructure Mapping
Docs

Crowdsourced database of law enforcement surveillance technologies deployed across the US. Maps cameras, drones, ALPR, face recognition, and StingRay deployments by jurisdiction.

Shodan

OSINT
Docs

Internet-connected device search engine. Find exposed cameras, DVRs, and IoT devices. Essential for defensive infrastructure discovery.

Censys

OSINT
Docs

Internet-wide scan data search. Complementary to Shodan with different scanning methodology. Useful for certificate and host discovery.

ExifTool

Metadata Hygiene
Docs

Industry-standard metadata reading/writing. Supports 400+ file formats. Essential for stripping GPS, device info, and other identifying metadata from media files.

MAT2

Metadata Hygiene
Docs

Metadata Anonymisation Toolkit v2. CLI and library for cleaning metadata from documents, images, audio, and video. Used by Tails OS.

Resemblyzer

Voice Analysis
Docs

Speaker embedding extraction and comparison. Useful for testing voice verification systems and measuring voiceprint similarity across audio samples.

librosa

Audio Analysis
Docs

Python audio analysis library. Extract MFCC, spectrograms, and other features used in speaker recognition. Essential for voice biometric research.

MediaPipe

Pose Estimation
Docs

Google's ML solutions for face detection, pose estimation, hand tracking, and holistic body analysis. Key tool for gait biometric research.

OpenPose

Pose Estimation
Docs

Real-time multi-person pose estimation. More accurate than MediaPipe for research use but requires more compute resources.

HackRF One

SDR Hardware
Docs

Software-defined radio for spectrum analysis (1 MHz–6 GHz). Analyze cellular, Wi-Fi, BLE, and ADS-B signals. Receive-only for legal passive recon.

Flipper Zero

Multi-Tool Hardware
Docs

Portable multi-protocol tool: Sub-GHz, RFID, NFC, IR, BLE, and GPIO. Useful for testing RFID access controls and IR sensor responses.

RTL-SDR v4

SDR Hardware
Docs

Budget SDR dongles ($30–40) for passive RF monitoring. Covers 24 MHz–1.7 GHz. Good entry point for spectrum awareness and ADS-B tracking research.

FLIR Lepton 3.5

Thermal Imaging
Docs

Compact thermal camera module (160×120 px). Integrates with Raspberry Pi for thermal countermeasure testing and human-presence detection research.

Tracker Detect (Apple)

Tracker Detection
Docs

Official Apple app for Android to detect unknown AirTags. Limited functionality compared to AirGuard but handles Apple-specific tracker protocol.

Haven (Guardian Project)

Physical Security
Docs

Turns an old Android phone into a physical security sensor. Detects motion, sound, light changes, and device tampering. Secure logging with Tor.

Tool Comparison Matrix

Quick reference for choosing the right tool based on use case, platform support, and learning curve.

Tool Linux macOS Windows GPU Needed Difficulty Best For
DeepFace Optional Easy FR testing & threshold calibration
IBM ART Recommended Hard Multi-attack comparison & defense eval
Foolbox Optional Medium Quick adversarial benchmarks
Fawkes ~ Recommended Medium Image cloaking (install from source)
MediaPipe No Easy Pose estimation & gait research
ExifTool No Easy Metadata stripping & analysis
Shodan CLI No Easy Exposed device discovery

Hardware Recommendations

Physical tools for field assessment. Budget estimates as of 2026.

Item Use Case Cost (USD) Notes
940nm IR LED Board Camera blinding (night/IR cams) $15–35 Invisible to human eye; test on your own cameras first
Faraday Bag (phone-sized) RF signal blocking $20–45 Verify >80 dB attenuation; test with signal meter before trusting
RTL-SDR v4 Dongle Passive RF spectrum analysis $35–45 Covers 24 MHz–1.7 GHz; receive-only (legal)
Flipper Zero Multi-protocol testing $170–200 Sub-GHz, RFID, NFC, IR, BLE, GPIO; all-in-one field tool
Raspberry Pi 5 Portable compute for scripts $60–90 Run Python tools in the field; pair with battery pack
FLIR Lepton 3.5 Module Thermal countermeasure testing $220–280 160×120 thermal sensor; Pi-compatible breakout boards available
HackRF One Wide-band SDR (1 MHz–6 GHz) $320–380 Professional spectrum analysis; receive-only for legal use
USB BT5.0 Adapter BLE tracker scanning $12–18 Required for desktop BLE scanning with bleak/nRF Connect

Mobile Tools

Essential apps for on-the-go counter-surveillance assessment.

Android

  • AirGuard: BLE tracker detection (AirTag, SmartTag, Tile)
  • nRF Connect: Professional BLE scanner & GATT explorer
  • SnoopSnitch: IMSI catcher detection (Qualcomm root required)
  • Haven: Physical security sensor (motion, sound, light)
  • NetX / Fing: Network scanner for camera discovery
  • Wigle WiFi Wardriving: AP mapping & signal logging

iOS

  • Tracker Detect: AirTag detection (limited vs AirGuard)
  • nRF Connect: BLE scanner (iOS version available)
  • Fing: Network scanner for local device discovery
  • Signal Strength: Wi-Fi/cellular signal mapping
  • Built-in: iOS 14.5+ has automatic unknown AirTag alerts
  • Lockdown Mode: iOS 16+ extreme device hardening

iOS vs Android for Counter-Surveillance

Android provides deeper hardware access: root-level BLE scanning, IMSI catcher detection (SnoopSnitch), and more flexible network tools. iOS offers stronger baseline privacy (Lockdown Mode, Mail Privacy Protection) but restricts low-level radio tools. For research, Android on a secondary device is preferred.

Recommended Toolkit by Goal

Detection & Discovery

  • BLE trackers: AirGuard, nRF Connect
  • Rogue cells: SnoopSnitch
  • Camera networks: Shodan, Censys, nmap
  • Wi-Fi mapping: Wigle.net, airodump-ng
  • Public mapping: EFF Atlas of Surveillance

Hardening & Hygiene

  • Metadata: ExifTool, MAT2
  • Image privacy: Fawkes, LowKey
  • Account isolation: SimpleLogin, Firefox Relay
  • Device hardening: MAC randomization tools
  • Audio sanitization: ffmpeg, Audacity

Testing & Validation

  • Face recognition: DeepFace, face_recognition
  • Adversarial ML: IBM ART, Foolbox, CleverHans
  • Pose estimation: MediaPipe, OpenPose
  • Voice analysis: Resemblyzer, librosa
  • Network scanning: nmap, ONVIF probes

Research Toolkit Setup

One-command setup for a comprehensive counter-surveillance research environment.

toolkit_setup.sh
bash 
#!/bin/bash
# Counter-surveillance research toolkit setup
# Creates isolated Python environment with key assessment tools

set -euo pipefail
echo "=== Counter-Surveillance Research Toolkit ==="

# Create virtual environment
python3 -m venv cs-toolkit
source cs-toolkit/bin/activate  # Linux/macOS
# Windows users: replace 'source cs-toolkit/bin/activate' with 'cs-toolkit\Scripts\activate'
# cs-toolkit\Scripts\activate  # Windows

# --- Core ML/Vision Libraries ---
# Note: This installs CPU-only PyTorch. For GPU support, use:
# pip install torch torchvision --index-url https://download.pytorch.org/whl/cu121
pip install torch torchvision  # PyTorch (CPU or GPU)
pip install opencv-python-headless  # OpenCV without GUI
pip install mediapipe  # Google MediaPipe (pose, face, hand)
pip install Pillow numpy scipy  # Fundamentals
pip install ultralytics  # YOLOv8 (object detection)

# --- Facial Recognition & Privacy ---
pip install deepface  # Multi-model face verification
pip install face_recognition  # dlib-based face recognition
# NOTE: Fawkes pip package is broken since late 2023.
# Install from source instead:
#   git clone https://github.com/Shawn-Shan/fawkes.git && cd fawkes && pip install .

# --- Adversarial ML ---
pip install adversarial-robustness-toolbox  # IBM ART (PyTorch backend)
pip install foolbox  # Adversarial examples (PyTorch-native)
# NOTE: cleverhans targets TensorFlow and may conflict with PyTorch.
# Install only if you need TF-based attacks:
#   pip install cleverhans tensorflow

# --- Audio/Voice ---
pip install librosa soundfile  # Audio analysis
pip install resemblyzer  # Speaker embeddings
pip install pydub  # Audio manipulation

# --- OSINT & Network ---
pip install shodan  # Shodan API client
pip install censys  # Censys API client
pip install scapy  # Packet crafting/analysis

# --- Metadata & Privacy ---
# ExifTool (system install — not pip)
# Linux: sudo apt install libimage-exiftool-perl
# macOS: brew install exiftool
# Windows: https://exiftool.org/install.html

# --- BLE/Bluetooth ---
pip install bleak  # Cross-platform BLE scanner

echo ""
echo "=== Toolkit Ready ==="
pip list --format=columns | head -30
echo "..."
echo "Total packages: $(pip list | wc -l)"
#!/bin/bash
# Counter-surveillance research toolkit setup
# Creates isolated Python environment with key assessment tools

set -euo pipefail
echo "=== Counter-Surveillance Research Toolkit ==="

# Create virtual environment
python3 -m venv cs-toolkit
source cs-toolkit/bin/activate  # Linux/macOS
# Windows users: replace 'source cs-toolkit/bin/activate' with 'cs-toolkit\Scripts\activate'
# cs-toolkit\Scripts\activate  # Windows

# --- Core ML/Vision Libraries ---
# Note: This installs CPU-only PyTorch. For GPU support, use:
# pip install torch torchvision --index-url https://download.pytorch.org/whl/cu121
pip install torch torchvision  # PyTorch (CPU or GPU)
pip install opencv-python-headless  # OpenCV without GUI
pip install mediapipe  # Google MediaPipe (pose, face, hand)
pip install Pillow numpy scipy  # Fundamentals
pip install ultralytics  # YOLOv8 (object detection)

# --- Facial Recognition & Privacy ---
pip install deepface  # Multi-model face verification
pip install face_recognition  # dlib-based face recognition
# NOTE: Fawkes pip package is broken since late 2023.
# Install from source instead:
#   git clone https://github.com/Shawn-Shan/fawkes.git && cd fawkes && pip install .

# --- Adversarial ML ---
pip install adversarial-robustness-toolbox  # IBM ART (PyTorch backend)
pip install foolbox  # Adversarial examples (PyTorch-native)
# NOTE: cleverhans targets TensorFlow and may conflict with PyTorch.
# Install only if you need TF-based attacks:
#   pip install cleverhans tensorflow

# --- Audio/Voice ---
pip install librosa soundfile  # Audio analysis
pip install resemblyzer  # Speaker embeddings
pip install pydub  # Audio manipulation

# --- OSINT & Network ---
pip install shodan  # Shodan API client
pip install censys  # Censys API client
pip install scapy  # Packet crafting/analysis

# --- Metadata & Privacy ---
# ExifTool (system install — not pip)
# Linux: sudo apt install libimage-exiftool-perl
# macOS: brew install exiftool
# Windows: https://exiftool.org/install.html

# --- BLE/Bluetooth ---
pip install bleak  # Cross-platform BLE scanner

echo ""
echo "=== Toolkit Ready ==="
pip list --format=columns | head -30
echo "..."
echo "Total packages: $(pip list | wc -l)"

Docker-Based Environment

Prefer zero-host-pollution? Use Docker to run the full research toolkit without modifying your system Python or installing system packages.

Dockerfile
dockerfile 
# Docker-based research environment — zero host pollution
# Includes all Python tools + system deps pre-configured
# Expected image size: ~4.5 GB (includes PyTorch + CUDA runtime + all research tools)
#
# ⚠ Create requirements.txt with the following content before building:
# --- requirements.txt ---
# deepface>=0.0.89
# mediapipe>=0.10.0
# resemblyzer>=0.1.3
# librosa>=0.10.0
# easyocr>=1.7.0
# adversarial-robustness-toolbox>=1.17.0
# torch>=2.0.0
# torchvision>=0.15.0
# opencv-python>=4.8.0
# numpy>=1.24.0
# scipy>=1.11.0
# Pillow>=10.0.0

FROM python:3.11-slim

# System dependencies
RUN apt-get update && apt-get install -y --no-install-recommends \
    libimage-exiftool-perl \
    ffmpeg \
    nmap \
    libgl1-mesa-glx \
    libglib2.0-0 \
    git \
    && rm -rf /var/lib/apt/lists/*

# Python toolchain
COPY requirements.txt /tmp/
RUN pip install --no-cache-dir -r /tmp/requirements.txt

# Fawkes from source (pip package broken)
RUN git clone --depth 1 https://github.com/Shawn-Shan/fawkes.git /opt/fawkes \
    && cd /opt/fawkes && pip install --no-cache-dir .

WORKDIR /workspace
VOLUME ["/workspace"]

# Usage:
#   docker build -t cs-toolkit .
#   docker run -it --rm -v $(pwd):/workspace cs-toolkit bash
# Docker-based research environment — zero host pollution
# Includes all Python tools + system deps pre-configured
# Expected image size: ~4.5 GB (includes PyTorch + CUDA runtime + all research tools)
#
# ⚠ Create requirements.txt with the following content before building:
# --- requirements.txt ---
# deepface>=0.0.89
# mediapipe>=0.10.0
# resemblyzer>=0.1.3
# librosa>=0.10.0
# easyocr>=1.7.0
# adversarial-robustness-toolbox>=1.17.0
# torch>=2.0.0
# torchvision>=0.15.0
# opencv-python>=4.8.0
# numpy>=1.24.0
# scipy>=1.11.0
# Pillow>=10.0.0

FROM python:3.11-slim

# System dependencies
RUN apt-get update && apt-get install -y --no-install-recommends \
    libimage-exiftool-perl \
    ffmpeg \
    nmap \
    libgl1-mesa-glx \
    libglib2.0-0 \
    git \
    && rm -rf /var/lib/apt/lists/*

# Python toolchain
COPY requirements.txt /tmp/
RUN pip install --no-cache-dir -r /tmp/requirements.txt

# Fawkes from source (pip package broken)
RUN git clone --depth 1 https://github.com/Shawn-Shan/fawkes.git /opt/fawkes \
    && cd /opt/fawkes && pip install --no-cache-dir .

WORKDIR /workspace
VOLUME ["/workspace"]

# Usage:
#   docker build -t cs-toolkit .
#   docker run -it --rm -v $(pwd):/workspace cs-toolkit bash

GPU Passthrough

For CUDA-accelerated adversarial ML experiments, use --gpus all with NVIDIA Container Toolkit installed: docker run --gpus all -it cs-toolkit bash.

Learning Resources

Research Papers

  • • Goodfellow et al. — "Explaining and Harnessing Adversarial Examples" (FGSM origin paper)
  • • Sharif et al. — "Adversarial Generative Nets" (physical-world face recognition attacks)
  • • Shan et al. — "Fawkes: Protecting Privacy against Unauthorized Deep Learning"
  • • Carlini & Wagner — "Towards Evaluating the Robustness of Neural Networks"
  • • Thys et al. — "Fooling Automated Surveillance Cameras: Adversarial Patches to Attack Person Detection"

Organizations & Databases

  • EFF (Electronic Frontier Foundation): Digital privacy advocacy and surveillance tracking
  • EPIC (Electronic Privacy Information Center): Privacy policy research and litigation
  • Access Now: Global digital rights and surveillance accountability
  • Citizen Lab: Targeted surveillance research (University of Toronto)
  • MITRE ATT&CK: Adversary tactics and techniques framework

Conferences & Talks

  • • DEF CON AI Village — Adversarial ML demonstrations
  • • Black Hat — Surveillance and privacy research
  • • USENIX Security — Academic security research with ML focus
  • • CCC (Chaos Communication Congress) — European privacy/surveillance talks
  • • IEEE S&P — Top-tier security research including adversarial ML

Hardware Resources

  • IR LED boards: 850nm/940nm development boards (Amazon, AliExpress)
  • HackRF One: SDR for spectrum analysis (do not transmit without authorization)
  • Raspberry Pi: Portable compute for field testing scripts
  • USB Bluetooth 5.0 adapter: For BLE scanning and tracker detection
  • FLIR Lepton: Thermal imaging sensor module for thermal defense testing

Tool Selection Principle

Start with the minimum viable toolkit for your specific threat model. Don't install everything — choose tools based on which biometric vectors are most relevant to your assessment. A focused toolkit is more effective than a comprehensive but untested one.

Getting Started Checklist

  • Install ExifTool first: immediate ROI for metadata hygiene with near-zero learning curve
  • Set up Python venv: isolated environment prevents dependency conflicts across tools
  • Test DeepFace locally: understand face recognition before trying to defeat it
  • Try AirGuard: install on your phone to baseline your BLE tracker exposure
  • Bookmark EFF Atlas: know what surveillance exists in your area before planning countermeasures
🎯

Tool Setup Labs

Hands-on exercises to install, configure, and validate your counter-surveillance toolkit.

🔧
Core Toolkit Installation Custom Lab easy
Set up Python virtual environment with toolkit scriptInstall and verify ExifTool functionalityRun DeepFace face verification on test imagesInstall AirGuard and run initial BLE scanTest Shodan CLI with API key for device discovery
🔧
Adversarial ML Environment Setup Custom Lab hard
Install IBM ART and verify with pre-trained modelRun FGSM attack against ResNet-50 using ARTInstall Foolbox and compare attack APIsSet up MediaPipe pose estimation pipelineCreate end-to-end test: image → attack → defense → evaluation
Need help setting up? Check our Lab Setup Guide →
Legal Frameworks Back to Overview

Related Topics

Counter-Surveillance Overview

Complete guide index and section overview.

Adversarial ML

ML attack methods and model evaluation.

Surveillance Infrastructure

Camera mapping and coverage analysis.

OSINT

Open-source intelligence techniques.