DEMO: BTLEmap: Nmap for Bluetooth Low Energy
share
The market for Bluetooth Low Energy devices is booming and, at the same time, has become an attractive target for adversaries. To improve BLE security at large, we present BTLEmap, an auditing application for BLE environments. BTLEmap is inspired by network discovery and security auditing tools such as Nmap for IP-based networks. It allows for device enumeration, GATT service discovery, and device fingerprinting. It goes even further by integrating a BLE advertisement dissector, data exporter, and a user-friendly UI, including a proximity view. BTLEmap currently runs on iOS and macOS using Apple's CoreBluetooth API but also accepts alternative data inputs such as a Raspberry Pi to overcome the restricted vendor API. The open-source project is under active development and will provide more advanced capabilities such as long-term device tracking (in spite of MAC address randomization) in the future.
READ FULL TEXT