{"id":40184849,"url":"https://github.com/maxgfr/brutifi","last_synced_at":"2026-01-25T17:01:05.235Z","repository":{"id":331695244,"uuid":"1131814795","full_name":"maxgfr/brutifi","owner":"maxgfr","description":"High-performance WiFi security testing app in Rust for educational and authorized security audits.","archived":false,"fork":false,"pushed_at":"2026-01-19T21:00:28.000Z","size":1769,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-01-19T23:08:41.101Z","etag":null,"topics":["brute-force","bruteforce","bruteforce-attacks","cybersecurity","hashcat","hcxtools","iced","pentesting","rust","simd","wifi","wifi-audit","wifi-bruteforce","wifi-hacking","wifi-security","wlan","wpa","wpa2"],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/maxgfr.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-01-10T18:42:17.000Z","updated_at":"2026-01-19T21:00:31.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/maxgfr/brutifi","commit_stats":null,"previous_names":["maxgfr/bruteforce-wifi","maxgfr/brutifi"],"tags_count":17,"template":false,"template_full_name":null,"purl":"pkg:github/maxgfr/brutifi","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/maxgfr%2Fbrutifi","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/maxgfr%2Fbrutifi/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/maxgfr%2Fbrutifi/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/maxgfr%2Fbrutifi/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/maxgfr","download_url":"https://codeload.github.com/maxgfr/brutifi/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/maxgfr%2Fbrutifi/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28755561,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-25T16:32:25.380Z","status":"ssl_error","status_checked_at":"2026-01-25T16:32:09.189Z","response_time":113,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["brute-force","bruteforce","bruteforce-attacks","cybersecurity","hashcat","hcxtools","iced","pentesting","rust","simd","wifi","wifi-audit","wifi-bruteforce","wifi-hacking","wifi-security","wlan","wpa","wpa2"],"created_at":"2026-01-19T19:01:31.522Z","updated_at":"2026-01-25T17:01:05.210Z","avatar_url":"https://github.com/maxgfr.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"# BrutiFi 🔐\n\n\u003e Modern desktop application for WPA/WPA2 security testing on macOS with real-time feedback\n\n[![Release](https://github.com/maxgfr/bruteforce-wifi/actions/workflows/release.yml/badge.svg)](https://github.com/maxgfr/bruteforce-wifi/releases)\n[![CI](https://github.com/maxgfr/bruteforce-wifi/actions/workflows/ci.yml/badge.svg)](https://github.com/maxgfr/bruteforce-wifi/actions)\n[![Rust](https://img.shields.io/badge/Rust-1.70+-orange.svg)](https://www.rust-lang.org/)\n[![License](https://img.shields.io/badge/License-MIT-green.svg)](LICENSE)\n\n**⚠️ EDUCATIONAL USE ONLY - UNAUTHORIZED ACCESS IS ILLEGAL ⚠️**\n\nA high-performance macOS desktop GUI application for testing WPA/WPA2 password security through offline bruteforce attacks. Built with Rust and Iced, featuring dual cracking engines (Native CPU and Hashcat GPU) for maximum performance.\n\n## ✨ Features\n\n### Core Capabilities\n\n- 🖥️ **Modern Desktop GUI** - Built with Iced framework for smooth, native experience\n- 🚀 **Dual Cracking Engines**:\n  - **Native CPU**: Custom PBKDF2 implementation with Rayon parallelism (~10K-100K passwords/sec)\n  - **Hashcat GPU**: 10-100x faster acceleration with automatic device detection\n- 📡 **WiFi Network Scanning** - Real-time discovery with channel detection\n- 🎯 **Handshake Capture** - EAPOL frame analysis with visual progress indicators\n- 🔑 **Dual Attack Modes**:\n  - 🔢 Numeric bruteforce (PIN codes: 8-12 digits)\n  - 📋 Wordlist attacks (rockyou.txt, custom lists)\n- 📊 **Live Progress** - Real-time speed metrics, attempt counters, and ETA\n- 🔒 **100% Offline** - No data transmitted anywhere\n\n### Platform Support\n- 🍎 **macOS Native** - Apple Silicon and Intel support\n\n## 📦 Installation\n\n### macOS\n\n#### Quick Installation\n\n1. Download the DMG from the latest release (Apple Silicon or Intel).\n2. Open the DMG and drag **BrutiFi.app** to **Applications**.\n3. Launch the app — macOS will ask for the admin (root) password at startup to enable capture.\n\n#### Remove Quarantine Attribute (Required for GitHub downloads)\n\nWhen downloading from GitHub, macOS adds a quarantine attribute. You must remove it to launch the app:\n\n```bash\nxattr -dr com.apple.quarantine /Applications/BrutiFi.app\n```\n\n\u003e This removes security warnings, but WiFi capture in monitor mode still requires root privileges on macOS.\n\n### From Source\n\n```bash\ngit clone https://github.com/maxgfr/bruteforce-wifi.git\ncd bruteforce-wifi\ncargo build --release\n./target/release/bruteforce-wifi\n```\n\n## 🚀 Usage\n\n### Complete Workflow\n\n```text\n1. Scan Networks → 2. Select Target → 3. Capture Handshake → 4. Crack Password\n```\n\n### Step 1: Scan for Networks\n\nLaunch the app and click \"Scan Networks\" to discover nearby WiFi networks:\n\n- **SSID** (network name)\n- **Channel number**\n- **Signal strength**\n- **Security type** (WPA/WPA2)\n\n### Step 2: Select \u0026 Capture Handshake\n\nSelect a network → Click \"Continue to Capture\"\n\n**Before capturing:**\n\n1. **Choose output location**: Click \"Choose Location\" to save the .pcap file\n   - Default: `capture.pcap` in current directory\n   - Recommended: Save to Documents or Desktop for easy access\n2. **Disconnect from WiFi** (macOS only):\n   - Option+Click WiFi icon → \"Disconnect\"\n   - This improves capture reliability\n\nThen click \"Start Capture\"\n\nThe app monitors for the WPA/WPA2 4-way handshake:\n\n- ✅ **M1** - ANonce (from AP)\n- ✅ **M2** - SNonce + MIC (from client)\n- 🎉 **Handshake Complete!**\n\n\u003e **macOS Note**: Deauth attacks don't work on Apple Silicon. Manually reconnect a device to trigger the handshake (turn WiFi off/on on your phone).\n\n### Step 3: Crack Password\n\nNavigate to \"Crack\" tab:\n\n#### Engine Selection\n\n- **Native CPU**: Software-only cracking, works everywhere\n- **Hashcat GPU**: Requires hashcat + hcxtools installed, 10-100x faster\n\n#### Attack Methods\n\n- **Numeric Attack**: Tests PIN codes (e.g., 00000000-99999999)\n- **Wordlist Attack**: Tests passwords from files like rockyou.txt\n\n#### Real-time Stats\n\n- Progress bar with percentage\n- Current attempts / Total\n- Passwords per second\n- Live logs (copyable)\n\n## 🛠️ Development\n\n### Prerequisites\n\n- **Rust 1.70+**: Install via [rustup](https://rustup.rs/)\n- **Xcode Command Line Tools**: `xcode-select --install`\n\n### Build Commands\n\n```bash\n# Development build with fast compile times\ncargo build\n\n# Optimized release build\ncargo build --release\n\n# Run the app\ncargo run --release\n\n# Format code (enforced by CI)\ncargo fmt --all\n\n# Lint code (enforced by CI)\ncargo clippy --all-targets --all-features -- -D warnings\n\n# Run tests\ncargo test\n```\n\n### Build macOS DMG (Local)\n\nYou can build a macOS DMG installer locally from the source code:\n\n```bash\n# Build DMG (automatically detects architecture)\n./scripts/build_dmg.sh\n```\n\nThis will create:\n- `BrutiFi-{VERSION}-macOS-arm64.dmg` (Apple Silicon)\n- `BrutiFi-{VERSION}-macOS-arm64.dmg.sha256` (checksum)\n\n**Note**: The application is signed with ad-hoc signing by default, which is sufficient for local use and testing. No additional code signing is required.\n\n### Optional: Hashcat Integration\n\nFor GPU-accelerated cracking, install:\n\n```bash\nbrew install hashcat hcxtools\n```\n\n## 🔐 Security \u0026 Legal\n\n### Disclaimer\n\n#### Educational Use Only\n\nThis tool is for educational and authorized testing only.\n\n✅ **Legal Uses:**\n\n- Testing your own WiFi network security\n- Authorized penetration testing with written permission\n- Security research and education\n- CTF competitions and challenges\n\n❌ **Illegal Activities:**\n\n- Unauthorized access to networks you don't own\n- Intercepting communications without permission\n- Any malicious or unauthorized use\n\n**Unauthorized access to computer networks is a criminal offense** in most jurisdictions (CFAA in USA, Computer Misuse Act in UK, etc.). Always obtain explicit written permission before testing.\n\n## 🙏 Acknowledgments \u0026 inspiration\n\nThis project was inspired by several groundbreaking tools in the WiFi security space:\n\n- [AirJack](https://github.com/rtulke/AirJack) - As `brutifi` but in a Python-based CLI\n- [Aircrack-ng](https://github.com/aircrack-ng/aircrack-ng) - Industry-standard WiFi\n- [Pyrit](https://github.com/JPaulMora/Pyrit) - Pre-computed tables for WPA-PSK attacks\n- [Cowpatty](https://github.com/joswr1ght/cowpatty) - Early WPA-PSK cracking implementation\n\nThese tools demonstrated the feasibility of offline WPA/WPA2 password attacks and inspired the creation of a modern, user-friendly desktop application.\n\nSpecial thanks to the following libraries and tools:\n\n- [Iced](https://github.com/iced-rs/iced) - Cross-platform GUI framework\n- [Rayon](https://github.com/rayon-rs/rayon) - Data parallelism library\n- [pcap-rs](https://github.com/rust-pcap/pcap) - Rust bindings for libpcap\n- [Hashcat](https://github.com/hashcat/hashcat) - GPU-accelerated password recovery\n- [hcxtools](https://github.com/ZerBea/hcxtools) - Wireless security auditing tools\n\n## 📄 License\n\n[MIT License](LICENSE) - Use at your own risk\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmaxgfr%2Fbrutifi","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmaxgfr%2Fbrutifi","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmaxgfr%2Fbrutifi/lists"}