DEV.co
Open-Source Security · BLE-Research-Group

MetaRadar

MetaRadar is an Android app that scans, analyzes, and tracks Bluetooth Low Energy (BLE) devices in your environment. It helps users identify which BLE devices broadcast trackable identifiers and which implement privacy protections, with real-time alerting for suspicious or stalking behavior.

Source: GitHub — github.com/BLE-Research-Group/MetaRadar
1.5k
GitHub stars
107
Forks
Kotlin
Primary language
GPL-3.0
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
RepositoryBLE-Research-Group/MetaRadar
OwnerBLE-Research-Group
Primary languageKotlin
LicenseGPL-3.0 — OSI-approved
Stars1.5k
Forks107
Open issues38
Latest releasev0.32.1-beta (2026-01-10)
Last updated2026-01-22
Sourcehttps://github.com/BLE-Research-Group/MetaRadar

What MetaRadar is

A Kotlin-based Android application that performs BLE packet capture and analysis, including GATT service exploration, device type classification, distance estimation via signal strength (RSSI), and configurable filtering. All processing is local; no data is transmitted externally.

Quickstart

Get the MetaRadar source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/BLE-Research-Group/MetaRadar.gitcd MetaRadar# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

Privacy Auditing and Device Fingerprinting

Security researchers and privacy-conscious users can audit BLE device behavior to identify which devices use randomized MAC addresses, persistent identifiers, or other privacy features. Useful for understanding privacy posture of consumer IoT and wearables.

Anti-Tracking and Stalking Detection

Detect unknown BLE devices broadcasting in proximity and receive alerts if the same device persists or moves alongside the user over time. Helps identify potential tracking tags or compromised wearables.

Bluetooth Security Research and Education

Academic and security research teams can use MetaRadar to study BLE traffic, device advertising patterns, and privacy implementation across device categories. Educational tool for understanding BLE protocol weaknesses.

Implementation considerations

  • BLE scanning consumes battery on mobile devices; implement scan scheduling, result caching, and user-configurable scan intervals to reduce power drain.
  • Android BLE API behavior varies by OS version and device manufacturer; test extensively across target API levels and device types (manufacturers often use non-standard BLE implementations).
  • GATT service enumeration and deep analysis may timeout or fail on some devices; implement graceful fallback and timeout handling to avoid UI freezes.
  • GPS/location data not collected, but BLE device positions inferred from RSSI; accuracy is ±5–15 meters and highly dependent on environment (multipath, interference).
  • User must grant runtime permissions (ACCESS_FINE_LOCATION, BLUETOOTH_SCAN on Android 12+); permission denial should be handled gracefully.

When to avoid it — and what to weigh

  • Legal/Regulatory Uncertainty in Your Jurisdiction — The project includes explicit warnings that use must comply with applicable laws. Passive BLE monitoring legality varies significantly by country and context. Do not deploy without confirming lawful use in your region.
  • Production Mobile App Requiring Long-term Support — This is a beta tool (v0.32.1-beta) developed for research purposes, not a hardened production application. Expect breaking changes, incomplete error handling, and limited stability guarantees.
  • Requirement for Commercial SLA or Vendor Support — GPL-3.0 licensed open-source project with no commercial support entity. If you need guaranteed SLAs, incident response, or warranty, this is not suitable.
  • Integration into Proprietary or Closed-Source Products — GPL-3.0 requires derivative works be open-source and share the same license. Cannot be embedded in closed-source commercial applications without significant legal review.

License & commercial use

Licensed under GPL-3.0 (GNU General Public License v3.0), a copyleft license requiring all derivative works, modifications, and linked software to be released under the same GPL-3.0 license and with source code disclosure.

GPL-3.0 permits commercial use, but with strict conditions: any distributed version (including software-as-a-service) must provide full source code, disclose GPL-3.0 licensing, and allow recipients to modify and redistribute. Proprietary closed-source products cannot incorporate this code. Consult legal counsel before any commercial deployment. No warranty or liability indemnification is provided.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceActive
DocumentationAdequate
License clarityClear
Deployment complexityLow
DEV.co fitPossible
Assessment confidenceHigh
Security considerations

Project focuses on privacy analysis of BLE traffic rather than cryptographic security. No security audit or penetration test results disclosed. BLE protocol vulnerabilities (e.g., address spoofing, GATT service enumeration as reconnaissance) are inherent to BLE itself, not specific to MetaRadar. Local-only data handling reduces exfiltration risk. Users should review source code and verify no telemetry is introduced. GPL-3.0 transparency supports community auditing.

Alternatives to consider

nRF Connect for Mobile (Nordic Semiconductor)

Full-featured commercial BLE scanner with GATT exploration, packet capture, and device advertising analysis. Supports iOS/Android. Closed-source; no privacy analysis or anti-tracking features. Better stability and support but less focused on privacy.

Bluetooth Scanner (AppRaven)

Lightweight Android BLE scanner for basic device discovery and GATT reading. No advanced privacy analysis or tracking detection. Easier to deploy in restricted environments; limited depth compared to MetaRadar.

Wireshark with Bluetooth Adapter

Desktop-based packet capture and analysis for detailed BLE traffic inspection. Requires external Bluetooth sniffing hardware. Higher complexity but more comprehensive forensic capability; not mobile-friendly and not designed for real-time alerting.

Software development agency

Build on MetaRadar with DEV.co software developers

Review the source code on GitHub, test the app via F-Droid or IzzyOnDroid, and consult legal/security teams on compliance and deployment suitability for your use case.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

Related on DEV.co

Explore the category and the services that help you build with it.

MetaRadar FAQ

Can I use MetaRadar in production or as a commercial service?
Technically yes under GPL-3.0, but you must release all code as open-source under GPL-3.0, disclose the license, and allow users to modify and redistribute. Consult legal counsel before commercial deployment. No vendor support or SLA is provided.
Is it legal to scan BLE devices in my area?
Legality depends on your jurisdiction. Passive BLE scanning is generally legal in many countries, but laws vary. The project explicitly states users are solely responsible for compliance. Review local wiretapping, privacy, and telecommunications regulations.
How accurate is the distance estimation?
Distance is estimated using RSSI (signal strength). Accuracy is typically ±5–15 meters in open space but degrades significantly with obstacles, interference, and device antenna characteristics. Not suitable for precise localization.
Does MetaRadar collect or send my data anywhere?
No. The app processes all BLE data locally on-device and does not transmit data externally or connect to any backend service. All analysis is offline.

Software developers & web developers for hire

From first prototype to production, DEV.co delivers software development services around tools like MetaRadar. Our software development agency staffs experienced software developers and web developers for custom software development, web development, integrations, and ongoing support across open-source security and beyond.

Evaluate MetaRadar for Your Security or Research Program

Review the source code on GitHub, test the app via F-Droid or IzzyOnDroid, and consult legal/security teams on compliance and deployment suitability for your use case.