BLEeding is a tool that allows you to jam Bluetooth (BR/EDR) and BLE devices. It can be used to spam DeAuth requests or L2CAP ping requests. It supports Linux, macOS, Windows and Raspberry PI.
Key Features:
- 🔵 Dual Mode Support: Works with both classic Bluetooth (BR/EDR) and Bluetooth Low Energy (BLE)
- 🎯 Modular Architecture: Separate implementations for BLE (
bleak) and BR/EDR (pybluez) - 🚀 Multi-threaded: Supports concurrent attacks for maximum impact
- 🖥️ Interactive Mode: User-friendly TUI for device discovery and attacks
- 🔄 Cross-Platform: Works on Linux, macOS, Windows, and Raspberry Pi
This tool was created for educational purposes only. I do not take any responsibility for the misuse of this tool.
🐧 Linux / 🍇 Raspberry PI
# Install system dependencies for BR/EDR support
sudo apt-get install git pkg-config python3 python3-pip libbluetooth-dev libboost-python-dev libboost-thread-dev libglib2.0-dev
# BLE support uses bleak (installed via pip, no extra system dependencies needed)🍎 macOS
# Install dependencies (BLE works out of the box via bleak)
brew install bluez🟦 Windows
# Install dependencies (BLE works out of the box via bleak)
choco install git python3# Clone the repository.
git clone https://github.com/sammwyy/bleeding
# Go to the repository.
cd bleeding
# Install Python requirements.
pip install -r requirements.txtNote: The tool now uses
bleakfor BLE support (cross-platform) andpybluezfor BR/EDR support. Both are installed via requirements.txt.
python bleeding.py <options> COMMAND
# Or make it executable
chmod +x bleeding.py
./bleeding.py <options> COMMAND| Command | Description | Options | OS Support |
|---|---|---|---|
scan |
Scan for devices. | --ble |
🐧 🍎 🟦 🍇 |
enum <TARGET> |
Enumerate device services | --ble |
🐧 🍎 🟦 🍇 |
deauth <TARGET> |
Spam DeAuth/flood requests | --ble, --port, --protocol, --size, --threads, --timeout |
🐧 🍇 🟦 |
i |
Interactive mode: Scan → Select → Enum → Attack | --ble |
🐧 🍎 🟦 🍇 |
random-mac |
Generate random trusted MAC addresses | 🐧 🍎 🟦 🍇 |
| Option | Short | Description | Type | Default | Applies To |
|---|---|---|---|---|---|
--ble |
-b |
Use BLE mode instead of BR/EDR | bool | ❌ | All commands |
--port |
-p |
Port to use (BR/EDR only) | int | 4097 | deauth |
--protocol |
-P |
Protocol: l2cap or rfcomm (BR/EDR only) | enum | l2cap | deauth |
--size |
-s |
Size of the packets | int | 512 | deauth |
--threads |
-t |
Number of threads | int | (vcore count) | deauth |
--timeout |
-T |
Attack duration in seconds | int | none | deauth |
Notes:
- All flags are optional
- Windows doesn't support L2CAP protocol for BR/EDR attacks
- BLE mode uses GATT characteristic flooding
- BR/EDR mode uses socket flooding (L2CAP or RFCOMM)
The interactive mode (i command) provides a user-friendly TUI workflow:
- Scan - Automatically scans for nearby devices (5s)
- Select Device - Choose a device from the numbered list
- Enumerate Services - Automatically enumerates all services on the selected device
- Select Service - Choose a service/port to attack
- Attack - Automatically launches a 60-second DeAuth attack
Examples:
# Interactive mode for BR/EDR (classic Bluetooth)
python bleeding.py i
# Interactive mode for BLE
python bleeding.py i --bleScanning:
# Scan for BR/EDR devices
python bleeding.py scan
# Scan for BLE devices
python bleeding.py scan --bleEnumerate Services:
# Enumerate BR/EDR device services
python bleeding.py enum AA:BB:CC:DD:EE:FF
# Enumerate BLE device services (GATT)
python bleeding.py enum AA:BB:CC:DD:EE:FF --bleDeAuth/Flood Attack:
# Attack BR/EDR device with L2CAP
python bleeding.py deauth AA:BB:CC:DD:EE:FF --port 4097 --protocol l2cap --threads 4
# Attack BLE device (60 second duration)
python bleeding.py deauth AA:BB:CC:DD:EE:FF --ble --threads 4 --timeout 60Contributions, issues and feature requests are welcome! Feel free to check issues page.
Give a ⭐️ if this project helped you! Or buy me a coffee-latte 🙌 Ko-fi