Various posts about Radio Security dealing with Garage remotes, cars and other radio devices.

Trunked Radio: A Guide

Trunked Radio: A Guide

TLDR; You can listen to all of the San Francisco CERS (Public Safety) Trunked system atĀ , this guide will show you how you can do the same for it or another trunked system! I am uploading all of San Francisco CERS ( Public Safety ), including Police/EMS/Sheriff/Citywide/gov/etc to Covers the area in the…

Hardware HacksRadioRTLSDR

Bypassing Rolling Code Systems

This blog post will discuss the implementation of Codegrabbing / RollJam, just one method of attacking AM/OOK systems that implement rolling codes (such as keeloq) — these systems are commonly found on modern vehicles and entry systems such as gates and garages. This technique has been used and spoken about for a number of years…


Hacking fixed key remotes with (only) RFCat

Introduction Its been absolutely ages since I’ve posted anything on the blog, not that I havent been doing things, just really not many things I felt good enough to write an entry about. I got a lot of feedback regarding my previous entry about Hacking Fixed key remotesĀ and I decided to build on that slightly….

Hardware HacksRadioSecurity

Bypassing LF Entry Systems

Its taken a lot of motivation to start writing this, and I hope its okay, I have a mental block that I need to write this and the second post about magstripes before moving on to some new things with my plants I want to try. Eye Candy: My friend Roelof Temmingh (@Roeloftemmingh) made this…


Hacking fixed key remotes

Previously I discussed using my RTL-SDR to merely listen for analog audio signals. In this entry I’ll discuss using it to decode digital signals (this example on fixed remote signals often used for garages / gates ) so that they can be replayed/brute forced with something like the RFCat project (based on TI’s CC1111EMK module)….