Meshtastic sniffer tool uses HackRF to monitor hundreds of channels at once

A new Meshtastic sniffer from SDR specialist cemaxecuter pushed well past the one-channel-at-a-time limits of ordinary radios, using a HackRF to watch hundreds of U.S. channels simultaneously and capture traffic in real time across a wide slice of spectrum. For builders who have ever wondered whether a mesh is actually behaving the way the map says it is, that matters. It gives you a way to see congestion, validate a rollout, and trace how packets move through a busy network without waiting for a single node to complain.

That kind of visibility lands in a project that has grown far beyond a niche experiment. Meshtastic describes itself as an open-source, off-grid, decentralized mesh network built on affordable, low-power devices, and its official site says the ecosystem now includes 100-plus community-supported devices, more than 1,800 code contributors worldwide, 26 LoRa regions, and 39 languages. The security model has also changed in a way that matters for anyone using these tools: up to firmware 2.4.x, Meshtastic relied entirely on pre-shared keys for all messaging, while firmware 2.5.0 introduced public-key cryptography for direct messages and session IDs for admin messages. Chat channels still use a pre-shared key.

The broader SDR work around Meshtastic makes the new sniffer look like part of a real line of development, not a one-off demo. Cemaxecuter had already published DragonOS Noble Receive and Decode Meshtastic w/ SDR and WarDragon Real-Time Decoding Meshtastic w/ GNU Radio & SDR, and community projects have been moving in the same direction. The Meshtastic_SDR project describes an SDR-based RX and TX stack that can decode all presets at once, with ports mapped from TCP 20000 through TCP 20007. Its notes also make the hardware tradeoff plain: HackRF or better is required for the 20 MHz US all-presets flow, while conventional radios can only listen to one preset at a time.

That is why the sniffer has real diagnostic value for operators, but it also draws a hard line around privacy and legal use. Meshtastic traffic is often encrypted and used for off-grid communications, and SDRangel’s Meshtastic demodulator plugin describes decoding as experimental, says LoRa protocol details are not publicly made available, and recommends dedicated hardware for production-grade use. Wideband passive monitoring can help verify a deployment, troubleshoot interference, and understand air-time behavior on the 900 MHz ISM spectrum. It should stay on your own network, or one you are explicitly authorized to analyze, because the same visibility that helps debug a mesh can also cross straight into surveillance if it is pointed the wrong way.