Advanced GPS Spoofing Detection & Satellite Telemetry Analysis Toolkit
English ⒠Türkçe ⒠Documentation ⒠Demo
SatGuard is an open-source toolkit for analyzing satellite terminal telemetry data and detecting GPS spoofing/jamming attacks. Designed for security researchers, journalists, and human rights organizations monitoring state-level electronic warfare against civilian satellite infrastructure.
- π Telemetry Parser - Parse and analyze Starlink debug telemetry data
- π¨ Anomaly Detection - ML-powered GPS spoofing detection algorithms
- π Interactive Dashboard - Real-time visualization of satellite health metrics
- π Multi-Region Analysis - Compare interference patterns across geographies
- π± Mobile-Ready - Responsive design for field deployment
# Clone the repository
git clone https://github.com/zencefilefendi/satguard.git
cd satguard
# Install dependencies
pip install -r requirements.txt
# Run analysis on telemetry data
python -m satguard analyze --input data/telemetry.json
# Start the dashboard
python -m satguard dashboard --port 8080- Python 3.10+
- Node.js 18+ (for dashboard)
- 512MB RAM minimum
pip install satguardgit clone https://github.com/zencefilefendi/satguard.git
cd satguard
pip install -e .Parse raw Starlink debug telemetry into structured analysis:
from satguard import TelemetryParser
parser = TelemetryParser()
data = parser.parse_file("debug_export.json")
print(f"GPS Status: {data.gps.status}")
print(f"Satellites: {data.gps.satellite_count}")
print(f"Spoofing Detected: {data.gps.is_inhibited}")Multi-factor detection algorithm analyzing:
| Indicator | Normal | Jamming | Spoofing |
|---|---|---|---|
| Satellite Count | 10-18 | 0-5 | 10-18 |
| GPS Valid | β | β | β |
| Inhibit Flag | β | β | β |
| Packet Loss | <1% | Variable | 15-30% |
from satguard import SpoofingDetector
detector = SpoofingDetector()
result = detector.analyze(telemetry_data)
print(f"Attack Type: {result.attack_type}") # SPOOFING, JAMMING, or NONE
print(f"Confidence: {result.confidence}%")
print(f"Severity: {result.severity}")Quantify the impact of GPS interference on connectivity:
from satguard import PerformanceAnalyzer
analyzer = PerformanceAnalyzer()
impact = analyzer.measure_impact(telemetry_data)
print(f"Packet Loss: {impact.packet_loss_percent}%")
print(f"Stable Connection Time: {impact.stable_seconds}s")
print(f"Pointing Error: {impact.pointing_error_deg}Β°")
print(f"Service Level: {impact.service_level}") # BROADBAND, DEGRADED, UNUSABLEReal-time monitoring with WebSocket support:
satguard dashboard --config config.yamlFeatures:
- Live telemetry streaming
- GPS constellation visualization
- Historical trend analysis
- Alert notifications
- Export to PDF/CSV
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β SATGUARD ANALYSIS REPORT β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ£
β Terminal ID: [REDACTED] β
β Location: Iran (IR) β
β Analysis Time: 2026-01-15 14:32:00 UTC β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ£
β β
β π¨ GPS SPOOFING DETECTED β
β β
β Evidence: β
β ββ GPS Valid: true (hardware functional) β
β ββ Satellites: 18 (normal count) β
β ββ Inhibit Flag: TRUE (anti-spoofing triggered) β
β ββ Confidence: 94.2% β
β β
β Impact Assessment: β
β ββ Packet Loss: 22.4% (sustained) β
β ββ Stable Connection: 0 seconds β
β ββ Pointing Error: 1.06Β° (3.3x uncertainty) β
β ββ Service Level: SEVERELY DEGRADED β
β β
β Recommendation: β
β ββ Deploy RF shielding or relocate terminal β
β β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
SatGuard includes data on known GPS interference zones:
| Region | Primary Attack Type | Typical Impact |
|---|---|---|
| Iran | Spoofing | 20-30% packet loss |
| Eastern Mediterranean | Spoofing | 15-25% packet loss |
| Ukraine/Russia Border | Jamming + Spoofing | Variable |
| North Korea Border | Jamming | Signal loss |
Create config.yaml:
satguard:
analysis:
spoofing_threshold: 0.85
min_satellites_normal: 8
max_packet_loss_normal: 0.05
dashboard:
port: 8080
refresh_interval: 5
enable_alerts: true
export:
format: ["json", "csv", "pdf"]
redact_pii: trueThis project builds upon groundbreaking research in satellite security:
Primary Research Credit:
Nariman Gharib - Original technical analysis of Starlink GPS spoofing during Iran's January 2026 internet shutdown.
Repository: starlink-iran-gps-spoofing
The detection algorithms and analysis methodology in SatGuard are derived from and extend this foundational work. We are deeply grateful for the original research that made this possible.
- SpaceX Starlink technical documentation
- GPS.gov interference detection guidelines
- Academic papers on GNSS spoofing detection
MIT License - See LICENSE for details.
This is free software. You can use, modify, and distribute it freely while maintaining attribution.
We welcome contributions! See CONTRIBUTING.md for guidelines.
Priority areas:
- Support for OneWeb/Kuiper telemetry
- Mobile app (React Native)
- Machine learning model improvements
- Additional language translations
This tool is for defensive security research only. Do not use for:
- Interfering with satellite communications
- GPS spoofing or jamming
- Any illegal activities
Users are responsible for compliance with local laws.
- Author: Zencefil Efendi
- Twitter: @zencefilefendi
- Email: zencefilefendi@gmail.com
Built with π‘οΈ for Internet Freedom
Protecting civilian satellite infrastructure from state-level attacks