{"id":13539694,"url":"https://github.com/hash3lizer/wifibroot","last_synced_at":"2025-04-12T18:53:16.981Z","repository":{"id":41537798,"uuid":"142863584","full_name":"hash3liZer/WiFiBroot","owner":"hash3liZer","description":"A Wireless (WPA/WPA2) Pentest/Cracking tool. Captures \u0026 Crack 4-way handshake and PMKID key. Also, supports a deauthentication/jammer mode for stress testing","archived":false,"fork":false,"pushed_at":"2021-01-15T09:07:36.000Z","size":604,"stargazers_count":997,"open_issues_count":14,"forks_count":180,"subscribers_count":46,"default_branch":"master","last_synced_at":"2025-04-03T22:08:32.168Z","etag":null,"topics":["aircrack","crack","deauthentication-attack","eapol","handshake","hashcat","pmkid","python27","scapy","wireless-penetration-testing","wpa","wpa2","wpa2-cracker"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/hash3liZer.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-07-30T10:57:22.000Z","updated_at":"2025-03-31T09:30:25.000Z","dependencies_parsed_at":"2022-07-30T23:47:54.339Z","dependency_job_id":null,"html_url":"https://github.com/hash3liZer/WiFiBroot","commit_stats":null,"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hash3liZer%2FWiFiBroot","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hash3liZer%2FWiFiBroot/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hash3liZer%2FWiFiBroot/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hash3liZer%2FWiFiBroot/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/hash3liZer","download_url":"https://codeload.github.com/hash3liZer/WiFiBroot/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248618243,"owners_count":21134200,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aircrack","crack","deauthentication-attack","eapol","handshake","hashcat","pmkid","python27","scapy","wireless-penetration-testing","wpa","wpa2","wpa2-cracker"],"created_at":"2024-08-01T09:01:30.495Z","updated_at":"2025-04-12T18:53:16.960Z","avatar_url":"https://github.com/hash3liZer.png","language":"Python","readme":"\u003ch1 align=\"center\"\u003e \n \u003cimg src=\"https://user-images.githubusercontent.com/29171692/80923734-0a498f00-8da3-11ea-94b4-1f67800a2c04.png\" alt=\"WiFiBroot\" /\u003e \n\u003c/h1\u003e\n\u003ch4 align=\"center\"\u003eA Wireless Pentest/Cracking Tool for 4-way Handshake \u0026 PMKID\u003c/h4\u003e \n\n## DESCRIPTION\nWiFiBroot is built to provide clients all-in-one facility for cracking WiFi (WPA/WPA2) networks. It heavily depends on **scapy**, a well-featured packet manipulation library in Python. Almost every process within is dependent somehow on scapy layers and other functions except for operating the wireless interface on a different channel. That will be done via native linux command **iwconfig** for which you maybe need *sudo* privileges. It currently provides **four** independent working modes to deal with the target networks. Two of them are online cracking methods while the other runs in offline mode. The offline mode is provided to crack saved hashes from the first two modes. One is for deauthentication attack on wireless network and can also be used as a jamming handler. It can be run on a variety of linux platforms and atleast requires WN727N from tp-link to properly operate. \n\n## Installation: \n\nIt only works with **Python 2**\n\nWiFiBroot heavily depends on scapy. So, you would need scapy installed. Almost, every other library would likely be installed on your system. Make sure the version you install for scapy should be `\u003c=2.4.0`. Newer versions are likely to throw some unknown errors.\n\n```\n$ sudo pip install scapy==2.4.0\n```\nThe script is supposed to be run under **sudo** but it will still work even if not run under the root mode. The basic necessary arguments are: \n\n```\n$ sudo python wifibroot.py -i [interface] -d /path/to/dictionary -m [mode]\n``` \n\n## Documentation : ##\n\nWiFiBroot uses modes to identify which attack you want to perform on your target. Currently, there are three available modes. The usage of each mode can be seen by supplying the **--help/-h** option right after the **-m/--mode** option. Here's a list of available modes and what they do: \n\n### Modes:\n```\nSyntax:\n $ python wifibroot.py [--mode [modes]] [--options]\n $ python wifibroot.py --mode 2 -i wlan1mon --verbose -d /path/to/list -w pmkid.txt\n\nModes:\n # Description Value\n 01 Capture 4-way handshake and crack MIC code 1\n 02 Captures and Crack PMKID (PMKID Attack) 2\n 03 Perform Manual cracking on available\n capture types. See --list-types 3\n 04 Deauthentication. Disconnect two stations\n and jam the traffic. 4\n\nUse -h, --help after -m, --mode to get help on modes. \n```\nEach mode has a specific purpose and has it's own options: \n### HANDSHAKE: \n```\nMode: \n 01 Capture 4-way handshake and crack MIC code 1\n\nOptions:\n Args Description Required\n -h, --help Show this help manual NO\n -i, --interface Monitor Interface to use YES\n -v, --verbose Turn off Verbose mode. NO\n -t, --timeout Time Delay between two deauth\n requests. NO\n -d, --dictionary Dictionary for Cracking YES\n -w, --write Write Captured handshake to\n a seperate file NO\n --deauth Number of Deauthentication\n frames to send NO \n\nFilters: \n -e, --essid ESSID of listening network\n -b, --bssid BSSID of target network.\n -c, --channel Channel interface should be listening\n on. Default: ALL\n```\n### PMKID ATTACK\n```\nMode: \n 02 Captures and Crack PMKID (PMKID Attack) 1\n\nOptions:\n Args Description Required\n -h, --help Show this help manual NO\n -i, --interface Monitor Interface to use YES\n -v, --verbose Turn off Verbose mode. NO\n -d, --dictionary Dictionary for Cracking YES\n -w, --write Write Captured handshake to\n a seperate file NO\n\nFilters: \n -e, --essid ESSID of listening network\n -b, --bssid BSSID of target network.\n -c, --channel Channel interface should be listening\n on. Default: ALL\n```\n### Offline Cracking\n```\nMode: \n 03 Perform Manaul cracking on available capture\n types. See --list-types 3\n\nOptions:\n Args Description Required \n -h, --help Show this help manual NO\n --list-types List available cracking types NO\n --type Type of capture to crack YES\n -v, --verbose Turn off Verbose mode. NO\n -d, --dictionary Dictionary for Cracking YES\n -e, --essid ESSID of target network. \n Only for HANDSHAKE Type YES\n -r, --read Captured file to crack YES\n```\n### DEAUTHENTICATION ATTACK (Stress Testing)\n```\nMode:\n 04 Deauthentication. Disconnect two stations\n and jam the traffic. 4\n\nOptions:\n Args Description Required\n -h, --help Show this help manual NO\n -i, --interface Monitor Mode Interface to use YES\n -0, --count Number of Deauthentication\n frames to send. '0' specifies\n unlimited frames YES\n --ap Access Point MAC Address NO\n --client STA (Station) MAC Address NO\n```\n### Examples\n\nTo Capture 4-way handshake and crack MIC code: \n```\n$ python wifibroot.py --mode 1 -i wlan1mon --verbose -d dicts/list.txt -w output.cap \n```\nTo Capture and Crack PMKID:\n```\n$ python wifibroot.py --mode 2 -i wlan1mon --verbose -d dicts/list.txt -w output.txt\n```\nOffline Crack Handshake and PMKID:\n```\n$ python wifibroot.py --mode 3 --type handshake --essid \"TARGET ESSID\" --verbose -d dicts/list.txt --read output.cap\n$ python wifibroot.py --mode 3 --type pmkid --verbose -d dicts/list.txt --read output.txt\n```\nDeauthentication attack in various form: \n```\n# Ultimate Deauthentication attack: \n$ python wifibroot.py --mode 4 -i wlan1mon -00 --verbose\n# Disconnect All Clients from Acess Point:\n$ python wifibroot.py --mode 4 -i wlan1mon --ap [AP MAC] --verbose\n# Disconnect a Specific Client: \n$ python wifibroot.py --mode 4 -i wlan1mon --ap [AP MAC] --client [STA MAC] --verbose\n```\n\n## Support ##\n\nWebsite: [https://www.shelvoide.com](https://www.shellvoide.com)\u003cbr\u003e\nTwitter: [@hash3liZer](https://twitter.com/hash3liZer)\u003cbr\u003e\nEmail: [admin@shellvoide.com](mailto://admin@shellvoide.com)\n","funding_links":[],"categories":["\u003ca id=\"1233584261c0cd5224b6e90a98cc9a94\"\u003e\u003c/a\u003e渗透\u0026\u0026offensive\u0026\u0026渗透框架\u0026\u0026后渗透框架","\u003ca id=\"8d233e2d068cce2b36fd0cf44d10f5d8\"\u003e\u003c/a\u003eWPS\u0026\u0026WPA\u0026\u0026WPA2"],"sub_categories":["\u003ca id=\"39931e776c23e80229368dfc6fd54770\"\u003e\u003c/a\u003e无线\u0026\u0026WiFi\u0026\u0026AP\u0026\u0026802.11","\u003ca id=\"37ca6907aa42dfd32db5973ff9eec83d\"\u003e\u003c/a\u003e新添加的"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhash3lizer%2Fwifibroot","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhash3lizer%2Fwifibroot","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhash3lizer%2Fwifibroot/lists"}