blue-tap 2.6.0

Bluetooth/BLE Penetration Testing Toolkit for Automotive IVI Systems

Bluetooth/BLE Penetration Testing Toolkit for Automotive IVI Systems

---

Blue-Tap is a Bluetooth Classic and BLE penetration testing toolkit built for automotive IVI security assessments. It operates at both the HCI layer and below-HCI via DarkFirmware on RTL8761B.

96 registered modules across 6 families: discovery, reconnaissance, assessment, exploitation, post-exploitation, and fuzzing.

• Discovers, fingerprints, and assesses Bluetooth devices with 25 CVE detections, 11 posture checks, and 30 denial-of-service probes
• Exploits protocol vulnerabilities: BIAS, KNOB, BLUFFS, SSP downgrade, encryption downgrade, connection hijacking
• Extracts data and intercepts audio via PBAP, MAP, HFP, A2DP, AVRCP, AT commands, OBEX
• Fuzzes 16 Bluetooth protocols with a response-guided engine, crash database, and minimization

Installation

git clone https://github.com/Indspl0it/blue-tap.git
cd blue-tap
pip install -e .

Verify:

sudo blue-tap --version
sudo blue-tap adapter list

Documentation

Full documentation: docs/

• CLI Reference
• Getting Started
• CVE Detection Matrix
• Hardware Compatibility
• Troubleshooting
• Changelog

Legal Disclaimer

Blue-Tap is provided for authorized security testing and research purposes only. You must have explicit written permission from the owner of any device you test. Unauthorized access to Bluetooth devices is illegal under the Computer Fraud and Abuse Act (CFAA), the UK Computer Misuse Act, and similar laws worldwide. The authors accept no liability for misuse. Report vulnerabilities responsibly to the affected manufacturer.

License

GNU General Public License v3.0 — Copyright (C) 2026 Santhosh Ballikonda

---

Santhosh Ballikonda — @Indspl0it