Symbian OS, Android, Radio Frequencies, BTSNOOZ, BTSNOOP, and getting kicked in the teeth. Below follows a chronicling of deciding to explore Bluetooth by hacking the firmware for a Fitbit Smartwatch and realizing I was in way over my head and slowly trying to regain any hope of understanding.

So far I’ve managed to have just enough reverse engineering skills as is useful to me at the time, but recently I’ve taken an interest in getting a bit more in depth. My son was ill last week and home from daycare, so I took it upon myself to take the time to watch HackadayU: Reverse Engineering with Ghidra (~4 hours).

Recently I stumbled across a thread on Reddit r/AskNetsec Now, without looking at the post: What do you think the answers looked like? If you guessed a lot of people saying “You don’t” or “You can’t”, give yourself a pat on the back because you guessed correctly!

Last week a friend of mine asked me to debug/RE some phishing emails that had been sent to them. These phishing emails were visually very clever and looked identical to the real site! But as I looked at the javascript I frankly became embarassed for the developer.

It’s easy to set up an IDS or other infrastructure to drop packets that match rules. There are many tools for real-time inspection of connections that can handle higher level protocols like HTTP or TLS. This article aims to go a bit lower and address how to edit packets in flight.