DEMO: BTLEmap: Nmap for Bluetooth Low Energy
This tool addresses security vulnerabilities for BLE device users and developers, though it is incremental as it adapts existing network auditing concepts to BLE.
The paper tackles the security auditing challenge in Bluetooth Low Energy (BLE) environments by presenting BTLEmap, an open-source application that enables device enumeration, GATT service discovery, and device fingerprinting, with features like a BLE advertisement dissector and user-friendly UI.
The market for Bluetooth Low Energy devices is booming and, at the same time, has become an attractive target for adversaries. To improve BLE security at large, we present BTLEmap, an auditing application for BLE environments. BTLEmap is inspired by network discovery and security auditing tools such as Nmap for IP-based networks. It allows for device enumeration, GATT service discovery, and device fingerprinting. It goes even further by integrating a BLE advertisement dissector, data exporter, and a user-friendly UI, including a proximity view. BTLEmap currently runs on iOS and macOS using Apple's CoreBluetooth API but also accepts alternative data inputs such as a Raspberry Pi to overcome the restricted vendor API. The open-source project is under active development and will provide more advanced capabilities such as long-term device tracking (in spite of MAC address randomization) in the future.