Difference between revisions of "BLE-Berry Project"
Line 10: | Line 10: | ||
xxxxx Image of Threatmodel xxxxx | xxxxx Image of Threatmodel xxxxx | ||
Some of the Threats have use other Threats as an entry vector, e.g., a machine-in-the-middle attack | Some of the Threats have use other Threats as an entry vector, e.g., a machine-in-the-middle attack relies on address spoofing and can benefit from Radio Jamming. The dependencies of the Threat is shown in the figure below. | ||
xxxxx Image of Dependencies xxxxx | |||
The | The STRIDE method was used to categorize the discovered Threats, as shown in the following table. | ||
xxxxx Stride xxxxx | |||
=== Step 1 === | === Step 1 === | ||
==== Step 1.2 ==== | |||
Enter these commands in the shell | Enter these commands in the shell |
Revision as of 18:42, 2 October 2023
Summary
This Project is the result of a master’s thesis that created a Threat Model of the Bluetooth Low Energy (BLE) Standard and developing a tool called BLE Berry to enable easier BLE Development and to perform basic pentesting operations.
Threat Model
The Threat Model was performed by analyzing the BLE portion of the BLE Standard and gathering further information's from numerous white papers and scientific papers. The gathered Threats and Vulnerabilities got mapped to the Layer/Protocol they are performed on, as shown in the figure below.
xxxxx Image of Threatmodel xxxxx
Some of the Threats have use other Threats as an entry vector, e.g., a machine-in-the-middle attack relies on address spoofing and can benefit from Radio Jamming. The dependencies of the Threat is shown in the figure below.
xxxxx Image of Dependencies xxxxx
The STRIDE method was used to categorize the discovered Threats, as shown in the following table.
xxxxx Stride xxxxx
Step 1
Step 1.2
Enter these commands in the shell
echo foo echo bar
Step 2
Make sure to read
- War and Peace
- Lord of the Rings
- The Baroque Cycle
Used Hardware
Device to be used with this documentation Maybe another device to be used with this documentation
Courses
- A course where this documentation was used (2017, 2018)
- Another one (2018)