Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/crissccl/airwave_lab

BLE and Bluetooth Jammer powered by an ESP32
https://github.com/crissccl/airwave_lab

arduino-ide ble bluetooth educational embedded-systems esp32 lab-experiments nrf24l01 rf signal-processing spectrum-analysis wireless

Last synced: about 2 months ago
JSON representation

BLE and Bluetooth Jammer powered by an ESP32

Awesome Lists containing this project

README 

          
# πŸ”­ Bluetooth / BLE & RF Research Toolkit



![SDR](https://img.shields.io/badge/SDR-Lab-blue)

![DSP](https://img.shields.io/badge/DSP-Signal%20Processing-orange)

![Embedded](https://img.shields.io/badge/Embedded-ESP32-blue)

![C++](https://img.shields.io/badge/C++-Firmware-green)

![Education](https://img.shields.io/badge/Education-Labs-lightgrey)

![License](https://img.shields.io/badge/License-MIT-lightgrey)



> ⚠️ **Important:** This repository is strictly for **educational, analysis, and defensive research**.  

> It **does NOT** contain instructions or tools to jam, block, or interfere with radio communications.  

> Active interference (jamming, blocking) is illegal in many jurisdictions. Always obtain written authorization for any active tests and restrict them to isolated, shielded testbeds.



## πŸ“– Overview

This project β€” developed using **nRF24L01** modules and **ESP32** boards β€” gathers documentation and safe experiments for learning about Bluetooth/BLE and RF signaling in a legal, ethical way. The emphasis is on passive monitoring, not packet analysis, rather on protocol learning, and building controlled lab exercises for students and researchers.



Goals:

- Understand BLE and RF packet structures and behaviors.

- Perform **passive** captures and logging using ESP32 and nRF24L01 hardware in permitted environments.

- Create reproducible lab exercises to teach secure pairing, privacy addresses, and interference mitigation.

- Provide safe, legal guidance for setting up an isolated test environment.



> ⚠️ This repository will never provide instructions to build or operate jammers or active interference devices.



## πŸ“‚ Contents

- `/Hardware` β†’  schematic, Gerbers for ESP32 + nRF24L01.

- `/code_jmm` β†’ C code for ESP32 (Arduino environment) and firmware file.



## πŸ“Š Project Status

| Component                  | Status                      |

|---------------------------|-----------------------------|

| ESP32 passive scanner examples   | βœ… Completed               |

| nRF24L01 observation examples    | βœ… Completed             |

| Device assembly and electronic testing   | βœ… Completed               |

| Legal & ethics write-up   | βœ… Completed                |

| Spectrum captures         | βœ… Completed               |

| Measurement photos        | βœ… Completed            |

| Active interference research     | 🚫 Not included (forbidden)|



## βš™οΈ System Description

- **Controller:** ESP32  

- **Transceiver Module:** nRF24L01+ (PA/LNA version)  

- **Function:** Generates controlled interference patterns for BLE and Bluetooth channels  

- **Operating Bands:** 2.400–2.4835 GHz (ISM band)  

- **BLE Channels:** {2, 26, 80}  

- **Bluetooth Channels:** {32, 34, 46, 48, 50, 52, 0, 1, 2, 4, 6, 8, 22, 24, 26, 28, 30, 74, 76, 78, 80}  

- **Measurement:** Tested with Anritsu MS2760A-0070 Spectrum Analyzer at Airwave Lab  



## 🧰 Hardware & Tools (recommended for passive analysis)

- **ESP32** development boards β€” used for BLE scanning and passive logging.

- **nRF24L01** modules β€” for hobby RF monitoring in permitted contexts (note: nRF24 uses its own non-Bluetooth RF stack).

- Shielded enclosure / Faraday box for any active experiments.



## πŸ”¬ Measurement methodology (high-level)

- Measurements were taken using a calibrated **spectrum analyzer** and suitable antennas.  

- Experiments were performed in a controlled environment (shielded enclosure / isolated lab) and with the appropriate authorizations.  

- Captures include frequency averaged power spectral density (PSD).  

- **No** step-by-step instructions, hardware schematics, or firmware relating to emitters or jammers are included.



### πŸ“Έ Setup photos laboratory



  

    

      Anritsu MS2760A-0070 Spectrum Analyzer


      Anritsu MS2760A-0070

    

    

      Anechoic Chamber


      Anechoic chamber

    

  



### πŸ”Œ Power-off / Setup Overview





  Power off environment


  Power-off device noise floor spectrum measurement




### πŸ“ˆ Measurement Overview β€” BLE & Bluetooth



The spectrum analyzer tests documented below capture the emissions produced by the device in the **2.4 GHz ISM band (2.400 – 2.4835 GHz)**.  

During each test mode, the device performed a **frequency sweep across BLE and Bluetooth channels** to evaluate spectral behavior and signal distortions.



- **BLE (Bluetooth Low Energy)**: 40 channels, **2 MHz spacing**, from **2402 MHz to 2480 MHz**.  

- **Bluetooth Classic (BR/EDR)**: 79 channels, **1 MHz spacing**, from **2402 MHz to 2480 MHz**.



> ⚠️ Note: The device operation is shown for academic and educational purposes only. No instructions or parameters are provided to operate or reproduce emissions. All tests were conducted in a controlled laboratory environment with proper authorization.



### πŸ“Έ Measurement Photos β€” BLE



  

    

      BLE mode A


      BLE β€” Capture 1

    

    

      BLE mode B


      BLE β€” Capture 2

    

  

  

    

      BLE mode C


      BLE β€” Capture 3

    

    

  



### πŸ“Έ Measurement Photos β€” Bluetooth



  

    

      Bluetooth mode A


      Bluetooth β€” Capture 1

    

    

      Bluetooth mode B


      Bluetooth β€” Capture 2

    

  

  

    

      Bluetooth mode C


      Bluetooth β€” Capture 3

    

    

  



### πŸ“ˆ Measurement Results (Summary)



- **Instrument:** Anritsu MS2760A-0070 spectrum analyzer.  

- **Captured data:** spectrum analyzer traces highlighting distortion in BLE/Bluetooth bands during device operation.  

- **Observed effects:** spectral broadening, spurious components and harmonics consistent with strong in-band emissions. These effects were recorded for documentation and analysis purposes only.  

- **Test modes:** the device was evaluated under several modes; during each mode the device performed sweeps across channels to observe frequency-dependent behavior. *(Operational parameters and control signals are intentionally omitted from this repository.)*  

- **Purpose:** these measurements inform detection/mitigation strategies and support responsible research into electromagnetic compatibility and spectrum monitoring.



> ⚠️ Note: Raw operation logs or parameter sets that would enable reproduction of emissions are excluded from this repository.



### πŸ™ Acknowledgments



Special thanks to the **[Laboratorio de Comunicaciones InalΓ‘mbricas β€” EIE PUCV](https://eie.pucv.cl/investigacion/lineas-de-investigacion-y-laboratorios/laboratorio-de-comunicaciones-inalambricas/)**  

for providing access to facilities, the **Anechoic Chamber**, and the **Anritsu MS2760A-0070 Spectrum Analyzer** used in these experiments.



## πŸ–ΌοΈ 3D PCB Render (version 3)



  

    

      PCB front render


      PCB render β€” front (v3)

    

    

      PCB back render


      PCB render β€” back (v3)

    

  



## ⚑ Physical Prototype



  

    

      Device front photo


      Device β€” front

    

    

      Device back photo


      Device β€” back

    

  



## βš–οΈ Legal & Ethical Guidelines

- Do not capture or analyze traffic from third-party devices without explicit permission.  

- Passive monitoring may still be subject to local laws β€” check your national telecom regulations.  

- Keep careful logs of tests, dates, and authorizations.  

- Perform any active tests only inside a shielded enclosure and with written consent.



# βš–οΈ Legal & Regulatory References



This project is intended strictly for **educational purposes**.  

Operating or building radio interference devices without authorization is **illegal** in most jurisdictions.  

Below are links to relevant regulatory frameworks:



---



## πŸ‡¨πŸ‡± Chile

- [Ley NΒ° 18.168 β€” Ley General de Telecomunicaciones (BCN)](https://www.bcn.cl/leychile/navegar?idNorma=29582)  

- [SubsecretarΓ­a de Telecomunicaciones (SUBTEL) β€” Normas y Leyes](https://www.subtel.gob.cl/normas-y-leyes/)



---



## πŸ‡ΊπŸ‡Έ United States

- [47 CFR Part 15 β€” Radio Frequency Devices (eCFR)](https://www.ecfr.gov/current/title-47/chapter-I/subchapter-A/part-15)  

- [FCC β€” Rules & Regulations Overview](https://www.fcc.gov/rules-regulations)



---



## πŸ‡ͺπŸ‡Ί European Union

- [Directive (EU) 2018/1972 β€” European Electronic Communications Code (EECC)](https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32018L1972)  

- [Directive 2014/53/EU β€” Radio Equipment Directive (RED)](https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32014L0053)



---



## πŸ”’ Disclaimer

These references are provided for **informational purposes only**.  

- Always verify the current applicable law in your jurisdiction.  

- Obtain explicit **written authorization** before performing any active test involving RF emissions.  

- Limit all experiments to **controlled, shielded laboratory environments**.



## 🀝 Support projects

 Support me on Patreon [https://www.patreon.com/c/CrissCCL](https://www.patreon.com/c/CrissCCL)



## πŸ“œ License

MIT License