Information Security News

Unmasking the Invisible: Track Privacy-Randomized Bluetooth Devices with btrpa-scan

by ·

btrpa-scan

A Bluetooth Low Energy (BLE) scanner with advanced Resolvable Private Address (RPA) resolution. Discover nearby BLE devices, track a specific device by MAC address, or resolve privacy-randomized addresses using an Identity Resolving Key (IRK).

Features

  • Discover All Devices – Scan for all broadcasting BLE devices in range with signal strength, estimated distance, manufacturer data, and service UUIDs
  • Targeted Search – Search for a specific device by MAC address and monitor every detection
  • IRK Resolution – Resolve Resolvable Private Addresses against one or more Identity Resolving Keys to identify devices using randomized addresses for privacy
  • Multiple IRKs – Load multiple IRKs from a file to resolve addresses for several devices in a single scan
  • RSSI Filtering – Filter out weak signals with a minimum RSSI threshold
  • RSSI Averaging – Sliding window average smooths noisy BLE RSSI readings for more stable distance estimates
  • Name Filtering – Filter devices by name with case-insensitive substring matching
  • Active Scanning – Send SCAN_REQ to get SCAN_RSP with additional service UUIDs and device names that passive scanning misses
  • Environment Presets – Indoor, outdoor, and free-space path-loss models for more accurate distance estimation
  • Proximity Alerts – Audible/visual alert when a device is estimated within a configurable distance
  • Web GUI – Browser-based radar interface with animated sweep, distance visualization, GPS map, signal-strength device list with pin/unpin, and hover tooltips
  • Live TUI – Curses-based live-updating table sorted by signal strength
  • Real-Time CSV Log – Stream each detection to a CSV file as it happens
  • Batch Export – Export results to CSV, JSON, or JSONL at end of scan (supports stdout with -o -)
  • GPS Location Stamping – Tag each detection with GPS coordinates via gpsd; tracks per-device best location (strongest RSSI = closest proximity). On by default, degrades gracefully if gpsd is unavailable
  • Multi-Adapter – Scan with multiple Bluetooth adapters simultaneously (Linux)
  • Verbose/Quiet Modes – Verbose mode shows additional details (e.g. non-matching RPAs in IRK mode); quiet mode suppresses per-device output and shows only the summary

Install & Use

Support Our Threat Intelligence

If you find our technology report and cybersecurity news helpful, consider supporting our work.

Crypto QR Code
USDT (TRC20):
TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm
USDT (ERC20):
0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce

Tags: