BLE-Replay is a Bluetooth Low Energy (BLE) peripheral assessment tool
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.
btsnoop Added support for Apple PacketLogger HCI logs and fixed a bug that cr… Aug 25, 2016
.gitignore updated README for clarity Jul 28, 2016 First code commit Jul 28, 2016


BLE-Replay is a Bluetooth Low Energy (BLE) peripheral assessment tool. It pulls/consumes Bluetooth HCI logs from your mobile device and extracts all of the writes that the central makes to a peripheral.

This data can be replayed using most Bluetooth dongles from a Linux host, or saved to disk for modification. This tool gets you straight to testing a peripheral without extracting data with wireshark or scripting things with tools like gatttool. It allows for hand-crafting of your own sequences of characteristic writes to test against a device, including support for byte-level fuzzing.

This tool is useful if a mobile app writes some characteristics on the BLE device in order to configure/unlock/disable some feature or perform some other state-changing action on the device.


Linux with BlueZ stack.

BLESuite ->


python -h

Replay File Format

["000e", "58e96f71ac901b55", [0,1,5,7], 2]
["002c", "627474686f6c65", [], 1]
["0002", "01", [0], 40]

Each line contains a JSON list of 4 parameters:

  1. Handle (Hex string)
  2. Data (Hex string)
  3. Byte positions to fuzz (List of integer offsets, OPTIONAL - use [] to send packet as is)
  4. Number of times to fuzz or repeat this write (Integer)


Fetch the HCI log from Android device and replay it as is:

python -f -r

Parse an HCI log from your computer and replay it as is:

python -p btsnoop_hci.log -r

Fetch the HCI log from Android device and write modifiaBLE replay data to disk:

python -f -of replaydata.json

Modify the hex values as needed and then play that file using:

python -if replaydata.json -r