Jomel.Tr

QuectelScan — Go

QuectelScan — Go

A hardware/software toolkit for mobile network auditing. A combination of hardware and software that, in the field, captures the radio environment of 2G/3G/4G cellular networks and ties every observation to GPS coordinates — a foundation for cell tower inventory, coverage assessment, and locating sources of emission.

Source code: github.com/JohnCamelTry/QuectelScan.

Components

  • Hardware — a Quectel EG25-G modem: a cellular network receiver (2G/3G/4G) and a GNSS receiver in one module. Controlled via AT commands over a serial port (/dev/ttyUSB* on Linux, COM on Windows).
  • Software — a desktop app written in Go (the Wails v2 framework: Go backend + web frontend), running on Linux and Windows. A pure-Go SQLite driver, with no external C dependencies for storage.

Data collection

  • Cell scanning via the AT+QOPS command in several modes: all networks / 2G-only / 3G / 4G; a single measurement or continuous scanning at a set interval.
  • A parallel GNSS stream: NMEA parsing (GPRMC/GPGGA), auto-reconnect, module configuration via PMTK, optionally the modem’s built-in GPS (AT+QGPS).
  • Every detected cell is tagged with coordinates, satellite count, HDOP, altitude, and an object label (site note).
  • Color-coded signal strength indication by network type.

What data is collected

For each cell, the following is stored:

  • Network identification: operator and PLMN (MCC + MNC), network type (2G/3G/4G).
  • Cell identifiers: LAC/TAC (Location/Tracking Area Code), CID (Cell ID).
  • Radio channel: ARFCN/FREQ (channel number/frequency), BW (bandwidth).
  • Signal metrics: signal level (dBm), quality, RSSI.
  • Geolocation: latitude, longitude, satellite count (plus HDOP and altitude from GNSS), measurement time, and a comment (site note).

Radio environment analysis

  • A map built on Leaflet + OpenStreetMap: station markers, antenna sectors, and a separate layer for estimated tower positions.
  • Base station position estimation from a series of measurements of the same cell taken from different points: a signal-weighted centroid (1–2 points) or geomedian (≥3 points, robust to outliers), with a confidence radius. Measurements with no fix or poor accuracy (HDOP > 20) are discarded, and nearby points are merged.
  • A raw measurement log is kept in parallel — the source data for tower geolocation, without deduplication.

The estimation is only meaningful when measurements are taken while moving around the cell (a drive test): AT+QOPS doesn’t provide Timing Advance, and signal strength doesn’t equal distance due to antenna directivity, terrain, and reflections.

Storage and export

  • SQLite (netscan.db, WAL mode): a deduplicated per-cell summary (UPSERT — a record is updated on a stronger signal or once every 24 hours) and a separate raw-measurements table.
  • Export of the whole database or a single object to XLSX, GPS track to CSV.

Stack

Go · Wails v2 · SQLite (modernc.org/sqlite) · Leaflet + OpenStreetMap · serial port (AT commands, NMEA). Builds for Linux and Windows (including an NSIS installer), covered by go vet / go test / govulncheck.