RFSAM — Radio Frequency Security Assessment Methodology
A field guide to RF security — pick a technology, get the kit and the method.
RF research and auditing have plenty of tools and scattered knowledge, but no single map. Faced with an unknown signal or device, where do you start — and how do you know what you've missed? RFSAM is meant to be that north: an open, structured reference that walks you from the spectrum up through the signal, link, crypto, attack and application layers, per protocol, with a verification procedure and a real worked example at each step. It doesn't claim to invent RF security — OSSTMM, BSAM and a deep body of research came first. It aims to organise that landscape into something you can navigate by, whether you're auditing a device or learning the field.
Have a device or an unknown signal and no idea where to begin? Pick a technology and walk the six-step descent — each step hands you the exact kit (hardware + software) for that move and the reason to pick it. An interactive map from “what is this?” to “take it over.”
The verification procedures. For each protocol and layer: what to check, a step-by-step method, a real field case, known attacks with references, and remediation — the entries you cite in an assessment.
The layer descent — spectrum → signal → link → crypto → attack → application — and the prior work RFSAM stands on (OSSTMM, BSAM, the SDR-pentest lineage). Read this to understand how it is organised.
Every piece of hardware and software behind the wayfinder kits — filterable by technology and linked to its source.
Every protocol is assessed by the same descent — six layers from the open air down to what the device trusts. The Wayfinder walks you down it; the Procedures verify each floor.