https://github.com/blwhit/wifireaper
Automate large-scale Wi-Fi deauthentication attacks. Discover vulnerable wireless networks, capture WPA/WPA2 handshakes, and collect password hashes for cracking.
https://github.com/blwhit/wifireaper
Last synced: 7 days ago
JSON representation
Automate large-scale Wi-Fi deauthentication attacks. Discover vulnerable wireless networks, capture WPA/WPA2 handshakes, and collect password hashes for cracking.
- Host: GitHub
- URL: https://github.com/blwhit/wifireaper
- Owner: blwhit
- Created: 2025-08-24T03:34:36.000Z (10 months ago)
- Default Branch: main
- Last Pushed: 2025-08-24T04:47:56.000Z (10 months ago)
- Last Synced: 2025-08-24T12:15:33.633Z (10 months ago)
- Language: Shell
- Homepage:
- Size: 21.5 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# WifiReaper
## Overview
Automatically discover and attack WiFi networks at scale. Mass deauthentication attacks to target WPA/WPA2 networks, and capture victim WiFi handshakes to be cracked for the cleartext password to the network.
## Features
- **Network Discovery**: Automatically scan and discover networks in range
- **Handshake Capture**: Execute deauth attacks to capture WPA/WPA2 handshakes
- **Continuous Attacking**: Run in a loop to continue cracking networks in range around the clock on intervals
- **Ready to Crack**: Uses hcxpcapngtool to validate captured handshakes and convert them to ready-to-crack Hashcat formats
- **Database**: Maintains local database of known cracked networks
## Example
## Requirements
- Kali Linux or compatible distribution
- WiFi adapter capable of monitor mode
- Required packages (auto-installed):
- aircrack-ng
- tshark
- hcxtools
## Installation
1. Clone the repository:
```bash
git clone https://github.com/blwhit/WifiReaper.git
cd WifiReaper
```
2. Make the script executable:
```bash
chmod +x WifiReaper.sh
```
## Usage
### Basic Scanning
```bash
# Scan only (no attacks)
sudo ./WifiReaper.sh wlan0 --scan
# Single attack run
sudo ./WifiReaper.sh wlan0
```
##### Defaults to running a 60-second discovery scan, and three 10-second deauthentication attacks per network.
### Advanced Options
```bash
# Continuously scan and attack all networks with 5-minute intervals
sudo ./WifiReaper.sh wlan0 --loop --wait 5
# Exclude specific networks
sudo ./WifiReaper.sh wlan0 -e "MyNetwork" -e "AA:BB:CC:DD:EE:FF"
# Custom scan and attack timeouts
sudo ./WifiReaper.sh wlan0 -ST 45 -DT 8 -DA 1
```
## Command Line Options
| Option | Description |
|--------|-------------|
| `-s, --scan` | Scan only mode (no attacks) |
| `-l, --loop` | Run continuously |
| `-w, --wait ` | Wait time between loop cycles |
| `-ST ` | Scan timeout (default: 60) |
| `-DT ` | Deauth timeout (default: 10) |
| `-DA ` | Deauth attempts per network (default: 3) |
| `-e, --exclude ` | Exclude network by ESSID or BSSID |
| `-i, --ignore` | Ignore cracked database |
| `-h, --help` | Show help message |
## Output Files
- **Captures**: Stored in `Data/WifiReaper_YYYY-MM-DD_HH-MM-SS/`
- **Converted Hashes**: Stored in `/Reaped` (`.hc22000` format)
- **Database**: `Data/wifireaper_cracked.db` (tracks successful captures)
## Notice
⚠️ **IMPORTANT**: This tool is for educational and authorized security testing purposes only. Only use on networks you own or have explicit permission to test. Unauthorized access to computer networks is illegal.