Wifiphisher is a powerful rogue Access Point framework designed for red team engagements and Wi-Fi security assessments. It allows penetration testers to perform man-in-the-middle attacks against wireless clients through targeted Wi-Fi association techniques.
Key Features:
- Evil Twin Attacks: Creates fake Wi-Fi networks mimicking legitimate ones.
- KARMA Attacks: Masquerades as known public networks to attract Wi-Fi clients.
- Known Beacons: Broadcasts common ESSIDs for automatic association.
- Customizable Phishing: Mounts web phishing attacks to capture credentials or deliver malware.
- Modular Design: Supports extensions and custom phishing scenarios via Python.
- Automated PSK Verification: Captures WPA/WPA2 handshakes for passphrase verification.
Use Cases:
- Wi-Fi security testing
- Red team operations
- Credential harvesting
- Malware delivery
- Security awareness training
