Skip to content

f0rw4rd/ble_pcap_parser

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
README.md
README.md
 
 
parse_gatt.py
parse_gatt.py
 
 

Repository files navigation

BLE GATT Parser

Command-line tool to analyze and reconstruct BLE GATT communication flows from Wireshark captures.

Features

  • Chronological event timeline with relative timestamps
  • Analysis of GATT operations by handle
  • Reconstruction of sequential write operations
  • Support for all standard GATT operations:
    • Read/Write operations
    • Notifications and Indications
    • Service Discovery
    • MTU Exchange

Requirements

  • Python 3.6+
  • pyshark

Usage

python parse_gatt.py capture.pcapng

Output Format

The tool provides two views of the GATT communication:

Communication Flow

Shows chronological sequence of GATT operations:

=== Communication Flow Summary ===
+0.000s Frame 100: Handle 0x0003 - Read By Type Request: UUID: 2803
+0.010s Frame 101: Handle 0x0003 - Read By Type Response: Value1

Handle Analysis

Detailed breakdown of operations per handle:

=== Detailed Analysis by Handle ===
Handle: 0x0004
Write Request (2 operations):
  Frame 102 (Conn: 1): Data1
  Frame 104 (Conn: 1): Data2
  Combined data: Data1Data2

Contributing

  1. Fork the repository
  2. Create a feature branch
  3. Submit a pull request

About

Parses a pcapng and prints the communication via BLE GATT

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages