Skip to content

Latest commit

 

History

History
37 lines (26 loc) · 1.73 KB

File metadata and controls

37 lines (26 loc) · 1.73 KB

Threat Model (Operator Tooling)

Authorized Use Only

This document describes security properties of the Alfa Arsenal control plane. It does not replace engagement-specific legal review or authorization processes.

Scope

This document describes security properties of the Alfa Arsenal control plane when used as an authorized wireless assessment platform. It does not replace engagement-specific legal review.

Assets

  • Captured handshakes, PMKIDs, credentials, PCAPs, GPS traces.
  • SQLite database (ArsenalConfig.db_path).
  • API keys (api_secret_key / X-API-Key) and remote coordination API secrets (c2_secret_key).

Threats

Threat Mitigation
Unauthorized API use Bind API to 127.0.0.1 by default; set api_secret_key; reverse proxy + mTLS for remote access.
Unauthorized RF operations Engagement policy (policy_file); ROE menu; target BSSID allowlists.
Data tampering Evidence hashing (core/evidence.py); prefer immutable storage for deliverables.
Container escape API Docker image is optional and RF-less; production RF runs on host with least privilege.
Supply chain Pin Python deps (requirements.txt); verify distro packages; audit Git clones in install.sh.

NIST / STIG alignment (high level)

  • Least privilege: run as non-root where possible; wireless operations still require capabilities equivalent to root on Linux.
  • Audit: structured logging (ArsenalLogger); metrics (/metrics); assessment runs in DB.
  • Configuration: policy-as-code JSON; no default wide-open remote coordination API secret.

Out of scope

  • Physical security of the hardware adapter.
  • Target network legal authorization (operator responsibility).