https://github.com/flashnuke/wifi-deauth
A deauth attack that disconnects all devices from the target wifi network (2.4Ghz & 5Ghz)
https://github.com/flashnuke/wifi-deauth
deauth deauthentication-attack deauther denial-of-service denial-of-service-attack dos dos-attack kali-linux pentest pentesting pentesting-tools security security-tools wifi wifi-attack wifi-deauth wifi-deauther wifi-security wireless-network
Last synced: about 2 months ago
JSON representation
A deauth attack that disconnects all devices from the target wifi network (2.4Ghz & 5Ghz)
- Host: GitHub
- URL: https://github.com/flashnuke/wifi-deauth
- Owner: flashnuke
- License: gpl-3.0
- Created: 2022-09-05T20:09:22.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2025-03-21T18:39:59.000Z (2 months ago)
- Last Synced: 2025-03-24T13:04:27.040Z (2 months ago)
- Topics: deauth, deauthentication-attack, deauther, denial-of-service, denial-of-service-attack, dos, dos-attack, kali-linux, pentest, pentesting, pentesting-tools, security, security-tools, wifi, wifi-attack, wifi-deauth, wifi-deauther, wifi-security, wireless-network
- Language: Python
- Homepage:
- Size: 149 KB
- Stars: 517
- Watchers: 14
- Forks: 59
- Open Issues: 12
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
A DoS attack that disconnects all devices from a target wifi network.
* The network's password is not required
* Tested on Kali NetHunter (Snapshot at the bottom)
**IMPORTANT**
In some occasions, network APs might operate on both 5GHz and 2.4GHz under the same BSSID/SSID name.
In order to truly bring the AP down, I usually run simultaneously two de-authers using 2 network interfaces: one for 2.4GHz and one for 5GHz.
| Bandwidth | Channel range |
|----------|---------------|
| 2.4 GHz | 1 <--> 14 |
| 5 GHz | 35 <--> 165 |
## How it works
The program iterates over all possible channels, and by sniffing `802.11` packets it determines which access points are available.
After the attacker chooses a target access point to attack, the program:
1. Continously sends spoofed deauthentication packets using broadcast mac address as the destination
2. Starts sniffing for clients that are connected to the AP by filtering for certain 802.11 packet frames and sending spoofed deauthentication packets to those clients in addition to the broadcast address
# Usage
#### Installing on the system
```bash
git clone https://github.com/flashnuke/wifi-deauth.git
cd wifi-deauth
sudo pip3 install .
sudo wifi-deauth -i
```
#### Running without installing
```bash
git clone https://github.com/flashnuke/wifi-deauth.git
cd wifi-deauth
sudo pip3 install -r requirements.txt # install requirements manually
cd wifi_deauth
sudo python3 wifi_deauth.py -i
```
### Usage notes
* `` is the name of the network interface (i.e `wlan0` or `eth0`) that supports packet injection
* `--deauth-all-channels` - try this option if the attack doesn't work (see more in [Optional Arguments](https://github.com/flashnuke/wifi-deauth/tree/main?tab=readme-ov-file#optional-arguments))
* `--autostart` is good for automation - first make sure that only 1 access point is found, you can use filters (bssid, ssid, channels, etc...) to ensure that
* The initial iteration over all channels might take a minute or two (depends on how many bands the interface supports)
### Optional arguments
* `--deauth-all-channels` - send de-auth packets on all allowed channels (or all custom channels if `--channels` is set) iteratively, effective against access points that switch to a different channel as a protection mechanism
* `--ssid ` - filter for a specific SSID by a case-insensitive substring (this should shorten the channel-scanning duration), whitespaces should be passed with an escape character (i.e -> `new\ york`)
* `--bssid ` - filter for a specific BSSID (the access point's MAC address), case in-sensitive
* `--autostart` - start the de-auth loop automatically, works only when one access point is found
* `--channels ` - scan for specific channels only, otherwise all supported channels will be scanned
* `--clients ` - target only specific clients to disconnect from the AP, otherwise all connected clients will be targeted (note: using this option disables deauth broadcast)
* `--debug` - enable debug prints
* `--kill` (or run `sudo systemctl stop NetworkManager`) - kill NetworkManager service which might interfere with the attack
* `--skip-monitormode` - enable monitor mode manually (otherwise the program does it automatically)
### Misc notes
* Setting custom client mac addresses (`--clients`) is not suggested, as some clients might reconnect using a random MAC address which is different than the one set
* Check `ifconfig` to find the interface nickname
* Works for 2.4GHhz and 5Ghz
### Requirements
* Linux OS
* A network adapter that supports monitor mode and packet injection
* Scapy library (listed in `requirements.txt`)
# Deadnet & other projects
Feel free to check out my other projects, the most recent one being [mod-rootkit](https://github.com/flashnuke/mod-rootkit), which is a Linux kernel-level rootkit designed to hide files, processes, and network activity.
There's another project ([deadnet](https://github.com/flashnuke/deadnet)) that performs a DoS attack on networks, which requires credentials but quite effective nonetheless.
# Disclaimer
This tool is only for testing and can only be used where strict consent has been given. Do not use it for illegal purposes! It is the end user’s responsibility to obey all applicable local, state and federal laws. I assume no liability and am not responsible for any misuse or damage caused by this tool and software.
Distributed under the GNU License.