AUTARCH v1.9 — remote monitoring, SSH manager, daemon, vault, cleanup

- Add Remote Monitoring Station with PIAP device profile system - Add SSH/SSHD manager with fail2ban integration - Add privileged daemon architecture for safe root operations - Add encrypted vault, HAL memory, HAL auto-analyst - Add network security suite, module creator, codex training - Add start.sh launcher script and GTK3 desktop launcher - Remove Output/ build artifacts, installer files, loose docs - Update .gitignore for runtime data and build artifacts - Update README for v1.9 with new launch method, screenshots, and features Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-24 06:59:06 -07:00
parent 1092689f45
commit da53899f66
382 changed files with 15277 additions and 493964 deletions
--- a/data/certs/autarch.crt
+++ b/data/certs/autarch.crt
@@ -1,19 +1,19 @@
 -----BEGIN CERTIFICATE-----
-MIIDKTCCAhGgAwIBAgIUCW+vp4vjVePB8SKJP/BM4tr7jMUwDQYJKoZIhvcNAQEL
+MIIDKTCCAhGgAwIBAgIUOTBeh2H+I3PoAy0YfoOagn0IehwwDQYJKoZIhvcNAQEL
 BQAwJDEQMA4GA1UEAwwHQVVUQVJDSDEQMA4GA1UECgwHZGFya0hhbDAeFw0yNjAz
-MTQwNjM4NDFaFw0zNjAzMTEwNjM4NDFaMCQxEDAOBgNVBAMMB0FVVEFSQ0gxEDAO
-BgNVBAoMB2RhcmtIYWwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI
-B5iVqvzKcLoSUIfP8DZXFmLwqOmE/yLFhWlC+/ZJAqNXq3+doJRp4PjRKxlp5Nd7
-TwXGVDMmQIU3INfvYWN8RKnR2FSl+UTQ8DV7VF8riXQPUBzlVyrxIWMIFYwX657U
-b7mACZ9wrGoW7wIaO6ojSZwcW62E4Oa6C50GdeCnEVW4Dg4IJquqn4spH3XWHvOI
-kyIAQoS2tsGccSi7m2ANJ3nJn7EGX6eakQ18RUiBjDQzBIFIDl3zfOF5UYnMo+eB
-r2wYysX8q1xxhB26p7zcgsr1Uih4m5qWHzkZ57gBVqW68UgyTL2GoMi88X+t310P
-Q5xrUIQ15nQTz5VI+KNBAgMBAAGjUzBRMB0GA1UdDgQWBBTVPc40s2BB/87L93bM
-fwLeGW+rnDAfBgNVHSMEGDAWgBTVPc40s2BB/87L93bMfwLeGW+rnDAPBgNVHRMB
-Af8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCk0BjWJm10wYTM7cQMRHj5whbL
-EFLBPMIkJmjaCIHOJXOu6Ixt6UfKSr+R7WL/nV2IjaIbQTXQbpn+pvH15RHWU2wR
-y19e1mfIoQ+8AUP0DsoUfy//fN+9rhAVs7g0oHOTym93owA230GtHhU0IL/U2iPE
-fvnMRkHgtus/cgw6F22mfy9ImrCAk0AOZGRp+7pW3KXdrOXxmejIQSp+l4uWBWHg
-42qlUlOxsWpazAz94pTlXyAt4IjV2ZpbojkYxj8G5zaIOZxzL1Js6mc91hoY/ZAt
-Z17YYB6oTSNybY+AF7PcPnCXkrtHkYO0S7M4VaLWqeUPgHZu5K9tEY9z5kn2
+MjAwMjIzMjVaFw0zNjAzMTcwMjIzMjVaMCQxEDAOBgNVBAMMB0FVVEFSQ0gxEDAO
+BgNVBAoMB2RhcmtIYWwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC
+lqLsxRPtvom0HkPzOsMKaYi73REgb2UMhZj2IEoNG8i3Kp4wSb6gSvTM3b8Zt/QU
+zZnHQRdxZXBZXduTp/zpMPD6A4yMoK/1Vk4chzLcfJ+CAEvSQxYn9vuxUavxRft7
+kfccl+FhcgwjExN7+d6TfgbK1MJZ+57BEdHg8sBfJHDo3A2D6I2EAkh5GlDeNnPK
+mQaQAutAnOuHfOFqdU/39ikwfH/ZYrMXkrGJtxqa3FzZsjL8R7l9KrU9KJD0ABA+
+r1jy5HRSFOtILRoeiQcdiQtnjl7Ywi/60b2U++FtFd8ZhlTme+OXmpcvrN/ua0wU
+8OFKuj7CvOrXuP3geEMrAgMBAAGjUzBRMB0GA1UdDgQWBBQEOig4M6s2dlHb8BZA
+/MeFtcOl2DAfBgNVHSMEGDAWgBQEOig4M6s2dlHb8BZA/MeFtcOl2DAPBgNVHRMB
+Af8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBImUFODRtzyqzUHq+DIM4IfUJ5
+kJPF41AMuU5NAFXiFdzwPZ9aM9nObjm9Gdm+u2gGGqaCg7NTffaB8GpyXbbQvm5D
+D118hE1uzTlChQrfLYcmuU3hUHzLw1p3H5kfXE04POeWBP/8SoVYJ8V/kvEZhm9l
+hS2KwTqG1T8UtX6x74p5jQAIifweUb+r9Qx4E26EEd/IJ1Dl9v1sKcms7tCh+rDY
+TKI69Fbeq1JECtGRDsphRr8M+Sczt/XjcDV00+JPyowOpzPVLV1Ubzfvh1UJxYjl
+ibOmgljCcFgR1f51lCNq4uwe6DTeG1vi2VrBLYJ+WhbJ2vE3HPpNYnJ0ofN0
 -----END CERTIFICATE-----
--- a/data/codex/autarch_codex.md
+++ b/data/codex/autarch_codex.md
--- a/data/codex/autarch_training.jsonl
+++ b/data/codex/autarch_training.jsonl
--- a/data/codex/autarch_training.summary.json
+++ b/data/codex/autarch_training.summary.json
@@ -0,0 +1,15 @@
+{
+  "generated": "2026-03-20T04:55:33.762570",
+  "total_pairs": 294,
+  "modules": 72,
+  "routes": 63,
+  "templates": 72,
+  "core_api": 87,
+  "output_bytes": 5335678,
+  "types": {
+    "module_creation": 72,
+    "route_creation": 63,
+    "template_creation": 72,
+    "api_reference": 87
+  }
+}
--- a/data/ddos_config.json
+++ b/data/ddos_config.json
@@ -1,8 +1,8 @@
 {
-  "enabled": false,
-  "auto_block_top_talkers": true,
+  "enabled": true,
+  "auto_block_top_talkers": false,
  "auto_enable_syn_cookies": true,
  "connection_threshold": 100,
  "syn_threshold": 50,
-  "updated": "2026-03-02T23:30:44.437461"
+  "updated": "2026-03-20T05:22:38.105465"
 }
--- a/data/hack_hijack/scans.json
+++ b/data/hack_hijack/scans.json
@@ -25,5 +25,14 @@
    "backdoors": [],
    "os_guess": "",
    "smb_info": {}
+  },
+  {
+    "target": "10.0.0.1/24",
+    "scan_time": "2026-03-20T19:42:41.312697+00:00",
+    "duration": 0.0,
+    "open_ports": [],
+    "backdoors": [],
+    "os_guess": "",
+    "smb_info": {}
  }
 ]
--- a/data/hal_system_prompt.txt
+++ b/data/hal_system_prompt.txt
@@ -1,98 +1,64 @@
-You are Hal, the AI agent powering Project AUTARCH — an autonomous security platform built by darkHal Security Group.
+You are Hal, the AI security agent for AUTARCH — built by darkHal Security Group and Setec Security Labs.
+
+## CRITICAL RULES — READ FIRST
+
+1. NEVER use markdown formatting (no **, ##, ```, -, * bullets). Respond in plain text only.
+2. NEVER draw ASCII art, tables, boxes, or diagrams.
+3. DETECT THE OS FIRST before running any command. Use the shell tool to run "uname -s" or check if you're on Windows. Then ONLY run commands for THAT operating system. Never list commands for multiple distros or platforms in one response.
+4. On Linux: detect the distro (cat /etc/os-release). Use apt for Debian/Ubuntu, dnf for Fedora, pacman for Arch. Do NOT guess — check first.
+5. On Windows: use PowerShell or cmd commands. Do NOT mix in Linux commands.
+6. For commands that need root/admin: use the shell tool directly — the system has a privileged daemon that handles elevation automatically. NEVER prefix commands with "sudo". Just run the command.
+7. Run ONE command at a time. Verify it worked before running the next one.
+8. Keep responses short and direct. No filler, no preamble.
+9. When asked to do something, DO IT. Don't explain how it would be done on 5 different OSes.

 ## Your Capabilities
-You can read files, write files, execute shell commands, search the codebase, and create new AUTARCH modules on demand. When a user asks you to build a tool or module, you build it.

-## AUTARCH Codebase Structure
- `modules/` — Plugin modules (Python files). Each one is a standalone tool.
- `core/` — Framework internals (llm.py, agent.py, tools.py, config.py, wireshark.py, etc.)
- `web/` — Flask web dashboard (routes/, templates/, static/)
- `data/` — Databases, configs, JSON files
- `models/` — LLM model files (GGUF)
+You can read files, write files, execute shell commands, search the codebase, and create new AUTARCH modules.

-## Module Categories
-| Category | Color | Purpose |
-|----------|-------|---------|
-| defense | Blue | Security hardening, monitoring, firewalls |
-| offense | Red | Penetration testing, exploitation |
-| counter | Purple | Counter-intelligence, threat response |
-| analyze | Cyan | Analysis, forensics, packet inspection |
-| osint | Green | Open source intelligence gathering |
-| simulate | Yellow | Attack simulation, red team exercises |
+## Common Commands by OS

-## How to Create a Module
-Every module in `modules/` MUST have these attributes and a `run()` function:
+Linux (Debian/Ubuntu):
+  apt update && apt install <package>
+  systemctl start/stop/status <service>
+  iptables -A INPUT -s <ip> -j DROP
+  ip addr / ip route / ip neigh / ss -tunap

-```python
-"""
-Module description docstring
-"""
-import os
-import sys
-import subprocess
-from pathlib import Path
+Linux (Fedora/RHEL):
+  dnf install <package>
+  systemctl start/stop/status <service>
+  firewall-cmd --add-rich-rule='rule family=ipv4 source address=<ip> drop'

-# Module metadata — REQUIRED
-DESCRIPTION = "What this module does"
-AUTHOR = "darkHal"
-VERSION = "1.0"
-CATEGORY = "defense"  # One of: defense, offense, counter, analyze, osint, simulate
+Windows:
+  Get-NetFirewallRule / New-NetFirewallRule
+  netsh advfirewall firewall add rule
+  Get-Service / Start-Service / Stop-Service

-sys.path.insert(0, str(Path(__file__).parent.parent))
-from core.banner import Colors, clear_screen, display_banner
+IMPORTANT: Only use the commands for the OS you detect. Never mix them.

+## AUTARCH Codebase

-class ModuleClassName:
-    """Main class for this module."""
+Structure:
+  modules/    Plugin modules (Python). Each has DESCRIPTION, AUTHOR, VERSION, CATEGORY, and run().
+  core/       Framework internals (llm.py, agent.py, config.py, daemon.py, etc.)
+  web/        Flask dashboard (routes/, templates/, static/)
+  data/       Databases, configs, JSON files

-    def print_status(self, message, status="info"):
-        colors = {"info": Colors.CYAN, "success": Colors.GREEN, "warning": Colors.YELLOW, "error": Colors.RED}
-        symbols = {"info": "*", "success": "+", "warning": "!", "error": "X"}
-        print(f"{colors.get(status, Colors.WHITE)}[{symbols.get(status, '*')}] {message}{Colors.RESET}")
+Module categories: defense, offense, counter, analyze, osint, simulate, core, hardware

-    def run_cmd(self, cmd, timeout=30):
-        try:
-            r = subprocess.run(cmd, shell=True, capture_output=True, text=True, timeout=timeout)
-            return r.returncode == 0, r.stdout.strip()
-        except Exception as e:
-            return False, str(e)
+To create a module, use the create_module tool. It validates and saves automatically.

-    # Add your methods here...
+## How to Respond

+For questions: answer directly in plain text. No markdown.
+For tasks: use tools. Run one command, check the result, then continue.
+For module creation: use create_module tool.

-def run():
-    """Entry point for CLI mode."""
-    mod = ModuleClassName()
-    # Interactive menu or direct execution
-```
+When running shell commands — ALWAYS detect OS first, then:
+  CORRECT: iptables -L -n (after confirming Linux)
+  WRONG: sudo iptables -L -n
+  WRONG: Here's how to do it on Linux, Windows, and macOS...

-## Important Rules
-1. Use the `create_module` tool to write modules — it validates and saves them automatically
-2. Always include the metadata: DESCRIPTION, AUTHOR, VERSION, CATEGORY
-3. Always include a `run()` function
-4. Use `subprocess.run()` for system commands — support both Windows (PowerShell/netsh) and Linux (bash)
-5. Import from `core.banner` for Colors
-6. Module filenames should be lowercase with underscores (e.g., `port_scanner.py`)
-7. Study existing modules with `read_file` if you need to understand patterns
-8. The web dashboard discovers modules automatically from the `modules/` directory
-
-## Platform
-This system runs on Windows. Use PowerShell commands where appropriate, but also support Linux fallbacks.
-
-## Existing Modules (for reference)
- defender.py — System hardening checks (CATEGORY: defense)
- defender_windows.py — Windows-native security checks (CATEGORY: defense)
- defender_monitor.py — Real-time threat monitoring (CATEGORY: defense)
- recon.py — Network reconnaissance (CATEGORY: offense)
- counter.py — Counter-intelligence tools (CATEGORY: counter)
- adultscan.py — Adult content scanner (CATEGORY: analyze)
- agent_hal.py — AI security automation (CATEGORY: core)
- wireshark.py — Packet analysis (CATEGORY: analyze)
- hardware_local.py — Hardware interaction (CATEGORY: hardware)
-
-## How You Should Respond
- For simple questions: answer directly
- For module creation requests: use the create_module tool
- For system queries: use the shell tool
- For code exploration: use read_file and search_files
- Always explain what you're doing and why
+When explaining results:
+  CORRECT: The firewall has 3 rules. Port 22 is open. Port 80 is open. Port 443 is restricted to 10.0.0.0/24.
+  WRONG: ## Firewall Analysis\n\n**Summary**: The firewall has...
--- a/data/piap/gl6000.piap
+++ b/data/piap/gl6000.piap
@@ -0,0 +1,129 @@
+; ============================================================================
+; GL.iNet Flint 2 (GL-MT6000) — Remote Monitor Station
+; AUTARCH PIAP (Platform Integration & Access Profile)
+; ============================================================================
+;
+; This file defines a remote device for AUTARCH's Remote Monitoring Station.
+; AUTARCH reads this file to build the UI, connect to the device, and control
+; its radios and features.
+;
+; To create your own .piap file, copy template.piap from this folder,
+; fill in your device info, and save it with a name of your choice.
+; It will appear in the dropdown menu automatically.
+;
+; ============================================================================
+
+[device]
+; Name shown in the AUTARCH dropdown menu
+name = Flint 2
+; Device model / description
+model = GL.iNet GL-MT6000
+; Chipset info (for reference)
+chipset = MediaTek MT7986A (Filogic 830)
+; WiFi chipset
+wifi_chipset = MediaTek MT7976C
+; Icon (optional, filename in /web/static/img/)
+icon = router.png
+; Operating system running on the device
+os = OpenWrt 25
+
+[connection]
+; SSH connection details
+host = 192.168.1.1
+port = 22
+user = root
+; Auth method: key or password
+auth = key
+; Path to SSH key (leave blank to use default ~/.ssh/id_ed25519)
+key_path =
+; Password (only used if auth = password, stored in vault if available)
+password =
+; Connection timeout in seconds
+timeout = 10
+
+[radio_0]
+; ── First radio (2.4GHz) ──────────────────────────────────────────────────
+; Radio name shown in UI
+name = 2.4GHz Radio
+; Phy device name on the remote device
+phy = phy0
+; Default interface name
+interface = wlan0
+; Monitor interface name (created when monitor mode is enabled)
+monitor_interface = mon0
+; Supported bands
+band = 2.4GHz
+; Supported channels (comma separated)
+channels = 1,2,3,4,5,6,7,8,9,10,11,12,13,14
+; Default channel for monitor mode
+default_channel = 6
+; Supported modes (comma separated)
+; These become buttons in the UI
+modes = managed,monitor,ap
+; Command to enable monitor mode
+; {phy} and {mon} are replaced with phy and monitor_interface values
+cmd_monitor_on = iw dev {interface} del 2>/dev/null; iw phy {phy} interface add {mon} type monitor && ip link set {mon} up && iw dev {mon} set channel {channel}
+; Command to disable monitor mode
+cmd_monitor_off = ip link set {mon} down 2>/dev/null; iw dev {mon} del 2>/dev/null
+; Command to set channel
+cmd_set_channel = iw dev {mon} set channel {channel}
+; Command to get current status
+cmd_status = iw dev 2>/dev/null | grep -A5 "{mon}\|{interface}"
+; Supports frame injection
+injection = true
+; Supports radiotap headers
+radiotap = true
+
+[radio_1]
+; ── Second radio (5GHz) ───────────────────────────────────────────────────
+name = 5GHz Radio
+phy = phy1
+interface = wlan1
+monitor_interface = mon1
+band = 5GHz
+channels = 36,40,44,48,52,56,60,64,100,104,108,112,116,120,124,128,132,136,140,144,149,153,157,161,165
+default_channel = 36
+modes = managed,monitor,ap
+cmd_monitor_on = iw dev {interface} del 2>/dev/null; iw phy {phy} interface add {mon} type monitor && ip link set {mon} up && iw dev {mon} set channel {channel}
+cmd_monitor_off = ip link set {mon} down 2>/dev/null; iw dev {mon} del 2>/dev/null
+cmd_set_channel = iw dev {mon} set channel {channel}
+cmd_status = iw dev 2>/dev/null | grep -A5 "{mon}\|{interface}"
+injection = true
+radiotap = true
+
+[features]
+; ── Available features (become sub-tabs in the UI) ────────────────────────
+; Each feature name maps to a sub-tab. The commands are run over SSH.
+; Additional features can be added — they automatically appear as tabs.
+
+; Packet capture
+capture = true
+cmd_capture_start = tcpdump -i {mon} -w /tmp/capture_{timestamp}.pcap &
+cmd_capture_stop = killall tcpdump 2>/dev/null
+cmd_capture_pull = cat /tmp/capture_*.pcap
+
+; WiFi scanning (passive)
+wifi_scan = true
+cmd_wifi_scan = iw dev {mon} scan passive 2>/dev/null || tcpdump -i {mon} -c 100 -e 2>&1 | grep Beacon
+
+; Aircrack suite
+aircrack = true
+cmd_airodump = airodump-ng {mon}
+cmd_aireplay = aireplay-ng {mon}
+cmd_aircrack = aircrack-ng
+
+; Deauthentication
+deauth = true
+cmd_deauth = aireplay-ng --deauth {count} -a {bssid} {mon}
+
+; Channel hopping
+channel_hop = true
+cmd_channel_hop = while true; do for ch in {channels}; do iw dev {mon} set channel $ch; sleep 0.5; done; done
+
+[info]
+; ── Device info (read-only, displayed in UI) ─────────────────────────────
+cmd_uptime = uptime
+cmd_memory = free -m
+cmd_disk = df -h /
+cmd_kernel = uname -a
+cmd_wifi_info = iw dev
--- a/data/piap/template.piap
+++ b/data/piap/template.piap
@@ -0,0 +1,135 @@
+; ============================================================================
+; AUTARCH PIAP Template (Platform Integration & Access Profile)
+; ============================================================================
+;
+; HOW TO USE THIS TEMPLATE:
+;
+; 1. Copy this file and rename it to something meaningful, like:
+;       myrouter.piap
+;       alfa_adapter.piap
+;       home_pineapple.piap
+;
+; 2. Fill in your device's information below. Everything with CHANGEME
+;    needs your input. Everything else can be left as-is or customized.
+;
+; 3. Save it in this folder (/data/piap/)
+;
+; 4. It will automatically appear in the AUTARCH Remote Monitoring Station
+;    dropdown menu.
+;
+; TIPS:
+;   - You can add as many [radio_N] sections as your device has radios
+;   - You can add or remove features in [features]
+;   - Commands use {variables} that get replaced at runtime:
+;       {phy}        = phy device name from the radio section
+;       {interface}   = default interface name
+;       {mon}         = monitor interface name
+;       {channel}     = selected channel number
+;       {timestamp}   = current timestamp (YYYYMMDD_HHMMSS)
+;       {bssid}       = target BSSID (from UI input)
+;       {count}       = count/number (from UI input)
+;       {channels}    = channel list from the radio section
+;
+; ============================================================================
+
+[device]
+; Name shown in the AUTARCH dropdown menu
+name = CHANGEME
+; Device model / description
+model = CHANGEME
+; Chipset info (for reference)
+chipset = CHANGEME
+; WiFi chipset
+wifi_chipset = CHANGEME
+; Icon (optional, filename in /web/static/img/)
+icon =
+; Operating system running on the device
+os = CHANGEME
+
+[connection]
+; SSH connection details
+host = CHANGEME
+port = 22
+user = root
+; Auth method: key or password
+auth = key
+; Path to SSH key (leave blank to use default ~/.ssh/id_ed25519)
+key_path =
+; Password (only used if auth = password)
+password =
+; Connection timeout in seconds
+timeout = 10
+
+[radio_0]
+; ── First radio ───────────────────────────────────────────────────────────
+; Add more [radio_N] sections for additional radios (radio_1, radio_2, etc)
+name = CHANGEME
+phy = phy0
+interface = wlan0
+monitor_interface = mon0
+band = 2.4GHz
+; List all channels your device supports on this radio
+channels = 1,2,3,4,5,6,7,8,9,10,11
+default_channel = 6
+; List all modes your device supports (managed, monitor, ap, mesh, etc)
+modes = managed,monitor
+; Commands — customize for your device's driver/firmware
+; Use {variables} that get replaced at runtime
+cmd_monitor_on = iw dev {interface} del 2>/dev/null; iw phy {phy} interface add {mon} type monitor && ip link set {mon} up && iw dev {mon} set channel {channel}
+cmd_monitor_off = ip link set {mon} down 2>/dev/null; iw dev {mon} del 2>/dev/null
+cmd_set_channel = iw dev {mon} set channel {channel}
+cmd_status = iw dev 2>/dev/null
+; Does this radio support frame injection? (true/false)
+injection = false
+; Does this radio output radiotap headers in monitor mode? (true/false)
+radiotap = true
+
+; ── Uncomment and fill in for a second radio ──────────────────────────────
+; [radio_1]
+; name = 5GHz Radio
+; phy = phy1
+; interface = wlan1
+; monitor_interface = mon1
+; band = 5GHz
+; channels = 36,40,44,48,149,153,157,161,165
+; default_channel = 36
+; modes = managed,monitor
+; cmd_monitor_on = iw dev {interface} del 2>/dev/null; iw phy {phy} interface add {mon} type monitor && ip link set {mon} up && iw dev {mon} set channel {channel}
+; cmd_monitor_off = ip link set {mon} down 2>/dev/null; iw dev {mon} del 2>/dev/null
+; cmd_set_channel = iw dev {mon} set channel {channel}
+; cmd_status = iw dev 2>/dev/null
+; injection = false
+; radiotap = true
+
+[features]
+; ── Available features ────────────────────────────────────────────────────
+; Set to true/false to enable/disable. Customize commands for your device.
+; Add your own features — they automatically appear as sub-tabs.
+
+capture = true
+cmd_capture_start = tcpdump -i {mon} -w /tmp/capture_{timestamp}.pcap &
+cmd_capture_stop = killall tcpdump 2>/dev/null
+cmd_capture_pull = cat /tmp/capture_*.pcap
+
+wifi_scan = true
+cmd_wifi_scan = tcpdump -i {mon} -c 100 -e 2>&1 | grep Beacon
+
+; Uncomment if your device has aircrack-ng installed
+; aircrack = true
+; cmd_airodump = airodump-ng {mon}
+; cmd_aireplay = aireplay-ng {mon}
+
+; Uncomment if you want deauth capability
+; deauth = true
+; cmd_deauth = aireplay-ng --deauth {count} -a {bssid} {mon}
+
+channel_hop = true
+cmd_channel_hop = for ch in {channels}; do iw dev {mon} set channel $ch; sleep 0.5; done
+
+[info]
+; ── Device info commands (shown in the info panel) ────────────────────────
+cmd_uptime = uptime
+cmd_memory = free -m
+cmd_disk = df -h /
+cmd_kernel = uname -a
+cmd_wifi_info = iw dev