awesome-bluetooth-security
Bluetooth security resource hub
A curated list of resources and research papers on Bluetooth security vulnerabilities, tools, and techniques.
List of Bluetooth BR/EDR/LE security resources
517 stars
12 watching
48 forks
last commit: 11 months ago
Linked from 1 awesome list
awesomeawesome-listblebluetoothbluetooth-hackingbluetooth-low-energybluetooth-securitypenetration-testingpentestingsecurity
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Notable Vulnerabilities | |||
| Site | |||
| Paper | |||
| Video | |||
| Site | |||
| Paper | |||
| Video | |||
| Site | |||
| Paper | |||
| Video | |||
| SIG Notice | |||
| Site | |||
| Paper | |||
| Video | |||
| Site | |||
| Paper | |||
| Video | |||
| SIG Notice | |||
| Site | |||
| Paper | |||
| Video | |||
| SIG Notice | |||
| Site | 7 | almost 4 years ago | |
| Paper | |||
| SIG Notice | |||
| Article | |||
| Abstract | |||
| Video | |||
| Site | |||
| Paper | |||
| Video | |||
| SIG Notice | |||
| Site | |||
| Paper | |||
| Video | |||
| Site | |||
| Writeup | |||
| Video | |||
| Site | |||
| Paper | |||
| Video | |||
| Multiple SIG Notices | |||
| Site | 56 | over 2 years ago | |
| Paper | |||
| SIG Notice | |||
| Site | |||
| Paper | |||
| Video | |||
| SIG Notice | |||
| SIG Notice | |||
| Site | |||
| Paper | |||
| SIG Notice | |||
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Conference Talks / 2003 | |||
| Video | DEF CON 11 - Bruce Potter - Bluetooth - The Future of Wardriving | ||
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Conference Talks / 2004 | |||
| Video | 21C3 - Marcel Holtmann, Martin Herfurt, Adam Laurie - Bluetooth Hacking | ||
| Video | Black Hat USA 2004 - Adam Laurie, Martin Herfurt - BlueSnarfing The Risk From Digital Pickpockets | ||
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Conference Talks / 2005 | |||
| Video | 22C3 - Marcel Holtmann, Martin Herfurt, Adam Laurie - Bluetooth Hacking - The State of The Art | ||
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Conference Talks / 2006 | |||
| Video | 23C3 - Thierry Zoller, Kevin Finistere - Bluetooth Hacking Revisited | ||
| Video | Black Hat USA 2006 - Bruce Potter - Bluetooth Defense Kit Black Hat | ||
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Conference Talks / 2007 | |||
| Video | DeepSec 2007 - Marcel Holtmann - New Security Model of Bluetooth 2.1 | ||
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Conference Talks / 2009 | |||
| Video | DEF CON 17 - Dominic Spill, Michael Ossmann, and Mark Steward - Bluetooth Smells like Chicken | ||
| Video | Shmoocon 2009 - Bluetooth-Ossman.m4v | ||
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Conference Talks / 2010 | |||
| Video | Shmoocon 2010 - Michael Ossmann - Bluetooth Keyboards: Who Owns Your Keystrokes? | ||
| Video | DEF CON 18: Breaking Bluetooth by Being Bored 1/3 | ||
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Conference Talks / 2011 | |||
| Video | ShmooCon 2011 - Project Ubertooth: Building a Better Bluetooth Adapter | ||
| Video | DeepSec 2011 - Tommi Makila & Jukka Taimisto: Intelligent Bluetooth Fuzzing - Why bother? | ||
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Conference Talks / 2012 | |||
| Video | Ruxcon 2012 - Dominic Spill - Bluetooth Packet Sniffing Using Project Ubertooth | ||
| Video | Toorcon 2012 - Hacking Bluetooth Low Energy: I Am Jack's Heart Monitor | ||
| Video | DEF CON 20 - Passive Bluetooth Monitoring in Scapy | ||
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Conference Talks / 2013 | |||
| Video | USENIX WOOT 2013 - Mike Ryan - Bluetooth: With Low Energy Comes Low Security | ||
| Video | ShmooCon 9 - How Smart Is Bluetooth Smart? | ||
| Video | Black Hat USA 2013 - Bluetooth Smart: The Good, the Bad, the Ugly, and the Fix! | ||
| Video | DeepSec 2013 - Veronica Valeros & Sebastian Garcia: Uncovering your Trails - Privacy Issues of Bluetooth Devices | ||
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Conference Talks / 2014 | |||
| Video | CanSecWest 2014 - Outsmarting Bluetooth Smart | ||
| Video | DEF CON 22 - The NSA Playset Bluetooth Smart Attack Tools | ||
| Video | DEF CON 22 - Grant Bugher - Detecting Bluetooth Surveillance Systems | ||
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Conference Talks / 2015 | |||
| Video | DEF CON 23 - Mike Ryan and Richo Healey - Hacking Electric Skateboards | ||
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Conference Talks / 2016 | |||
| Video | DEF CON 24 - Anthony Rose, Ben Ramsey - Picking Bluetooth Low Energy Locks a Quarter Mile Away | ||
| Video | DEF CON 24 - Realtime Bluetooth Device Detection with Blue Hydra | ||
| Video | DEF CON 24 Internet of Things Village Damien Cauquil Btlejuice The Bluetooth Smart Mitm Framework | ||
| Video | Black Hat USA 2016 - Gattacking Bluetooth Smart Devices - Introducing a New BLE Proxy Tool | ||
| Video | Hack.lu 2016 - Damiel Cauquil - BtleJuice: the Bluetooth Smart Man In The Middle Framework | ||
| Video | EMF16 - Michael Ossmann - My Ubertooth Year | ||
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Conference Talks / 2017 | |||
| Video | Black Hat Europe 2017 - Ben Seri, Gregory Vishnepolsky - BlueBorne - A New Class of Airborne Attacks | ||
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Conference Talks / 2018 | |||
| Video | DEF CON 26 - Damien Cauquil - You had better secure your BLE devices | ||
| Video | 35C3 - Dennis Mantz and Jiska Classen - Dissecting Broadcom Bluetooth | ||
| Video | MRMCD2018 - Dennis Mantz and Jiska Classen - A Deep Dive into Bluetooth Controller Firmware | ||
| Video | Black Hat Europe 2018 - Ben Seri, Dor Zusman - BLEEDINGBIT Your APs Belong to Us | ||
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Conference Talks / 2019 | |||
| Video | DEF CON 27 - Damien Cauquil - Defeating Bluetooth Low Energy 5 PRNG for Fun and Jamming | ||
| Video | USENIX Security '19 - Pallavi Sivakumaran - A Study of the Feasibility of Co-located App Attacks against BLE | ||
| Video | RSA 2019 - Mike Ryan - Bluetooth Reverse Engineering: Tools and Techniques | ||
| Video | Hardwear.io USA 2019 - Mike Ryan - Bluetooth Hacking: Tools And Techniques | ||
| Video | Hardwear.io Netherlands 2019 - Sultan Qasim Khan - Sniffle: A low-cost sniffer for Bluetooth 5 | ||
| Video | MRMCD2019 - Dennis Mantz and Jiska Classen - Playing with Bluetooth | ||
| Video | BruCON 0x0B - Damien Cauquil - Defeating Bluetooth Low Energy 5 PRNG for fun and jamming | ||
| Video | Hack.LU 2019 - Damien Cauquil - Defeating Bluetooth Low Energy 5 PRNG For Fun And Jamming | ||
| Video | CyberCamp19 - Pablo González - Audit and hacking to Bluetooth Low-Energy (BLE) devices | ||
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Conference Talks / 2020 | |||
| Video | Hardwear.io Virtual Con 2020 - Daniele Antonioli - From Bluetooth Standard to Standard Compliant 0-days | ||
| Video | DEF CON 28 - Jiska Classen and Francesco Gringoli - Spectra — New Wireless Escalation Targets | ||
| Video | DEF CON 28 - Maxine Filcher - The Basics Of Breaking BLE v3 | ||
| Video | USENIX WOOT 2020 - Jianliang Wu - BLESA: Spoofing Attacks against Reconnections in Bluetooth Low Energy | ||
| Video | USENIX WOOT 2020 - Dennis Heinze, Jiska Classen, Matthias Hollick - ToothPicker: Apple Picking in the iOS Bluetooth Stack | ||
| Video | USENIX 2020 - Yue Zhang - Breaking Secure Pairing of Bluetooth Low Energy Using Downgrade Attacks | ||
| Video | Black Hat Europe 2020 - Wang Yu - Please Make a Dentist Appointment ASAP: Attacking IOBluetoothFamily HCI and Vendor-Specific Commands | ||
| Video | Ekoparty 2020 - Cecilia Pastorino and Dan Borgogno - Bluetooth Low Energy Hacking 101 | ||
| Video | rC3 2020 - Jiska Classen - Exposure Notification Security | ||
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Conference Talks / 2021 | |||
| Video | CCC #DiVOC2020 - Jiska Classen - Finding Eastereggs in Broadcom's Bluetooth Random Number Generator | ||
| Video | CCC #DiVOC2020 - Jan Ruge - No PoC? No Fix! - A sad Story about Bluetooth Security | ||
| Video | WOOT2021 - Tristan Claverie, José Lopes Esteves - BlueMirror: Reflections on Bluetooth Pairing and Provisioning Protocols | ||
| Video | Hardwear.io NL 2021 - Tristan Claverie, José Lopes Esteves - BlueMirror: Defeating Authentication In Bluetooth Protocols | ||
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Bluetooth Security Tools / Linux Utilities & Tools | |||
| Link | BlueZ (l2ping, gatttool, hciconfig, hcidump, hcitool, sdptool, bccmd, bluetoothctl, etc.) | ||
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Bluetooth Security Tools / Scanners & Sniffers | |||
| Github | 168 | 5 months ago | BTLEmap |
| Github | 863 | 20 days ago | Sniffle |
| Github | 16,771 | 5 days ago | Bettercap |
| Github | 1,234 | 4 months ago | sparrow-wifi |
| Github | 120 | over 5 years ago | bluelog |
| Github | 44 | over 4 years ago | btsniffer |
| Github | 841 | about 5 years ago | Blue Hydra |
| Github | 145 | over 1 year ago | btlesniffer |
| Link | btscanner | ||
| Link | BT Audit | ||
| Gitlab | redfang | ||
| Github | 1,097 | almost 6 years ago | bleah (deprecated, replaced by Bettercap) |
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Bluetooth Security Tools / Exploit Tools | |||
| Github | 1,918 | 4 months ago | Btlejack |
| Github | 845 | about 3 years ago | crackle |
| Github | 47 | over 10 years ago | btcrack |
| Github | 124 | about 8 years ago | BLE-Replay |
| Github | 31 | over 8 years ago | BLESuite-CLI |
| Gitlab | BlueMaho | ||
| Sourceforge | BlueDiving | ||
| Link | Blooover | ||
| Link | l2ping (BlueSmack DoS) | ||
| Link | hidattacl | ||
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Bluetooth Security Tools / OBEX Attack Tools | |||
| Download | obexstress | ||
| Gitlab | bluesnarfer | ||
| Github | 75 | about 4 years ago | nOBEX |
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Bluetooth Security Tools / Fuzzing | |||
| Github | 236 | about 3 years ago | Toothpicker |
| Github | 22 | about 9 years ago | bss (unsupported) |
| Link | Defensics (Commercial) | ||
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Bluetooth Security Tools / Firmware Analysis | |||
| Github | 687 | 3 months ago | InternalBlue |
| Github | 436 | 10 months ago | Frankenstein |
| Github | 2,449 | 22 days ago | Nexmon |
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Bluetooth Security Tools / Man-in-the-middle & Packet Injection | |||
| Github | 744 | about 6 years ago | BtleJuice |
| Github | 706 | almost 3 years ago | Gattacker |
| Github | 734 | 13 days ago | BTLE (for SDRs) |
| Github | 515 | over 4 years ago | (Unsupported) Btproxy |
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Bluetooth Security Tools / Device Spoofing | |||
| Gitlab | Spooftooph | ||
| Github | 29 | over 11 years ago | Bluefog |
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Bluetooth Security Tools / Ping & Signal Strength Tools | |||
| Github | 17 | about 4 years ago | blue_sonar |
| Gitlab | BlueRanger | ||
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Bluetooth Security Tools / Denial of Service | |||
| Github | 157 | about 2 years ago | Blue Deauth |
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Bluetooth Security Tools / Honeypot | |||
| Github | 242 | almost 4 years ago | bluepot |
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Bluetooth Security Tools / Android Apps | |||
| Google Play | nRF Connect for Mobile | ||
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Bluetooth Security Tools / Hardware | |||
| Link | Nordic Semiconductor nRF-51 Development Kit | ||
| Link | Sena UD-100 (~$39) | ||
| Link | Ubertooth One (~$120) | ||
| Link | Ellisys Bluetooth Tools | ||
| Link | Frontline Bluetooth Tools | ||
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Bluetooth Security Tools / Other | |||
| Link | Wireshark: Protocol analyzer and packet capture | ||
| Link | Frontline Wireless Protocol Suite (Windows only) | ||
| Github | 107 | almost 6 years ago | Uberducky (BLE-triggered rubber ducky) |
| Link | CarWhisperer: Bluetooth sniffer for in-vehicle connections | ||
| Github | 40 | about 5 years ago | BLEBoy: BLE testing platform |
Awesome Bluetooth Security (BR, EDR, LE, and Mesh) / Useful Sites | |||
| Link | List of Bluetooth bugs | ||
| Github | 396 | over 1 year ago | Bluetooth arsenal tool list |
| Link | trifinite Bluetooth info | ||
| Link | Mike Ryan's Bluetooth info | ||
| Link | Colin Mulliner's Bluetooth info | ||
| Link | BlackArch Linux tool list | ||
| Link | Bluetooth pen test framework | ||
sbilly/awesome-security
google/ios-webkit-debug-proxy
libimobiledevice/usbmuxd