{"id":18863447,"url":"https://github.com/blackarrowsec/eap_buster","last_synced_at":"2025-04-14T13:06:14.703Z","repository":{"id":108710826,"uuid":"232353314","full_name":"blackarrowsec/EAP_buster","owner":"blackarrowsec","description":"EAP_buster is a simple bash script that lists what EAP methods are supported by the RADIUS server behind a WPA-Enterprise access point","archived":false,"fork":false,"pushed_at":"2023-10-27T10:51:36.000Z","size":211,"stargazers_count":75,"open_issues_count":0,"forks_count":9,"subscribers_count":7,"default_branch":"master","last_synced_at":"2025-03-28T02:11:10.285Z","etag":null,"topics":["eap","security-tool","wifi-security"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/blackarrowsec.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-01-07T15:23:23.000Z","updated_at":"2025-03-25T15:27:14.000Z","dependencies_parsed_at":null,"dependency_job_id":"8f33b5ec-10ce-427a-a062-a4739bb69d4e","html_url":"https://github.com/blackarrowsec/EAP_buster","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/blackarrowsec%2FEAP_buster","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/blackarrowsec%2FEAP_buster/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/blackarrowsec%2FEAP_buster/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/blackarrowsec%2FEAP_buster/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/blackarrowsec","download_url":"https://codeload.github.com/blackarrowsec/EAP_buster/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248886310,"owners_count":21177643,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["eap","security-tool","wifi-security"],"created_at":"2024-11-08T04:37:33.487Z","updated_at":"2025-04-14T13:06:14.676Z","avatar_url":"https://github.com/blackarrowsec.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# EAP_buster\n [![](https://img.shields.io/badge/Category-Recon-E5A505?style=flat-square)]() [![](https://img.shields.io/badge/Language-Bash-E5A505?style=flat-square)]()\n\n* [What?](#what)\n* [Offensive usage](#offensive_usage)\n* [Defensive usage](#defensive_usage)\n* [Installation](#installation)\n* [Author and credits](#author_and_credits)\n* [License](#license)\n\n## What? \u003ca name=\"what\" /\u003e\n\nEAP_buster is a simple bash script that lists what EAP methods are supported by the RADIUS server behind a WPA-Enterprise access point. In order to achieve this, it makes use of several wpa_supplicant configuration files along with WPA-Enterprise identities, which can be grabbed with some passive sniffing.\n\n## Offensive usage \u003ca name=\"offensive_usage\" /\u003e\n\nDuring Red Team exercises, EAP_buster provides hints about what to expect from Wi-Fi clients when launching fake WPA-Enterprise access points.\n\nExample: forget about grabbing passwords with fake AP attacks if clients are expected to authenticate through certificates only (EAP-TLS). Usage:\n```bash\n./EAP_buster.sh \"${EAP_ESSID}\" \"${EAP_IDENTITY}\" \"${WIFI_INTERFACE}\"\n```\n![image](offensive_usage.png)\n\nIt should be noted that EAP_buster needs legitimate identities in order to start the 802.1X authentication process and get reliable results.\n\nEAP identites can be passively collected using sniffing tools such as [crEAP](https://github.com/Snizz/crEAP), just make sure you use a real identity and not an anonymous one.\n\n## Defensive usage \u003ca name=\"defensive_usage\" /\u003e\n\nFrom a Systems Administrator standpoint, EAP_buster can be used to detect fake WPA-Enterprise access points, as they tend to support as many EAP methods as possible in order to offer legitimate clients every form of authentication (even if using clearly fake identities).\n\nThe following image shows what EAP methods are supported by default when using `hostapd-wpe`:\n\n![image](defensive_usage.png)\n\n## Installation \u003ca name=\"installation\" /\u003e\n\nNo installation process needed, EAP_buster's main functionality consists on launching wpa_supplicant several times.\n\n## Author and credits \u003ca name=\"author_and_credits\" /\u003e\n\nAuthor: Miguel Amat [@mamatb](https://t.me/m_amatb)\n\nReferences:\n\n* [EAP packet types](https://github.com/secdev/scapy/blob/master/scapy/layers/eap.py)\n* [Typical 802.1X authentication](https://en.wikipedia.org/wiki/IEEE_802.1X#Typical_authentication_progression)\n* [wpa_supplicant description](https://github.com/digsrc/wpa_supplicant/blob/master/wpa_supplicant/README)\n* [/usr/share/doc/wpasupplicant/examples/wpa_supplicant.conf](https://w1.fi/cgit/hostap/plain/wpa_supplicant/wpa_supplicant.conf)\n\n## License \u003ca name=\"license\" /\u003e\n\nAll the code included in this project is licensed under the terms of the MIT license.\n\n#\n\n[![](https://img.shields.io/badge/www-blackarrow.net-E5A505?style=flat-square)](https://www.blackarrow.net) [![](https://img.shields.io/badge/twitter-@BlackArrowSec-00aced?style=flat-square\u0026logo=twitter\u0026logoColor=white)](https://twitter.com/BlackArrowSec) [![](https://img.shields.io/badge/linkedin-@BlackArrowSec-0084b4?style=flat-square\u0026logo=linkedin\u0026logoColor=white)](https://www.linkedin.com/company/blackarrowsec/)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fblackarrowsec%2Feap_buster","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fblackarrowsec%2Feap_buster","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fblackarrowsec%2Feap_buster/lists"}