# **Challenge 1: Basic Plotting & Map Annotation**
Welcome!  In this challenge, you'll learn to perform basic map annotations through `Folium`, and learn to perform basic data analysis & cleaning through `Pandas`.

You'll be working with a pre-captured dataset captured from a ESP8266 powered war(flying) rig!  Your first task is to simply plot all the networks captured from the flight.

### **Step 1**: Import the Dataset
Lets start by importing the dataset, which is formatted in the [WiGLE CSV](https://api.wigle.net/csvFormat.html) format.

Try printing out a table of the captured networks, and taking a random sample with Pandas' `sample()` function.

In [6]:
#### read wardriving csv file into Pandas dataframe
import pandas as pd
wd = pd.read_csv ('./Missoula-Warflight-08-21-2021.csv', delimiter = ',')

#### print the dataframe & total networks captured!
print("Total WiFi AP entries: " + str(len(wd)))
wd.sample(10)

Total WiFi AP entries: 5293


Unnamed: 0,MAC,SSID,Encryption,FirstSeen,Channel,RSSI,Latitude,Longitude,AltitudeMeters,AccuracyMeters,Type
4514,58:EF:68:BD:35:A9,UAP Believer,[WPA2-PSK-CCMP+TKIP][ESS],2021-8-21 18:47:56,4,-91,46.874306,-114.009471,991.8,160,WIFI
3467,70:F2:20:E1:1F:A3,CenturyLink4603,[WPA-PSK-CCMP+TKIP][WPA2-PSK-CCMP+TKIP][ESS],2021-8-21 18:46:5,6,-78,46.87183,-114.006825,1042.4,160,WIFI
1238,18:E8:29:5A:1B:8C,Missoula Paddleheads - Private,[WPA2-PSK-CCMP+TKIP][ESS],2021-8-21 18:41:17,1,-70,46.874283,-114.009138,964.5,243,WIFI
3416,38:35:FB:95:78:FE,HOTR-2G,[WPA2-PSK-CCMP+TKIP][ESS],2021-8-21 18:45:57,11,-76,46.871549,-114.00586,1040.6,160,WIFI
1053,74:D0:2B:D1:15:48,fuel,[WPA2-PSK-CCMP+TKIP][ESS],2021-8-21 18:40:42,8,-86,46.874196,-114.009145,964.4,241,WIFI
2402,38:35:FB:AE:C1:AE,MySpectrumWiFia8-2G,[WPA2-PSK-CCMP+TKIP][ESS],2021-8-21 18:44:1,1,-89,46.873496,-114.009772,1048.8,159,WIFI
1755,18:E8:29:14:23:3A,Missoula Paddleheads - Private,[WPA2-PSK-CCMP+TKIP][ESS],2021-8-21 18:42:47,1,-77,46.874216,-114.009182,971.8,185,WIFI
4969,A8:9A:93:B1:FF:96,MySpectrumWiFi90-2G,[WPA2-PSK-CCMP+TKIP][ESS],2021-8-21 18:48:49,1,-88,46.874165,-114.009148,977.6,238,WIFI
3646,A0:04:60:B0:AA:28,NETGEAR45,[WPA2-PSK-CCMP+TKIP][ESS],2021-8-21 18:46:33,4,-87,46.872272,-114.008205,1042.9,160,WIFI
4470,3C:37:86:62:4A:6E,NETGEAR95,[WPA2-PSK-CCMP+TKIP][ESS],2021-8-21 18:47:56,2,-87,46.874306,-114.009471,991.8,160,WIFI


### **Step 2**: Clean the Data
Sometimes it's necessary to clean our data to remove anomalies, or to trim down the dataset so its easier to filter for specific parameters.

In this case, an excess of duplicate networks were detected when the drone was sitting idle during takeoff and landing, so we filter those networks out by adding a time threshold.

To avoid oversaturating the map, let's only plot unique network entries using the `.unique()` function.

In [7]:
# match all the indices of the FirstSeen column less than OR greater than our time threshold

wd.drop(wd.index[wd["FirstSeen"] <= "2021-8-21 18:43:25"], inplace=True) # before takeoff
wd.drop(wd.index[wd["FirstSeen"] >= "2021-8-21 18:46:58"], inplace=True) # after landing

print("Total WiFi AP entries: " + str(len(wd)))
print("Unique network entries: " + str(len(wd.SSID.unique())))

Total WiFi AP entries: 1938
Unique network entries: 341


### **Exercise**: Basic Map Annotations
Let's map some data with basic annotations!  In this exercise, try mapping your own route between iconic landmarks in Las Vegas.

1. Use the `landmarks` dictionary to define the GPS locations of a couple places in Vegas
2. Create a map canvas with `folium.Map(location = (), zoom_start = )` by telling Folium which coordinates to center itself around - try using one of your landmarks!
3. Using the `folium.Marker()` annotation, plot the first and last landmark from your dictionary in colors of your choice.
4. Using the `folium.Polyline()` function, draw a path between your landmarks
5. Render the map!

In [8]:
import folium

# Add at least 5 iconic Vegas landmarks here!
landmarks = {
    "Caesars Palace": (36.1169, -115.1744),
    "Bellagio Fountain": (36.1129, -115.1753),
    "The Venetian": (36.1213, -115.1696),
    "MGM Grand": (36.1024, -115.1695),
    "Stratosphere": (36.1467, -115.1554)
}

########## STEP 1: Center the Map ##########
center_coords = list(landmarks.values())[0] ## coordinates here
vegasMap = folium.Map(location=center_coords, zoom_start=15)

########## STEP 2: Add Markers for start & stop of route! ##########
start_coords = list(landmarks.values())[0]
stop_coords  = list(landmarks.values())[-1]

folium.Marker(location = start_coords, popup = list(landmarks.keys())[0], icon = folium.Icon(color='green')).add_to(vegasMap)
folium.Marker(location = stop_coords, popup = list(landmarks.keys())[-1], icon = folium.Icon(color='red')).add_to(vegasMap)

########## STEP 3: Draw PolyLine between Landmarks! ##########
polyline_points = []
for locations in landmarks.values():
    polyline_points.append(locations)
folium.PolyLine(locations=polyline_points, color='blue').add_to(vegasMap)

########## STEP 4: Display the map! ##########
vegasMap

### **Step 4**: Automation with Auto Boundaries!
Now that you've mastered basic map annotations, lets apply them to the wardriving dataset and learn some new tricks!

- **Auto-fitting**: We can use the Pandas `mean()` function to automatically center the map using the average of our data points.
- **Auto-boundaries**: Similarly, Pandas' `min()` & `max()` functions lets us autofit the map canvas from our GPS data, using the Folium `fit_bounds()` function!
- **Polyline List**: We can pass a list directly to the `PolyLine()` function instead of using a `for` loop :)




In [9]:
import folium
from folium import FeatureGroup, LayerControl, Map, Marker

########## Auto-Fit & Auto-Bound Map from Dataset ##########
basicMap = folium.Map(wd[['Latitude', 'Longitude']].mean().values.tolist())
basicMap.fit_bounds([wd[['Latitude', 'Longitude']].min().values.tolist(), wd[['Latitude', 'Longitude']].max().values.tolist()])

########## Plot our Route! ##########
## get all dataframe fields matching Latitude and Longitude as a list
folium.PolyLine(wd[['Latitude', 'Longitude']].values.tolist(),line_opacity = 0.5, weight = 4).add_to(basicMap)

########## Add Markers for Start & Stop Location ##########
startFlight = wd.iloc[0]   ## first entry
endFlight   = wd.iloc[-1]  ## last entry

## query and plot attributes from the first & last entry
folium.Marker([startFlight['Latitude'], startFlight['Longitude']], popup = startFlight['FirstSeen'], icon=folium.Icon(color='green', icon_color='white', icon='plane', angle=0, prefix='fa')).add_to(basicMap)
folium.Marker([endFlight['Latitude'],endFlight['Longitude']], popup= endFlight['FirstSeen'], icon=folium.Icon(color='red', icon_color='white', icon='plane', angle=0, prefix='fa')).add_to(basicMap)

########## Plot our Basic Route ##########
basicMap

## **Step 5**: Cluster Maps
**Cluster maps** make it easy to plot data without oversaturating the map, by grouping multiple adjacent markers together! This is useful for identifying network density at a glance, while still letting us see individual networks upon zooming in.  

In [10]:
########## Import and Add MarkerCluster ##########
from folium.plugins import MarkerCluster

MarkerCluster()
networkCluster = MarkerCluster().add_to(basicMap)

########## Add Every Entry to the Cluster Map ##########
for index, networks in wd.iterrows():
  folium.Marker((networks['Latitude'],networks['Longitude']), popup=networks['SSID'], icon=folium.Icon(color='darkblue', icon_color='white', icon='wifi', angle=0, prefix='fa')).add_to(networkCluster)

########## Plot the Cluster Map! ##########
basicMap




---


# **Challenge 2: Insecure Network Heatmap**

## **Part 1**: Simple Heatmap

Before diving into this challenge, lets try a new feature: **HeatMaps**!  These are useful for visualizing the density of a single variable.

This simple example just plots **all networks types** as a heat map by passing coordinates as a list to `plugins.HeatMap()`

In [11]:
import folium, numpy
from folium import Map, Marker, plugins
from folium.plugins.heat_map import HeatMap

########## Auto-Fit Map Boundaries ##########
heatMap = folium.Map(wd[['Latitude', 'Longitude']].mean().values.tolist())
heatMap.fit_bounds([wd[['Latitude', 'Longitude']].min().values.tolist(), wd[['Latitude', 'Longitude']].max().values.tolist()])

########## Plot the Cluster Map! ##########
heatMap.add_child(plugins.HeatMap(wd[['Latitude', 'Longitude']].values, radius=60))
heatMap

## **Part 2**:  Create Your Map

In this challenge, you'll use your newfound mapping skills to plot all the insecure WiFi networks we discovered!  It's up to you how you want to plot your data but you can try any of these levels:

**Level 1**:  Plot a HeatMap of all WiFi Networks, and overlay Markers (or `MarkerCluster`) for every insecure network that was detected.  
**Level 2**:  See Level 1.  Color code your Markers and add custom icons corresponding to security level using [fontawesome](https://fontawesome.io)!  
**Level 3**:  Learn to use `FeatureGroups` and plot encryption types on separate layers - then overlay this on top of a HeatMap!  


#### Encryption Types
Insecure networks include `WEP`, and any Open Networks.  If you're having filtering multiple, try just `WEP` networks.

|Encryption|Wigle Data|Insecure|
|---|---|---|
|Open, Unencrypted|`[]`|yes|
|Open, Encrypted|`[ESS]`|yes|
|WEP|`[WEP][ESS]`|no|
|WPA|`[WPA-PSK-CCMP+TKIP][ESS]`|`no|
|WPA2|`[WPA2-PSK-CCMP+TKIP][ESS]`|no|
|WPA3|`[WPA3]`|no|

*hint: you can use the Pandas `isin()` function to check for a value in a list*

In [12]:
##  Filter for Insecure nets
allowed_encryptions = ['[ESS]', '[WEP]', '[]']
networks = wd.drop(wd.index[~(wd['Encryption'].isin(allowed_encryptions))]).values
##





import folium
from folium import FeatureGroup, LayerControl, Map, Marker

wd_encryption_map = folium.Map(wd[['Latitude', 'Longitude']].mean().values.tolist())
wd_encryption_map.fit_bounds([wd[['Latitude', 'Longitude']].min().values.tolist(), wd[['Latitude', 'Longitude']].max().values.tolist()])

# map feature groups for different encryption types
wep_feature_group = folium.FeatureGroup("WEP")
wpa_feature_group = folium.FeatureGroup("WPA")
wpa2_feature_group = folium.FeatureGroup("WPA2")
opn_feature_group = folium.FeatureGroup("Open")
none_feature_group = folium.FeatureGroup("None")

# convert dataframe to array
networks = wd.values

# add network coordinates
for network in networks:
  if   (network[2] == "[WPA-PSK-CCMP+TKIP][ESS]"):
    folium.Marker(location=[network[6],network[7]],  popup=network[1], icon=folium.Icon(color="blue",icon='user-secret',prefix='fa')).add_to(wpa_feature_group)

  elif (network[2] == "[WPA2-PSK-CCMP+TKIP][ESS]"):
    folium.Marker(location=[network[6],network[7]],  popup=network[1], icon=folium.Icon(color="green",icon='user-secret',prefix='fa')).add_to(wpa2_feature_group)

  elif (network[2] == "[WEP][ESS]"):
    folium.Marker(location=[network[6],network[7]],  popup=network[1], icon=folium.Icon(color="red",icon='user-secret',prefix='fa')).add_to(wep_feature_group)

  elif (network[2] == "[ESS]"):
    folium.Marker(location=[network[6],network[7]],  popup=network[1], icon=folium.Icon(color="orange",icon='user-secret',prefix='fa')).add_to(opn_feature_group)

  elif (network[2] == "[WPA-PSK-CCMP+TKIP][WPA2-PSK-CCMP+TKIP][ESS]"):
    folium.Marker(location=[network[6],network[7]],  popup=network[1], icon=folium.Icon(color="purple",icon='user-secret',prefix='fa')).add_to(none_feature_group)

# add feature groups to map
wep_feature_group.add_to(wd_encryption_map)
wpa_feature_group.add_to(wd_encryption_map)
wpa2_feature_group.add_to(wd_encryption_map)
opn_feature_group.add_to(wd_encryption_map)
none_feature_group.add_to(wd_encryption_map)

folium.LayerControl().add_to(wd_encryption_map)

display(wd_encryption_map)

---
# **Challenge 3**: Known Networks


In this challenge, you'll use Regular Expressions (regex) and Pandas to filter for network attributes!  Your objective is to either:
1. Filter for every network that looks like a setup or printer access point
2. Filter for all devices manufactured by `NETGEAR
`

### **Step 1**: MAC Address Lookup
This function searches the `mac-vendors.txt` database that lets us correlate MAC Addresses to their hardware vendor.  This works by looking at the first half of the MAC Address `00:00:00:11:22:33`, which correlates to a vendor `OUI` - Organizationally Unique Identifier.

In this case, `00:00:00` is registered to `Xerox Corporation`.

In [13]:
file = open('mac-vendors.txt', 'r', encoding="utf8")
mac_dict = {line[:8]: line[9:].strip() for line in file}
def getDeviceType(bssid): return mac_dict.get(bssid[:8], "Unknown")

bssid = "00:00:00:33:44:55"
print(getDeviceType(bssid))

XEROX CORPORATION


  We can identify how many of each unique manufacturer was spotted using the Pandas `value_counts()` function!

In [14]:
wd['Manufacturer'] = wd['MAC'].apply(getDeviceType)
manufacturer_counts = wd['Manufacturer'].value_counts()
print(manufacturer_counts)

# wd['SSID'].unique()

Unknown                                                              1550
NETGEAR                                                               106
Belkin International Inc.                                              48
Luxul                                                                  33
Sagemcom Broadband SAS                                                 32
D-Link Corporation                                                     28
Guangzhou Juan Optical and Electronical Tech Joint Stock Co., Ltd      27
ZyXEL Communications Corporation                                       18
ASUSTek COMPUTER INC.                                                  15
Hewlett Packard                                                        10
Ubiquiti Networks Inc.                                                 10
TP-LINK TECHNOLOGIES CO.,LTD.                                           9
Continental Automotive Systems Inc.                                     9
Apple, Inc.                           

## **Step 2**: Profiling Networks with Regex
**Regular Expressions** or Regex, is a powerful way to easily profile if text matches a pattern.  

We can use them to programatically determine if a network name contains strings like "printer" or "Spectrum" - which may indicated default passwords - instead of manually checking every combinations of a network name!

The simplest way to check if an entry contains a string is using the Pandas `contains()` function, which can even be set to ignore case using `case=False`.  In the example below, we check if the SSID contains either `Spectrum` OR `Setup` with the `|` operator.

```
NewNets = wd[wd['SSID'].str.contains(r'Spectrum|Setup', case=False)]
```

In [None]:
pattern = r'^.*(?=Spectrum|Setup|.{0,3}\d{2}).*$'
defaultNets = wd[wd['SSID'].str.contains(pattern, case=False, regex=True)]

defaultNets

## **Step 3**: Device Profiling Challenge

Create a map of your choosing that does any of these:
1. Filter for every network that looks like a default setup or printer access point
2. Filter for all devices manufactured by `NETGEAR` or a manufacturer of your choosing
3. ** bonus* * Try out some different [visual map styles](https://deparkes.co.uk/2016/06/10/folium-map-tiles/)!

In [None]:
## Write your code here! ##