Overview
CANalyse is a vehicle CAN bus network analysis and attack tool, co-built with Kartheek Lade. It was presented at Black Hat Arsenal 2022 — a venue that doesn't accept toy projects.
The tool enables analysis of CAN bus traffic, identification of message patterns, and simulation of attack scenarios against vehicle network protocols.
Capabilities
- Traffic Analysis — Capture, log, and analyze CAN bus messages in real-time
- Pattern Identification — Detect recurring message patterns and anomalies in vehicle network traffic
- Attack Simulation — Simulate attack scenarios against vehicle network protocols for security testing
- Signal Decoding — Parse and interpret CAN signals from raw bus data
Why This Matters
CAN bus is the nervous system of every modern vehicle — braking, steering, engine management, and every other critical system communicates over it. Understanding its security properties (and weaknesses) sits at the intersection of cybersecurity and embedded systems.
Evolution
CANalyse was later refined into CANalyse 2.0 with performance optimizations and expanded protocol support. The project represents the kind of work that doesn't fit neatly into a "data engineer" box — which is precisely the point.
Recognition
- Black Hat Arsenal 2022 — Selected for live demonstration
- Built with Python, with SQL for signal logging and a Telegram bot for remote notification