2 hours ago
Requirements
- USB Bluetooth adapter (at least one)
- NRF24L01 module
- Arduino (Uno/Pro Micro/Leonardo)
- Raspberry Pi 5
- nRF52840 development board
- Watch the Requirements video for further details and exact models/configuration.
Description
Master practical Bluetooth offensive and defensive skills with this hands-on, lab-driven course designed for red-teamers, penetration testers, security researchers, and hardware security enthusiasts. You’ll move from clear foundational theory into realistic, mission-oriented exercises that mirror real engagement workflows: recon -->weaponized --> execute -->document --> remediate.
The course begins with a concise introduction and a requirements checklist so you can prepare your lab (Raspberry Pi 5, USB Bluetooth adapters, nRF52840, Arduino + NRF24L01, and test mobile devices). Next we cover core theory — the key differences between Bluetooth Classic and BLE and the security implications of each — so you understand how attacks map to protocol specifics.
Practical modules include:
• Basic & Advanced Scanning: learn adapter capabilities, perform passive and active scans, fingerprint devices and services, and use the RPI-5 default dongle for repeatable captures.
• Jamming & RF Interference: safe demonstrations of NRF24L01 jammers, step-by-step Arduino builds (with code and Fritzing diagrams), device comparisons, and controlled Portapack measurements inside shielded testbeds.
• Denial of Service (DoS): protocol-level DoS on BLE and Classic, how L2CAP/ACL floods behave, and how to measure and mitigate impact.
• Intercepting Devices: hands-on nRF52840 setup, sniffer role emulation, and practical interception workflows using bluetoothctl and Nordic tooling.
• Exploring Real Issues: responsible reproductions of HID and audio vulnerabilities — including CVE-2023-45866, BlueDucky HID techniques, and BlueSpy microphone demonstrations — with defenses and detection strategies taught alongside.
• Scenario-Based Attacks & Capstone: full attack chains for Classic and BLE, OPSEC best practices, and a final scenario where you plan and document a professional assessment.
Every module balances offensive techniques with defensive controls, detection strategies, and ethical/legal rules. Labs are non-destructive by default and designed for isolated testbeds; safety checklists and reporting templates are included. By course end you will be able to execute repeatable Bluetooth assessments, construct lab-grade demos, and deliver clear remediation guidance for stakeholders. Prepare your lab, follow the safety rules, and join to gain employer-ready Bluetooth red-team skills.
Master practical Bluetooth offensive and defensive skills with this hands-on, lab-driven course designed for red-teamers, penetration testers, security researchers, and hardware security enthusiasts. You’ll move from clear foundational theory into realistic, mission-oriented exercises that mirror real engagement workflows: recon -->weaponized --> execute -->document --> remediate.
The course begins with a concise introduction and a requirements checklist so you can prepare your lab (Raspberry Pi 5, USB Bluetooth adapters, nRF52840, Arduino + NRF24L01, and test mobile devices). Next we cover core theory — the key differences between Bluetooth Classic and BLE and the security implications of each — so you understand how attacks map to protocol specifics.
Practical modules include:
• Basic & Advanced Scanning: learn adapter capabilities, perform passive and active scans, fingerprint devices and services, and use the RPI-5 default dongle for repeatable captures.
• Jamming & RF Interference: safe demonstrations of NRF24L01 jammers, step-by-step Arduino builds (with code and Fritzing diagrams), device comparisons, and controlled Portapack measurements inside shielded testbeds.
• Denial of Service (DoS): protocol-level DoS on BLE and Classic, how L2CAP/ACL floods behave, and how to measure and mitigate impact.
• Intercepting Devices: hands-on nRF52840 setup, sniffer role emulation, and practical interception workflows using bluetoothctl and Nordic tooling.
• Exploring Real Issues: responsible reproductions of HID and audio vulnerabilities — including CVE-2023-45866, BlueDucky HID techniques, and BlueSpy microphone demonstrations — with defenses and detection strategies taught alongside.
• Scenario-Based Attacks & Capstone: full attack chains for Classic and BLE, OPSEC best practices, and a final scenario where you plan and document a professional assessment.
Every module balances offensive techniques with defensive controls, detection strategies, and ethical/legal rules. Labs are non-destructive by default and designed for isolated testbeds; safety checklists and reporting templates are included. By course end you will be able to execute repeatable Bluetooth assessments, construct lab-grade demos, and deliver clear remediation guidance for stakeholders. Prepare your lab, follow the safety rules, and join to gain employer-ready Bluetooth red-team skills.
Who this course is for:
- Red teamers and penetration testers exploring Bluetooth attack surfaces
- Security researchers and ethical hackers focused on wireless security
- Hardware and IoT security enthusiasts
- Cybersecurity students building hands-on RF skills
- Professionals preparing for real-world Bluetooth assessments and demos
