Data Exfiltration Over Bluetooth.

Talfor
Jul 24
1 min read

History of Bluetooth Registry Entries to investigate (MAC address of connected bluetooth devices) After that use free utility called “Dcode” to convert windows timestamp to check date and time of the bluetooth device that was connected.

“HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Devices”

Recent Posts

See All

Cybersecurity Threat Hunting

RITA - An open source framework for network traffic analysis.

The framework ingests Zeek Logs in TSV or JSON format, and currently supports the following major features: Beaconing Detection: Search for signs of beaconing behavior in and out of your network. Lo

Untitled Goose Tool

Much useful Incident Response (IR) tool released by CISA to run a full investigation against a customer’s Azure Active Directory...