This TiddlyWiki contains the following tiddlers:
- "Niño" Man-In-The-Middle Attack on Bluetooth Secure Simple Pairing
- $:/config/RelinkOnRename
- $:/core
- $:/DefaultTiddlers
- $:/isEncrypted
- $:/SiteSubtitle
- $:/SiteTitle
- $:/state/advancedsearch/currentTab
- $:/state/tab--1498284803
- $:/state/tab/sidebar--595412856
- $:/status/RequireReloadDueToPluginChange
- $:/StoryList
- $:/themes/tiddlywiki/snowwhite
- $:/themes/tiddlywiki/vanilla
- 0-click RCE on the IVI component: Pwn2Own Automotive edition
- A Billion Open Interfaces for Eve and Mallory: MitM, DoS, and Tracking Attacks on iOS and macOS Through Apple Wireless Direct Link
- A Bluetooth GoodFET for the N900
- A Low Energy Profile: Analysing Characteristic Security on BLE Peripherals
- A Practical Approach to Attacking IoT Embedded Designs (II)
- A PSD-based fingerprinting approach to detect IoT device spoofing
- A Remote Attack on the Bosch Drivelog Connector Dongle
- A Story About Three Bluetooth Vulnerabilities in Android
- A Study of the Feasibility of Co-located App Attacks against BLE and a Large-Scale Analysis of the Current Application-Layer Security Landscape
- A Tale of Reversing the Android-based Snow2 HUD
- Access Your Tesla without Your Awareness: Compromising Keyless Entry System of Model 3
- All your Bluetooth is belong to us
- An experimental study: RF Fingerprinting of Bluetooth devices
- An overview of bluetooth device discovery and fingerprinting techniques – assessing the local context
- Analog Physical-Layer Relay Attacks with Application to Bluetooth and Phase-Based Ranging
- Analysis: AndroidAppRE
- Android Bluetooth Vulnerabilities in the March 2018 Security Bulletin
- Attacks on the Pairing Protocol of Bluetooth v2.1
- AttackSurface: ADV_EXT_IND
- AttackSurface: ADV_IND
- AttackSurface: Apple Fast Connect
- AttackSurface: Application
- AttackSurface: ATT
- AttackSurface: Basic Imaging Profile (BIP)
- AttackSurface: Battery Drain
- AttackSurface: BIAS
- AttackSurface: BLE Audio
- AttackSurface: BLE LL
- AttackSurface: BNEP
- AttackSurface: Brute Force
- AttackSurface: BT Mesh
- AttackSurface: Co-located Apps on Paired Device
- AttackSurface: Command Injection
- AttackSurface: CONNECT_IND
- AttackSurface: Cryptography
- AttackSurface: Custom Cryptography
- AttackSurface: Design
- AttackSurface: Downgrade Attacks
- AttackSurface: Extended Inquiry Response
- AttackSurface: Fault Injection
- AttackSurface: Firmware Update Parsing
- AttackSurface: GATT
- AttackSurface: Hardcoded Cryptographic Key
- AttackSurface: HCI
- AttackSurface: HID over BT
- AttackSurface: Image Parsing
- AttackSurface: Impersonation
- AttackSurface: Information Disclosure
- AttackSurface: Insecure Firmware Update
- AttackSurface: JTAG
- AttackSurface: Key Agreement Protocols
- AttackSurface: Keystroke/Mouse Injection over BT
- AttackSurface: KNOB
- AttackSurface: L2CAP
- AttackSurface: Logic Bugs
- AttackSurface: MitM
- AttackSurface: No Authentication
- AttackSurface: OBEX
- AttackSurface: Pairing
- AttackSurface: PAN Profile
- AttackSurface: Phone Book Access Profile (PBAP)
- AttackSurface: PHY
- AttackSurface: Plaintext Communications
- AttackSurface: PRNG
- AttackSurface: Relay Attack
- AttackSurface: Replay Attack
- AttackSurface: RF Physical Signal Analysis
- AttackSurface: RFCOMM
- AttackSurface: SCAN_RES
- AttackSurface: SDP
- AttackSurface: Serial
- AttackSurface: Shared Memory
- AttackSurface: SMP
- AttackSurface: Social Engineering
- AttackSurface: Spoofing
- AttackSurface: State Confusion
- AttackSurface: Timing
- AttackSurface: Tracking
- AttackSurface: USB Physical Access
- Automatic Fingerprinting of Vulnerable BLE IoT Devices with Static UUIDs from Mobile Apps
- Backdooring the Front Door
- BadBluetooth: Breaking Android Security Mechanisms via Malicious Bluetooth Peripherals
- BIAS: Bluetooth Impersonation AttackS
- Blacktooth: Breaking through the Defense of Bluetooth in Silence
- BladeRF 2023.02 Release – 122.88MHz instantaneous bandwidth
- BLE injection-free attack: a novel attack on bluetooth low energy devices
- BLE Proximity Authentication Vulnerable to Relay Attacks
- BLE-Replay
- BLEEDINGBIT: The Hidden Attack Surface Within BLE Chips
- BleedingTooth: Linux Bluetooth Zero-Click Remote Code Execution
- BLEMystique
- BLESA: Spoofing Attacks against Reconnections in Bluetooth Low Energy
- BLESuite
- Blind My - An Improved Cryptographic Protocol to Prevent Stalking in Apple’s Find My Network
- Blooover
- Blooover II
- Blucat: Netcat For Bluetooth
- Blue Picking: Hacking Bluetooth Smart Locks
- Blue’s Clues: Practical Discovery of Non-Discoverable Bluetooth Devices
- Blue2thprinting (blue-[tooth)-printing]: answering the question of 'WTF am I even looking at?!'
- BlueBorne
- BlueBump
- BlueChop
- BlueDump
- Bluefog
- BlueID: A Practical System for Bluetooth Device Identification
- bluejackq.com (bluejacking)
- BlueMaster: Bypassing and Fixing Bluetooth-based Proximity Authentication
- BlueMirror: Reflections on Bluetooth Pairing and Provisioning Protocols
- Blueprinting - Remote Device Identification based on Bluetooth Fingerprinting Techniques
- BlueShield: Detecting Spoofing Attacks in Bluetooth Low Energy Networks
- BlueSmack
- BlueSnarf++
- Bluesnarfing - The Risk From Digital Pickpockets
- Bluesnarfing @ CeBIT 2004
- Bluesniff - The Next Wardriving Frontier
- BlueSniff: Eve meets Alice and Bluetooth
- BlueSpy – Spying on Bluetooth conversations
- BlueSteal: Popping GATT Safes
- bluestumbler.org ("SNARF" and "BACKDOOR" attacks)
- BlueSWAT: A Lightweight State-Aware Security Framework for Bluetooth Low Energy
- Bluetooone
- Bluetooth Attacks: From theory to practice (BlueTrust)
- Bluetooth Blues: Unmasking CVE 2023-52709 The TI BLE5-Stack Attack
- Bluetooth Defense Kit
- Bluetooth Device Identification Using RF Fingerprinting and Jensen-Shannon Divergence
- Bluetooth devices fingerprinting using low cost SDR
- Bluetooth Hacking
- Bluetooth Hacking - The State of The Art
- Bluetooth Hacking: Tools And Techniques
- Bluetooth HCI HID Controller abuse RCE exploit
- Bluetooth Keyboards: who owns your keystrokes?
- Bluetooth Low Energy Device Identification Based on Link Layer Broadcast Packet Fingerprinting
- Bluetooth Low Energy GATT Fuzzing
- Bluetooth Packet Sniffing Using Project Ubertooth
- Bluetooth Security Timeline
- Bluetooth Vulnerabilities Fact and Fiction
- Bluetooth, Smells Like Chicken
- Bluetooth: Red Fang, Blue Fang.
- Bluetooth: With Low Energy Comes Low Security
- bluez: malicious USB devices can steal Bluetooth link keys over HCI using fake BD_ADDR, plus bluetoothd double-free
- BLUFFS: Bluetooth Forward and Future Secrecy Attacks and Defenses
- BLURtooth: Exploiting Cross-Transport Key Derivation in Bluetooth Classic and Bluetooth Low Energy
- BLUUID: Firewallas, Diabetics, And… Bluetooth
- BrakTooth: Causing Havoc on Bluetooth Link Manager via Directed Fuzzing
- Breaking Access Controls with BLEKey
- Breaking Bluetooth by Being Bored
- Breaking Fitness Records without Moving: Reverse Engineering and Spoofing Fitbit
- Breaking Secure Boot on the Silicon Labs Gecko platform
- Breaking Secure Pairing of Bluetooth Low Energy Using Downgrade Attacks
- Breaking the Bluetooth Pairing – Fixed Coordinate Invalid Curve Attack
- Breaking the Internet of Vibrating Things
- BreakMi: Reversing, Exploiting and Fixing Xiaomi Fitness Tracking Ecosystem
- BrokenMesh: New Attack Surfaces of Bluetooth Mesh
- BSAM - Bluetooth Security Assessment Methodology
- BT Audit
- BtleJuice: the Bluetooth Smart Man In The Middle Framework
- Building a Better Bluetooth Attack Framework
- Building a Modern Bluetooth Sniffer for SDRs
- Busting The Bluetooth® Myth – Getting RAW Access
- Cabir worm spreads via Bluetooth
- Car Whisperer
- Change Your BLE Passkey Like You Change Your Underwear
- ChargePoint Home security research
- Clashing EV Chargers in The Pentesting Arena
- Commercial Vehicle Electronic Logging Device Security: Unmasking the Risk of Truck-to-Truck Cyber Worms
- Conference: ACM ASIACCS
- Conference: ACM CCS
- Conference: ACM CODASPY
- Conference: ACM IMWUT
- Conference: Australian Digital Forensics Conference
- Conference: Automotive Security Research Group
- Conference: BlackHat ASIA
- Conference: BlackHat EU
- Conference: BlackHat USA
- Conference: BruCON
- Conference: BSides Boston
- Conference: BSides Munich
- Conference: CanSecWest
- Conference: Chaos Communication Congress
- Conference: Code Blue
- Conference: COSADE
- Conference: CRYPTO
- Conference: DeepSec
- Conference: DEF CON
- Conference: Digital Verteiltes Online-Chaos (DiVOC)
- Conference: Ekoparty
- Conference: Fog and Mobile Edge Computing (FMEC)
- Conference: Formal Methods in System Design
- Conference: Hack.lu
- Conference: Hacktivity
- Conference: Hardwear.io NL
- Conference: Hardwear.io USA
- Conference: Hexacon
- Conference: HITB AMS
- Conference: HITB HKT
- Conference: IARIA ICIMP
- Conference: IEEE DSN
- Conference: IEEE ICI
- Conference: IEEE InfoCom
- Conference: IEEE ISSRE
- Conference: IEEE MedComNet
- Conference: IEEE Pervasive Computing
- Conference: IEEE PRDC
- Conference: IEEE SSP
- Conference: IEEE TrustCom
- Conference: IoT S&P
- Conference: Journal of Ambient Intelligence and Humanized Computing
- Conference: Journal of Sensor and Actuator Networks
- Conference: Lecture Notes in Computer Science
- Conference: MobiQuitous
- Conference: MobiSys
- Conference: Modern Machine Learning Technologies
- Conference: N/A
- Conference: NASA Formal Methods
- Conference: NDSS
- Conference: NordSec
- Conference: Nuit Du Hack
- Conference: Objective by the Sea
- Conference: Personal and Ubiquitous Computing
- Conference: PoC || GTFO
- Conference: PoPETS
- Conference: RAID
- Conference: REcon
- Conference: RootedCon Madrid
- Conference: RSA
- Conference: RuxCon
- Conference: Sensors
- Conference: ShmooCon
- Conference: SSTIC
- Conference: Summercon
- Conference: Symposium on Vehicles Security and Privacy (VehicleSec)
- Conference: TCHES
- Conference: THOTCON
- Conference: ToorCon
- Conference: Troopers
- Conference: USENIX ATC
- Conference: USENIX NSDI
- Conference: USENIX Security
- Conference: VirusBulletin
- Conference: WiCon
- Conference: WiSec
- Conference: WOOT
- Cracking the Bluetooth PIN
- Crafted WiFI network name (SSID) leads to arbitrary command injection
- CVE-2019-8853
- CVE-2020-12351
- CVE-2020-12352
- CVE-2020-24490
- CVE-2020-3847
- CVE-2020-3848
- CVE-2020-3849
- CVE-2020-3850
- CyRC Vulnerability Advisory: Denial-of-service vulnerabilities in Zephyr Bluetooth LE stack
- Deep into Android Bluetooth Bug Hunting: New Attack Surfaces and Weak Code Patterns
- Defeating Bluetooth Low Energy 5 PRNG for Fun and Jamming
- Detecting Bluetooth Surveillance Systems
- Detecting smartphone state changes through a Bluetooth based timing attack
- Detecting Unwanted Location Trackers
- Discontinued Privacy: Personal Data Leaks in Apple Bluetooth-Low-Energy Continuity Protocols
- Disrupting Continuity of Apple’s Wireless Ecosystem Security: New Tracking, DoS, and MitM Attacks on iOS and macOS Through Bluetooth Low Energy, AWDL, and Wi-Fi
- Dissecting the Teddy Ruxpin Reverse Engineering the Smart Bear
- Do a firmware update for your AirPods – now
- Don’t Give Me a Brake – Xiaomi Scooter Hack Enables Dangerous Accelerations and Stops for Unsuspecting Riders
- Doping your Fitbit
- Draft of 'BLE-Replay'
- Draft of 'Hell2CAP 0day'
- E-Spoofer: Attacking and Defending Xiaomi Electric Scooter Ecosystem
- Enhancements to Bluetooth Baseband Security
- Env: Android
- Env: Apple
- Env: Apple userspace
- Env: Apple wireless accessory firmware
- Env: BlueZ
- Env: Broadcom Firmware
- Env: Cambridge Silicon Radio (CSR) Firmware
- Env: Cypress Firmware
- Env: Espressif firmware
- Env: Fitbit Firmware
- Env: FreeRTOS
- Env: Fuchsia
- Env: Industry-wide
- Env: iOS userspace
- Env: Linux Kernel
- Env: Linux kernelspace
- Env: Linux userspace
- Env: macOS kernelspace
- Env: macOS userspace
- Env: Microsoft
- Env: Nordic Firmware
- Env: NXP Firmware
- Env: Silicon Labs Firmware
- Env: Tesla Cars (Linux + Custom FW)
- Env: Texas Instruments Firmware
- Env: Windows kernelspace
- Env: Windows userspace
- Env: Wyze Cam V4 firmware
- Env: Xiaomi Firmware
- Env: Zephyr RTOS
- ESPwn32: Hacking with ESP32 System-on-Chips
- Evaluating Physical-Layer BLE Location Tracking Attacks on Mobile Devices
- Even Black Cats Cannot Stay Hidden in the Dark: Full-band De-anonymization of Bluetooth Classic Devices
- Every Byte Matters: Traffic Analysis of Bluetooth Wearable Devices
- Evil Never Sleeps: When Wireless Malware Stays On after Turning Off iPhones
- Examining the August Smart Lock
- Exploit Millions of Pebble Smartwatches for Fun and Profit
- Exploiting Bluetooth - from your car to the bank account$$
- Exploiting IoT enabled BLE smart bulb security
- Extracting the painful (blue)tooth
- Extrapolating Formal Analysis to Uncover Attacks in Bluetooth Passkey Entry Pairing
- Fake It till You Make It: Enhancing Security of Bluetooth Secure Connections via Deferrable Authentication
- Finding Eastereggs in Broadcom's Bluetooth Random Number Generator
- Finding New Bluetooth Low Energy Exploits via Reverse Engineering Multiple Vendors' Firmwares
- Finding Traceability Attacks in the Bluetooth Low Energy Specification and Its Implementations
- Fingerprinting and analysis of Bluetooth devices with automata learning
- Fingerprinting Bluetooth-Low-Energy Devices Based on the Generic Attribute Profile
- FirmXRay: Detecting Bluetooth Link Layer Vulnerabilities From Bare-Metal Firmware
- First PocketPC / WindowsCE virus found - Duts/Dust
- Fixing the Volume on my Bluetooth Earbuds
- For the Love of Money: Finding and exploiting vulnerabilities in mobile point of sales systems
- Formal Analysis and Patching of BLE-SC Pairing
- Frankenstein
- From Conception to Retirement: a Lifetime Story of a 3-Year-Old Wireless Beacon System in the Wild
- From Pwn2Own Automotive: Taking Over the Autel Maxicharger
- GATTacking Bluetooth Smart Devices
- Hacking and Exploit Development for Bluetooth Low Energy (BLE)
- Hacking Bluetooth enabled mobile phones and beyond
- Hacking Bluetooth Low Energy Based Applications
- Hacking Bluetooth Low Energy: I Am Jack's Heart Monitor
- Hacking Bluetooth Smart locks workshop
- Hacking Electric Skateboards: Vehicle Research For Mortals
- Hacking the Bluetooth communication of a doorbell
- Hacking the Nokē Padlock
- Handoff All Your Privacy – A Review of Apple’s Bluetooth Low Energy Continuity Protocol
- Handoff All Your Privacy (Again)
- Happy MitM – Fun and Toys in Every Bluetooth Device
- Hardware implementation of Bluetooth security
- Hell2CAP 0day
- Hi, My Name is Keyboard
- HID Attack (attacking HID host implementations)
- How Privacy Leaks from Bluetooth Mouse?
- How Smart Is Bluetooth Smart?
- How to pick a BLE smart lock and cause "cancer" using just a mobile phone
- How to Wear Your Password
- Identifying the BLE Misconfigurations of IoT Devices through Companion Mobile Apps
- InjectaBLE: Injecting malicious traffic into established Bluetooth Low Energy connections
- Inside Job: Diagnosing Bluetooth Lower Layers Using Off-the-Shelf Devices
- Inside Job: Understanding and Mitigating the Threat of External Device Mis-Bonding on Android
- Intel BIOS Advisory – Memory Corruption in HID Drivers
- Intelligent Bluetooth fuzzing - Why bother?
- InternalBlue a Bluetooth Experimentation Framework Based on Mobile Device Reverse Engineering
- Introducing the Adafruit Bluefruit LE Sniffer
- Introduction to Bluetooth RFCOMM Reverse Engineering
- It Was Harder to Sniff Bluetooth Through My Mask During the Pandemic...
- Key Negotiation Downgrade Attacks on Bluetooth and Bluetooth Low Energy
- Keys? Where we’re going, we don’t need keys
- L2CAP: Possible Stack based buffer overflow in le_ecred_reconf_req()
- L2Fuzz: Discovering Bluetooth L2CAP Vulnerabilities Using Stateful Fuzz Testing
- Learning Bluetooth Hackery with BLE CTF
- LIGHTBLUE: Automatic Profile-Aware Debloating of Bluetooth Stacks
- Linux Kernel: Infoleak in Bluetooth L2CAP Handling
- Linux Kernel: UAF in Bluetooth L2CAP Handshake
- Location Tracking of WIFI Access Point and Bluetooth Devices
- Lock Picking in the Era of Internet of Things
- Lockpicking in the IoT
- Lost and Found: Stopping Bluetooth Finders from Leaking Private Information
- Low Energy to High Energy: Hacking Nearby EV-Chargers Over Bluetooth
- MagicPairing: Apple’s Take on Securing Bluetooth Peripherals
- Making Smart Locks Smarter (AKA. HACKING THE AUGUST SMART LOCK)
- Man-in-the-middle attacks on Secure Simple Pairing in Bluetooth standard V5.0 and its countermeasure
- MASHaBLE: Mobile Applications of Secret Handshakes Over Bluetooth LE
- Mass-pwning with a small IoT spy bug
- Men-in-the-Middle Attack Simulation on Low Energy Wireless Devices using Software Define Radio
- Method Confusion Attack on Bluetooth Pairing
- Mirage: towards a Metasploit-like framework for IoT
- Mirage: un framework offensif pour l'audit du Bluetooth Low Energy
- Modifying a Bluetooth dongle for an external antenna
- Month: 01
- Month: 02
- Month: 03
- Month: 04
- Month: 05
- Month: 06
- Month: 07
- Month: 08
- Month: 09
- Month: 10
- Month: 11
- Month: 12
- Month: April
- Month: August
- Month: December
- Month: February
- Month: January
- Month: July
- Month: June
- Month: March
- Month: May
- Month: November
- Month: October
- Month: September
- Moving from Hacking IoT Gadgets to Breaking into One of Europe's Highest Hotel Suites
- My smart lock vendor disappeared and shut the servers. Long live my smart lock!
- Nearby Threats: Reversing, Analyzing, and Attacking Google’s ‘Nearby Connections’ on Android
- New Security Model of Bluetooth 2.1
- NIST Special Publication 800-121 Rev. 2: Guide to Bluetooth Security
- No need to ask the Android: Bluetooth-Low-Energy scanning without the location permission
- No PoC? No Fix! - A sad Story about Bluetooth Security
- nRF52 Debug Resurrection (APPROTECT Bypass)
- OASIS: An Intrusion Detection System Embedded in Bluetooth Low Energy Controllers
- On the Insecurity of Vehicles Against Protocol-Level Bluetooth Threats
- On the susceptibility of Texas Instruments SimpleLink platform microcontrollers to non-invasive physical attacks
- One for all and all for WHAD: wireless shenanigans made easy!
- One GPU to Snoop Them All: a Full-Band Bluetooth Low Energy Sniffer
- OOB-Write in Android ATT
- Open Wounds: The last 5 years have left Bluetooth to bleed
- OpenHaystack: a framework for tracking personal Bluetooth devices via Apple's massive Find My network
- Org: @stake
- Org: 29A
- Org: 360 Alpha Lab
- Org: A*Star
- Org: Adafruit
- Org: Airbus
- Org: AL Digital Ltd.
- Org: Aladdin
- Org: Alibaba Group
- Org: ANSSI
- Org: Apple
- Org: AppSec Labs
- Org: Argus
- Org: Armis
- Org: Attify
- Org: Australian National University, Canberra
- Org: AV-TEST
- Org: Baidu
- Org: Bar-Ilan University
- Org: Bell Labs
- Org: BITS Pilani, Goa Campus
- Org: BlueZ
- Org: Booz Allen Hamilton
- Org: Borys Grinchenko Kyiv University
- Org: Boston University
- Org: CERT UBIK
- Org: Chinese Academy of Sciences
- Org: Chinese University of Hong Kong
- Org: CISPA
- Org: City University of Hong Kong
- Org: CMAND
- Org: CNIL
- Org: CNIT
- Org: Codenomicon Ltd.
- Org: Colorado State University
- Org: Computest Sector 7
- Org: Context Information Security
- Org: Cymotive
- Org: Dark Mentor LLC
- Org: Dataparty
- Org: DBAPP Security
- Org: Didi Research America
- Org: eBay
- Org: Econocom Digital Security
- Org: Edith Cowan University
- Org: EPFL
- Org: Ericsson
- Org: ERNW
- Org: ETAS
- Org: EURECOM
- Org: Faraday Future
- Org: FDA
- Org: FH Aargau
- Org: Fordham University
- Org: Fortiss
- Org: Fudan University
- Org: George Washington University
- Org: Google
- Org: GrapheneOS
- Org: Graz University of Technology
- Org: Great Scott Gadgets
- Org: GreyNoise Intelligence
- Org: Hashemite University
- Org: Hewlett Packard Labs
- Org: HiddenLayer
- Org: ICE9 Consulting
- Org: Imperial College London
- Org: Indiana University, Bloomington
- Org: Institute of Electronics and Computer Science
- Org: Instituto Politécnico Nacional
- Org: Intel
- Org: Intrepidus Group
- Org: IOActive
- Org: iSEC Partners
- Org: Israel Institute of Technology
- Org: Jinan University
- Org: Kaspersky
- Org: Korea University
- Org: KU Leuven
- Org: Labsis UTNFRC
- Org: Latu Seguros
- Org: LAYAKK
- Org: Leveldown Security
- Org: Matasano Security
- Org: MatesLab Hackerspace
- Org: Max Planck Institute for Security and Privacy
- Org: Merculite Security
- Org: Michigan State University
- Org: Microsoft
- Org: MITRE
- Org: Montana State University
- Org: Morphus Labs
- Org: N.runs
- Org: Naval Postgraduate School
- Org: NCC Group
- Org: New York Institute of Technology
- Org: NIST
- Org: Nokia
- Org: None
- Org: Northeastern University
- Org: NSIDE
- Org: Ohio State University
- Org: OPPO Amber Security Lab
- Org: Opposing Force
- Org: Optiv
- Org: Oregon State University
- Org: PCAutomotive
- Org: Peking University
- Org: Pen Test Partners
- Org: Pentest Limited
- Org: Pentester Academy
- Org: PHYSEC GmbH
- Org: Politecnico di Torino
- Org: Positive Technologies
- Org: Purdue University
- Org: Pwnie Express
- Org: Qualcomm
- Org: Quarkslab
- Org: remote-exploit.org
- Org: Royal Holloway University of London
- Org: Rutgers University
- Org: Salzburg Research Forschungsgesellschaft m.b.H
- Org: Samsung
- Org: securenetwork.it
- Org: SecuRing
- Org: Security Compass
- Org: Shandong University
- Org: Shanghai Fudan Microelectronics Group Co., Ltd.
- Org: Shanghai Jiao Tong University
- Org: Simon Fraser University
- Org: Singapore University of Technology and Design
- Org: smartlockpicking.com
- Org: Southeast University
- Org: Southeast University, Nanjing
- Org: Stanford University
- Org: State Grid Jiangsu Electric Power Company Ltd., Nanjing
- Org: Stripe
- Org: Swiss Cyber-Defence Campus
- Org: Synactive
- Org: Synopsys
- Org: Sysdream
- Org: Tarlogic
- Org: Technical University of Munich
- Org: Technische Hochschule Köln
- Org: Technische Universität Darmstadt
- Org: Tel Aviv University
- Org: Tencent Keen Security Lab
- Org: The Bunker Secure Hosting Ltd.
- Org: The Shmoo Group
- Org: Tianjin University
- Org: toothR new media GmbH
- Org: Towson University
- Org: trifinite.org
- Org: Tsinghua University
- Org: TwoSix Labs
- Org: U.S. Department of Commerce
- Org: U.S. Naval Academy
- Org: UMass Lowell
- Org: Universidad Politécnica de Madrid
- Org: Universidad Tecnológica de San Juan del Río
- Org: Universidade Federal da Paraíba
- Org: University at Buffalo
- Org: University College London
- Org: University of Brescia
- Org: University of California, Irvine
- Org: University of California, San Diego
- Org: University of Central Florida
- Org: University of Edinburgh
- Org: University of Florida
- Org: University of Granada
- Org: University of Illinois, Urbana-Champaign
- Org: University of Kansas
- Org: University of Kent
- Org: University of Kuopio
- Org: University of Lille
- Org: University of Lyon
- Org: University of Massachusetts, Boston
- Org: University of Michigan
- Org: University of Minnesota
- Org: University of Oxford
- Org: University of Padua
- Org: University of Patras
- Org: University of Science and Technology of China
- Org: University of Toulouse
- Org: University of Twente
- Org: University of Wollongong
- Org: VicOne
- Org: Virginia Tech
- Org: Wuhan University
- Org: Xiaomi
- Org: Ziften Technologies
- Org: Zimperium
- Outsmarting Bluetooth Smart
- Over the Air-Tag: shenanigans with the most over-engineered keyfinder
- Over the Air: Compromise of Modern Volkswagen Group Vehicles
- Passive Bluetooth Monitoring in Scapy
- PeriScope: Comprehensive Vulnerability Analysis Of Mobile App-defined Bluetooth Peripherals
- Picking Bluetooth Low Energy Locks from a Quarter Mile Away
- Playing Around With The Fuchsia Operating System
- Please Make a Dentist Appointment ASAP: Attacking IOBluetoothFamily HCI and Vendor-specific Commands
- Please Pay Inside: Evaluating Bluetooth-based Detection of Gas Pump Skimmers
- Please Unstalk Me: Understanding Stalking with Bluetooth Trackers and Democratizing Anti-Stalking Protection
- Plug-N-Pwned: Comprehensive Vulnerability Analysis of OBD-II Dongles as A New Over-the-Air Attack Surface in Automotive IoT
- Privacy Analysis of Samsung’s Crowd-Sourced Bluetooth Location Tracking System
- Profile: BT Mesh
- Project TEMPA - Demystifying Tesla's Bluetooth Passive Entry system
- Project Ubertooth: Building a Better Bluetooth Adapter
- Protecting Privacy of BLE Device Users
- Protocol: BLE
- Protocol: BT Classic
- Protocol: BT Mesh
- Protocol: CAN
- RattaGATTa: Scalable Bluetooth Low-Energy Survey
- Realtime Bluetooth Device Detection with Blue Hydra
- Recurring Verification of Interaction Authenticity Within Bluetooth Networks
- Redfang - The Bluetooth Hunter
- Remotely Hacking a car through an OBD-II Bluetooth Dongle
- Reverse engineering and hacking Ecovacs robots
- Reverse Engineering Apple’s BLE Continuity Protocol for Tracking, OS Fingerprinting, and Behavioral Profiling
- Reverse Engineering BLE from Android apps with Frida
- Reverse Engineering Husqvarna Automower BLE Commands
- Reversing Treadmill blog series
- Saving Private Addresses: An Analysis of Privacy Issues in the Bluetooth-Low-Energy Advertising Mechanism
- Screwdriving. Locating and exploiting smart adult toys
- Security Evaluation of Nine Fitness Trackers
- Security Vulnerabilities in Bluetooth Technology as Used in IoT
- Security Weaknesses in Bluetooth
- Sniffing BTLE with the Micro:Bit
- Sniffle: A Sniffer for Bluetooth 5
- Snoop on to them as they snoop on to us
- Spectra: Breaking Separation Between Wireless Chips
- Stateful Black-Box Fuzzing of Bluetooth Devices Using Automata Learning
- Stealthily Access Your Android Phones: Bypass the Bluetooth Authentication
- SweynTooth: Unleashing Mayhem over Bluetooth Low Energy
- Take Down MacOS Bluetooth with Zero-click RCE
- Taming the Blue Beast: A Survey of Bluetooth Based Threats
- Tandem Diabetes Care, Inc. Recalls Version 2.7 of the Apple iOS t:connect Mobile App Used in Conjunction with t:slim X2 Insulin Pump with Control-IQ Technology Prompted by a Software Problem Leading to Pump Battery Depletion
- Tech: Antennas
- Tech: CodeQL
- Tech: Emulation
- Tech: Fingerprinting
- Tech: Fuzzing
- Tech: Jamming
- Tech: ODB-II
- Tech: SDR
- Tech: Sniffing
- Tech: VariantAnalysis
- Tencent Keen Security Lab: Experimental Security Assessment on Lexus Cars
- Tesla BluetoothLE API (Unofficial)
- Tesla Radar
- Testing for weak key management in Bluetooth Low Energy implementations
- The Basics Of Breaking BLE v3
- The BlueBag: A Mobile, Covert Bluetooth Attack and Infection Device
- The Bluetooth CYBORG: Analysis of the Full Human-Machine Passkey Entry AKE Protocol
- The Bluetooth Device Database
- The Conditional Correlation Attack: A Practical Attack on Bluetooth Encryption
- The KNOB is Broken: Exploiting Low Entropy in the Encryption Key Negotiation Of Bluetooth BR/EDR
- The NSA Playset: Bluetooth Smart Attack Tools
- The tragedy of Bluetooth Low Energy
- ToolUsed: Adafruit Nordic Sniffer
- ToolUsed: adb
- ToolUsed: AFL++
- ToolUsed: Android HCI log
- ToolUsed: ATT Profiler
- toolused: augustpy
- ToolUsed: BGXCommander
- ToolUsed: BIAS PoC
- ToolUsed: BleakClient
- ToolUsed: Bleno
- ToolUsed: Blue2thprinting
- ToolUsed: bluepy
- ToolUsed: BlueSpy
- ToolUsed: BlueToolkit
- ToolUsed: Bluetoothctl
- ToolUsed: BlueTrust
- ToolUsed: Braktooth
- ToolUsed: Btlejack
- ToolUsed: btmgmt
- Toolused: btmon
- ToolUsed: Burp Suite
- ToolUsed: certmitm
- ToolUsed: CrackLE
- ToolUsed: Defensics fuzzer
- ToolUsed: ESP-WROVER-KIT
- ToolUsed: Ettus Research USRP B210
- ToolUsed: Frida
- ToolUsed: GATTacker
- ToolUsed: gatttool
- ToolUsed: Ghidra
- ToolUsed: hcidump
- ToolUsed: hcitool
- ToolUsed: IDA Pro
- ToolUsed: InternalBlue
- ToolUsed: J-Link
- ToolUsed: jadx
- ToolUsed: Kismet
- ToolUsed: KNOB PoC
- ToolUsed: Mirage
- ToolUsed: mitmproxy (HTTPS mitm)
- ToolUsed: Nexus 5 phone
- ToolUsed: Noble
- ToolUsed: Nordic nRF52840 Dongle
- ToolUsed: nRF52840-Dongle
- ToolUsed: openOCD
- ToolUsed: OpenOCD
- ToolUsed: pactl
- ToolUsed: paplay
- ToolUsed: parecord
- ToolUsed: PyBlueZ
- ToolUsed: PyBT
- ToolUsed: Pyshark
- ToolUsed: RattaGATTa
- ToolUsed: Scapy
- ToolUsed: sdptool
- ToolUsed: SniffLE
- ToolUsed: Sweyntooth
- ToolUsed: Ubertooth
- ToolUsed: Unicorn
- ToolUsed: WHAD
- ToolUsed: Wireshark
- ToolUsed: Xianjun Jiao BTLE SDR sniffer
- ToolUsed: XIAO ESP32-S3
- ToolUsed: Zephyr RTOS
- ToothPicker: Apple Picking in the iOS Bluetooth Stack
- Track You: A Deep Dive into Safety Alerts for Apple AirTags
- Tracking Anonymized Bluetooth Devices
- Tracking Prey in the Cyberforest
- Tricking Android Smart Lock with Bluetooth
- Turning my phone into a skimming device: MPos Solutions
- Two bluetooth vulnerabilities in Windows
- Type: Attack
- Type: Defense
- Type: Malware In The Wild
- Type: Overview
- Type: Privacy
- Type: Reverse Engineering
- Type: Tool
- Uncovering Vulnerabilities of Bluetooth Low Energy IoT from Companion Mobile Apps with Ble-Guuide
- Uncovering your Trails - Privacy Issues of Bluetooth Devices
- Unlocking the Drive: Exploiting Tesla Model 3
- Use-after-free in Android BLE audio
- War Nibbling: Bluetooth Insecurity
- WatchWitch
- Weaponizing the BBC Micro Bit
- When Good Becomes Evil: Tracking Bluetooth Low Energy Devices via Allowlist-based Side Channel and Its Countermeasure
- Who Can Find My Devices? Security and Privacy of Apple’s Crowd-Sourced Bluetooth Location Tracking System
- WIDCOMM Bluetooth Connectivity Software Buffer Overflows
- Wireless Keystroke Injection (WKI) via Bluetooth Low Energy (BLE)
- WiSec DEMO: Attaching InternalBlue to the Proprietary macOS IOBluetooth Framework
- WiSec DEMO: BTLEmap: Nmap for Bluetooth Low Energy
- WiSec DEMO: Extracting Physical-Layer BLE Advertisement Information from Broadcom and Cypress Chips
- WiSec DEMO: Himiko: A Human Interface for Monitoring and Inferring Knowledge on Bluetooth-Low-Energy Objects
- WiSec DEMO: Venom: a Visual and Experimental Bluetooth Low Energy Tracking System
- Year: 2001
- Year: 2003
- Year: 2004
- Year: 2005
- Year: 2006
- Year: 2007
- Year: 2008
- Year: 2009
- Year: 2010
- Year: 2011
- Year: 2012
- Year: 2013
- Year: 2014
- Year: 2015
- Year: 2016
- Year: 2017
- Year: 2018
- Year: 2019
- Year: 2020
- Year: 2021
- Year: 2022
- Year: 2023
- Year: 2024
- You'd better secure your BLE devices or we'll kick your butts!