explaingit

jopohl/urh

12,403PythonAudience · researcherComplexity · 4/5Setup · moderate

TLDR

A desktop app for recording wireless signals with Software Defined Radio hardware and reverse-engineering the protocols devices use to communicate, decode data, compare captures, fuzz devices, and simulate protocols.

Mindmap

mindmap
  root((URH))
    What it does
      Record RF signals
      Decode protocols
      Fuzz wireless devices
    Supported Hardware
      HackRF
      RTL-SDR
      LimeSDR
      AirSpy
    Features
      Auto modulation detect
      Message comparison
      Protocol simulation
    Audience
      Security researchers
      RF engineers
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

Things people build with this

USE CASE 1

Record a signal from a 433 MHz remote control and decode which bytes change between button presses

USE CASE 2

Fuzz a smart home device's wireless protocol to discover how it responds to modified or unexpected messages

USE CASE 3

Reverse-engineer a wireless sensor's protocol by comparing multiple captured transmissions side by side

USE CASE 4

Build a simulation of a stateful wireless protocol to test device behavior without constant physical access

Tech stack

PythonDocker

Getting it running

Difficulty · moderate Time to first run · 1h+

Requires compatible Software Defined Radio hardware such as an RTL-SDR dongle or HackRF to record real signals.

In plain English

Universal Radio Hacker, or URH, is a desktop application for investigating wireless signals and the protocols that devices use to communicate over radio. If you have a Software Defined Radio (a type of hardware that can receive radio signals across a wide range of frequencies), URH gives you a graphical environment to record those signals, decode them into bits and bytes, and figure out what the data means. The project was presented at the Black Hat security conference and has also been the subject of academic research. The typical use case is reverse-engineering: you want to understand how a wireless device, such as a remote control, a smart plug, or a wireless sensor, communicates. URH handles the signal processing steps that are otherwise tedious to do manually. It can automatically detect the modulation scheme a signal uses, which is the method by which data is encoded onto radio waves, and then apply decodings to recover the raw data. It also provides tools to compare multiple captured messages side by side, letting you spot which parts of a signal change between transmissions and what those changes represent. Beyond analysis, URH includes a fuzzing component for testing how devices respond to modified or malformed messages, and a simulation environment for testing stateful protocols where the sequence of messages matters. These features are oriented toward security researchers who want to probe devices for weaknesses in their wireless communication. URH supports a wide range of Software Defined Radio hardware including HackRF, RTL-SDR, LimeSDR, AirSpy, BladeRF, and others. It runs on Windows, Linux, and macOS. On Windows you can install it via a standard installer, on Linux and macOS it is available through package managers including pip, Homebrew, and several Linux distribution repositories such as Arch Linux, Fedora, and openSUSE. A Docker image is also provided. The project has a user guide PDF and a set of YouTube tutorial videos covering common tasks. Community members have published articles describing how URH was used to analyze and control burger restaurant pagers, clone 433 MHz remote controls, and investigate wireless blinds and keyboards.

Copy-paste prompts

Prompt 1
Connect my RTL-SDR to URH and record a signal from a 433 MHz remote control, walk me through the setup steps
Prompt 2
Use URH to automatically detect the modulation type of a captured wireless signal and show me the decoded raw bits
Prompt 3
Set up URH's fuzzing mode to send modified packets to a wireless smart plug and log how it responds
Prompt 4
Compare two captures of wireless keyboard traffic in URH to figure out which bits change between keystrokes
Prompt 5
Install URH on macOS via Homebrew with a HackRF and capture my first wireless signal
Open on GitHub → Explain another repo

← jopohl on gitmyhub — every repo by this author, as a profile.

Verify against the repo before relying on details.