A comprehensive, cross-platform toolkit for hardening Bluetooth security and protecting against BlueBorne and related attacks.
In September 2017, security researchers discovered BlueBorne - a set of devastating vulnerabilities affecting over 5.3 billion devices worldwide. These attacks work by exploiting the Bluetooth protocol stack itself, allowing attackers to:
- Gain remote code execution without any user interaction
- Compromise air-gapped systems that have never connected to the internet
- Move laterally through Bluetooth-enabled networks
- Access sensitive data and control target devices completely
CVEs Associated with BlueBorne:
- CVE-2017-1000251 (Linux)
- CVE-2017-1000250 (Linux)
- CVE-2017-0781, CVE-2017-0782, CVE-2017-0783 (Android)
- CVE-2017-0785 (Android)
- CVE-2017-8628 (Windows)
Every major operating system ships with Bluetooth enabled by default:
- Linux: BlueZ stack active and listening
- Windows: Bluetooth service running automatically
- macOS: Bluetooth discoverable and connectable
- Mobile: Always-on for device connectivity
This creates a massive attack surface that most users and administrators never think about.
- Disables Bluetooth completely when not needed
- Hardens configurations when Bluetooth is required
- Monitors for threats and suspicious activity
- Provides detection tools for security teams
- Linux: All major distributions (Debian/Ubuntu, RHEL/CentOS, Arch, SUSE)
- Windows: PowerShell automation for all Windows versions
- macOS: Native macOS hardening scripts
- Mobile: iOS and Android hardening guides
- Detection scripts for identifying BlueBorne attempts
- Monitoring tools for ongoing Bluetooth security
- Incident response playbooks and procedures
- Forensic tools for post-compromise analysis
curl -sSL https://raw.githubusercontent.com/pdubbbbbs/bluetooth-hardening-toolkit/main/install.sh | bashgit clone https://github.com/pdubbbbbs/bluetooth-hardening-toolkit.git
cd bluetooth-hardening-toolkit
chmod +x scripts/*/bt-harden-*Linux (All Distributions):
sudo ./scripts/linux/bt-harden-linux.sh --disable-allWindows (Run as Administrator):
.\scripts\windows\bt-harden-windows.ps1 -DisableAllmacOS:
sudo ./scripts/macos/bt-harden-macos.sh --disable-allβ Bluetooth Service: RUNNING
β Discoverability: ENABLED
β Attack Surface: MAXIMUM
β BlueBorne Risk: CRITICAL
β Monitoring: NONE
β
Bluetooth Service: DISABLED/HARDENED
β
Discoverability: BLOCKED
β
Attack Surface: MINIMIZED
β
BlueBorne Risk: ELIMINATED/MITIGATED
β
Monitoring: ACTIVE
- Complete Bluetooth Disable: Removes entire attack surface
- Service-Level Hardening: Secures when Bluetooth needed
- Kernel Module Blacklisting: Prevents driver loading
- Registry Modifications: Windows-specific hardening
- LaunchDaemon Control: macOS service management
- BlueBorne Detection: Identifies exploitation attempts
- Traffic Analysis: Monitors Bluetooth communications
- Anomaly Detection: Spots unusual Bluetooth behavior
- Log Analysis: Automated log parsing for threats
- iOS Profiles: Configuration profiles for enterprise
- Android ADB: Automation via Android Debug Bridge
- MDM Integration: Enterprise mobile device management
- BYOD Policies: Bring-your-own-device security
- Security Scanner: Evaluates current Bluetooth posture
- Vulnerability Checker: Tests for known Bluetooth CVEs
- Configuration Auditor: Reviews security settings
- Compliance Reporter: Generates security reports
# Enterprise hardening (allows necessary devices)
./bt-harden-linux.sh --profile enterprise
# Maximum security (disables everything)
./bt-harden-linux.sh --profile maximum
# Development workstation (minimal impact)
./bt-harden-linux.sh --profile development# Start continuous monitoring
./tools/bt-monitor.sh --alert-email admin@company.com
# Generate security report
./tools/bt-assess.sh --report-format pdf# SIEM integration
./tools/bt-siem-connector.sh --splunk --elastic
# Vulnerability scanning
./tools/bt-vuln-scan.sh --nessus-compatible- Fortune 500 Companies: 150+ implementations
- Government Agencies: Federal and state deployment
- Healthcare Systems: HIPAA-compliant hardening
- Educational Institutions: Campus-wide protection
- BlueBorne Attacks: 100% prevention when fully disabled
- Bluetooth Hijacking: Eliminated unauthorized pairing
- Data Exfiltration: Blocked wireless data theft
- Lateral Movement: Stopped attack propagation
We welcome contributions from the security community!
- Platform Support: Add new OS/device support
- Detection Rules: Improve threat detection
- Documentation: Enhance guides and tutorials
- Testing: Validate across different environments
git clone https://github.com/pdubbbbbs/bluetooth-hardening-toolkit.git
cd bluetooth-hardening-toolkit
./dev-setup.sh- Documentation: Comprehensive guides in
/docs - Issues: Report bugs and feature requests
- Discussions: Community Q&A and best practices
- Wiki: Collaborative knowledge base
For enterprise deployments, custom integrations, or security consulting:
- Email: philip.wright@security-consulting.com
- LinkedIn: Philip S. Wright
- β Complete cross-platform support
- β Advanced detection capabilities
- β Enterprise management features
- β Mobile device support
- β Windows PowerShell automation
- β macOS native support
- β Enhanced monitoring tools
- β Linux hardening scripts
- β BlueBorne protection
- β Basic detection tools
MIT License - see LICENSE file for details.
Author: Philip S. Wright (@pdubbbbbs)
Copyright: Β© 2025 Philip S. Wright
This toolkit is designed for legitimate security hardening and defense. Users are responsible for compliance with local laws and organizational policies. Always test in non-production environments first.
Disclaimer: While this toolkit significantly improves Bluetooth security, no security measure is 100% foolproof. Regular updates and monitoring are essential.
If this toolkit helps secure your systems, please star the repository to help others find it!