WCH BLE Analyzer Pro USB Bluetooth LE Sniffer Introduces Linux Software with Wireshark (pcap) Compatibility

Last updated on by on Categories
Try Our Free Tools!
Master the web with Free Tools that work as hard as you do. From Text Analysis to Website Management, we empower your digital journey with expert guidance and free, powerful tools.
Let's Try Now!

Linux Driver for WCH BLE Analyzer Pro Now Available

In November of last year, an article highlighted the WCH BLE Analyzer Pro, an economical USB Bluetooth Low Energy (LE) sniffer priced at approximately ~$20.

This device promises substantial utility for reverse engineering and debugging applications.

However, a notable limitation was its software compatibility, restricted to Windows 7 through 11. In an exemplary display of ingenuity, a developer known as Xecaz managed to reverse-engineer the USB protocol.

Using libusb, he created a Linux-compatible application that generates standard pcap files, thus making interoperability with widely used tools such as Wireshark feasible.

As Xecaz quipped, “WinChipHead neglected to provide a Linux driver. We didn’t seek permission.”

The WCH BLE Analyzer Pro is equipped with three CH582F RISC-V microcontrollers and a CH334 USB hub.

It shows compatibility with Bluetooth Low Energy (BLE) versions 4.0, 4.2, and 5.0, facilitating host connections through a USB-C port.

The Linux driver for the BLE Analyzer Pro can be accessed on GitHub. Installation of this software is quick and uncomplicated:

git clone https://github.com/xecaz/BLE-Analyzer-pro-linux-capture
cd BLE-Analyzer-pro-linux-capture/
sudo apt install libusb-1.0-0-dev
make
sudo make install
sudo udevadm control --reload-rules && sudo udevadm trigger

You may verify its functionality by running the program without parameters:

jaufranc@CNX-LAPTOP-5:~/edev/sandbox/BLE-Analyzer-pro-linux-capture$ ./wch_capture 
Nothing to do – use -v and/or -w FILE.pcap
WCH BLE Analyzer PRO Linux Capture tool by Xecaz 2026!

Usage: ./wch_capture [OPTIONS]

Options:
  -v            Print packets to stdout
  -w FILE.pcap  Write PCAP (DLT 256, BLE LL + phdr)
  -p PHY        PHY: 1=1M (default), 2=2M, 3=CodedS8, 4=CodedS2
  -i ADDR       Initiator MAC filter  (AA:BB:CC:DD:EE:FF)
  -a ADDR       Advertiser MAC filter (AA:BB:CC:DD:EE:FF)
  -k KEY        LTK, 32 hex chars
  -K PASSKEY    BLE passkey (6-digit decimal)
  -2            Custom 2.4G mode (default: BLE monitor)
  -c CHAN       Channel 0-39: BLE adv 37/38/39 or 0=all (auto per MCU); 2.4G raw
  -A AADDR      2.4G access addr (hex, e.g. 8E89BED6)
  -C CRCINIT    2.4G CRC init (6 hex chars, e.g. 555555)
  -W WHITEN     2.4G whitening init (hex byte)
  -h            Show this help

Capture stops on SIGINT (Ctrl+C) or SIGTERM.

While I have yet to acquire a unit, its operation may resemble the following example:

sudo ./wch_capture -v -w capture.pcap

Subsequently, the generated capture. pcap file can be imported into Wireshark for in-depth analysis.

Notably, all three microcontrollers capture data concurrently across channels 37, 38, and 39, while Wireshark adeptly decodes various packet types such as ADV_IND, ADV_NONCONN_IND, and CONNECT_IND.

a white dice with a black github logo on it

For those interested in the reverse engineering process, the “RE_PROCESS.md” document on GitHub provides additional insights.

Furthermore, an Android application is currently in development, and Xecaz invites testers to assist prior to its official release.

Source link: Cnx-software.com.

Disclosure: This article is for general information only and is based on publicly available sources. We aim for accuracy but can't guarantee it. The views expressed are the author's and may not reflect those of the publication. Some content was created with help from AI and reviewed by a human for clarity and accuracy. We value transparency and encourage readers to verify important details. This article may include affiliate links. If you buy something through them, we may earn a small commission — at no extra cost to you. All information is carefully selected and reviewed to ensure it's helpful and trustworthy.

Reported By

Neil Hemmings

I'm Neil Hemmings from Anaheim, CA, with an Associate of Science in Computer Science from Diablo Valley College. As Senior Tech Associate and Content Manager at RS Web Solutions, I write about AI, gadgets, cybersecurity, and apps – sharing hands-on reviews, tutorials, and practical tech insights.
Share the Love
Related News Worth Reading
 
Try Our Free Tools!
Master the web with Free Tools that work as hard as you do. From Text Analysis to Website Management, we empower your digital journey with expert guidance and free, powerful tools.
Let's Try Now!

We provide the best tutorials, reviews, and recommendations on all technology and open-source web-related topics. Surf our site to extend your knowledge base on the latest web trends.

Trustpilot
Content Safety

HERO

rswebsols.com
Trustworthy

Approved by Sur.ly

Important Links
Free Tools
Categories
Popular Topics
Our Partners
Copyright © 2026 - RS Web Solutions (RSWEBSOLS) | All Rights Reserved. Image credit: Unsplash | Pixabay | Pexels | Freepik.