-
Notifications
You must be signed in to change notification settings - Fork 7
Home
`Mr-IoT` edited this page May 1, 2026
·
2 revisions
BlueSploit is a Metasploit/RouterSploit-style framework for Bluetooth & BLE security research. 101 modules covering 40+ public CVEs across Classic BT, BLE, BR/EDR, and vendor stacks.
Legal: For authorized security research, CTF, and pentesting only. See Legal Disclaimer.
| Section | Description |
|---|---|
| Installation | Install on Linux (any distro) and macOS |
| Quick Start | First scan + first exploit in 60 seconds |
| Console Commands | REPL reference (use, set, run, …) |
| Module Categories | What lives in exploits/, scanners/, etc. |
| Hardware Setup | Ubertooth, HackRF, nRF52840, BTLEJack, YARD Stick One |
| Writing Modules | Author your own exploit / scanner |
| Troubleshooting | Common errors and fixes |
| FAQ | Quick answers |
| Contributing | PR + style guidelines |
69 exploits/ — CVE-backed PoCs (KNOB, BIAS, BLUFFS, BlueBorne, SweynTooth …)
10 dos/ — Bluesmack, L2CAP/RFCOMM/SDP floods
6 auxiliary/ — Sniffers, fuzzers, RPA deanon
5 scanners/ — Vuln scan, BlueBorne scan, hidden device scan
6 recon/ — Discovery, GATT/SDP enum, OUI lookup, fingerprint
5 post/ — Link-key dump, GATT exfil, session hijack
bluesploit.py # CLI entrypoint
core/
├── interpreter.py # cmd2 REPL
├── loader.py # auto-discovers modules under modules/
├── base.py # ExploitBase / ScannerBase / etc.
├── hardware.py # Adapter abstraction (HCI, Ubertooth, nRF…)
└── utils/ # printer, helpers
modules/
├── exploits/ scanners/ dos/ recon/ auxiliary/ post/
data/
├── wordlists/ oui/ profiles/ signatures/
See Architecture for the full breakdown.
BlueSploit · MIT License · For authorized security research only · Issues · Disclaimer
Getting Started
Modules
Hardware & Internals
Help