Awesome

WiFi Arsenal

Repo fully maintained by 0x90/wifi-arsenal

README.md created by techge/wifi-arsenal

Table of Contents

• General WiFi Information
• Noteworthy Tools of Different Categories
• Attack/PenTesting
  • Denial of Service
  • Encryption Attack
    • WEP/WPA/WPA2
    • WPS
    • Others
  • Injection
  • Rogue AP/Fake AP/ MITM
  • Sniffing
  • Wardriving
  • Miscellaneous Attacking Tools
• Information Gathering
• Defence/Detection
• Libraries/General Purpose Tools
• Visualization
• Localisation
• Configuration/setup
• Monitoring
• Miscellaneous/not sorted :)

TOC created by gh-md-toc

General WiFi Information

• 802.11 frames - A starter guide to learn wireless sniffer traces
• 80211 Pocket Reference Guide - Cheat Sheet for 802.11
• 802.11p-wireless-regdb - Wireless regulatory database for CRDA
• 802.11 Wireless Networks: The Definitive Guide - Partly open chapters of O‘Reilly 802.11 book
• Armory - The 802.11 Hacking Repo (Meta Information, Link collection)
• Awesome-wifi-security - A collection of awesome resources related to 802.11 security, tools and other things
• Call-for-wpa3 - Call for WPA3 - what's wrong with WPA2 security and how to fix it
• Known manufacturer MAC list -
• Wikipedia - IEEE802.11 site of Wikipedia

Noteworthy Tools of Different Categories

• Aircrack-ng - WiFi security auditing tools suite
• airgeddon - This is a multi-use bash script for Linux systems to audit wireless networks
• karma - KARMA Attacks Radioed Machines Automatically (KARMA)
• kismet - Wireless network detector, sniffer, and intrusion detection system
• mdk3_6.1 - A fork and modification of the original MDK3
• pyrit - The famous WPA precomputed cracker, Migrated from Google
• Scapy - Python-based interactive packet manipulation program & library
• waidps - Wireless Auditing, Intrusion Detection & Prevention System
• WiFi-Pumpkin - Framework for Rogue Wi-Fi Access Point Attack
• Wireless-ids - Ability to detect suspicious activity such as (WEP/WPA/WPS) attack by sniffing the air for wireless packets
• zarp - Network attack tool centered around the exploitation of local networks

Attack/PenTesting

Denial of Service

• 80211mgmtDoS - 802.11 DoS Attacks based on unprotected Management frames
• airodump_mod - Improved version of airodump-ng with ability to kick-off a stations from AP
• android_packetspammer - Packetspammer sends unencrypted broadcast packets down a mac80211 wireless interface that should be set for Monitor mode
• apflood - Flood area with fake essids
• dw - Small tool for sending 802.11 disassociation and deauthentication packets to specific clients.
• hwk - Hwk is a collection of packet crafting/network flooding tools
• JamWiFi - A GUI, easy to use WiFi network jammer for Mac OS X
• Mass-deauth-attack - A program that does Deauthentication Attack on every nearby wireless device
• Mass-deauth - A script for 802.11 mass-deauthentication
• mdk3_6.1 - A fork and modification of the original MDK3
• modwifi - Advanced Wi-Fi Attacks Using Commodity Hardware
• netattack - Python script that allows you to scan your local area for WiFi Networks and perform deauthentification attacks
• Scapy-deauth - Scapy based wifi Deauth
• ska - Framework for sniffing ieee80211 packets and generating deauth packets and sending raw packets.
• wificurse - WiFi DoS attack tool created for educational purposes only. It works only in Linux and requires wireless card drivers capable of injecting packets in wireless networks
• WifiDeauth - A lightweight Wi-Fi auto deauthentication attack tool (libtins/C++)
• wifijammer - Continuously jam all wifi clients/routers
• WiFi-Rifle - Creating a wireless rifle de-authentication gun, which utilized a yagi antenna and a Raspberry Pi
• wirelessjammer - Continuously jam all wifi clients and access points within range
• zizzania - Automated DeAuth attack

Encryption Attack

WEP/WPA/WPA2

• Eicrog - WEP key generator for predictable key weaknesses
• huawei_wifi - Wifi utilities for finding Huawei routers' default key
• Aircrack-ng - WiFi security auditing tools suite
• airmode - AirMode is a GUI that can help you to use the Aircrack framework
• airoscriptng - Airoscript-ng python complete implementation
• Airvengers - A GUI to pentest wifi Network, based on Aircrack-ng tools
• asleap - Recovers weak LEAP password. Pronounced asleep.
• autokwaker - Creating an auto cracker for 802.11 networks
• cenarius - Cenarius tool for crack Wi-Fi , crack wpa-psk , crack wpa2-psk , crack wep , crack wps pin and crack hidden AP . cenarius psk crack
• cherry - Distributed WPA/WPA2 cracker
• Cowpatty - Offline dictionary attack against WPA/WPA2 networks using PSK-based authentication (e.g. WPA-Personal)
• dot11decrypt - An 802.11 WEP/WPA2 on-the-fly decrypter.
• Fern-wifi-cracker - Crack and recover WEP/WPA/WPS keys and also run other network based attacks on wireless or ethernet based networks
• HandShaker - Detect, capture, crack WPA/2 handshakes, WEP Keys and geotag with Android GPS
• hcxtools - Solution for capturing wlan traffic and conversion to hashcat formats (recommended by hashcat) and to John the Ripper
• kismet-deauth-wpa2-handshake-plugin - Python plugin for Kismet to perform deauthentication to collect WPA2 handshakes
• marfil - Assess WiFi network security. It allows to split the work of performing long running dictionary attacks among many computers
• peapwn - Proof-of-concept implementation of the Apple relay attack in Python
• pyrcrack - Python Aircrack-ng
• pyrit - The famous WPA precomputed cracker, Migrated from Google
• pythonAir - Flask/aircrack
• uploadwpa - This module will upload a wpa handshake from a single capture file to an online hash cracker site
• WiFi-autopwner - Script to automate searching and auditing Wi-Fi networks with weak security
• Wifi-bruteforcer-fsecurify - Android application to brute force WiFi passwords without requiring a rooted device
• wificracking - Crack WPA/WPA2 Wi-Fi Routers with Airodump-ng and Aircrack-ng/Hashcat
• Wifi-hacker - Shell Script For Attacking Wireless Connections Using Built-In Kali Tools. Supports All Securities (WEP, WPS, WPA, WPA2)
• wifite2 - Python script for auditing wireless networks
• wifite - An automated wireless attack tool
• Wifite-mod-pixiewps - Wifite with PixieWPS support
• Wifite-openwrt - Wifite for the WiFi Pineapple NANO + TETRA (Chaos Calmer - openWrt)
• wlandecrypter - Dictionary attack (spanish)
• WPA2-HalfHandshake-Crack - Capture enough of a handshake with a user from a fake AP to crack a WPA2 network without knowing the passphrase of the actual AP
• wpa2hc - Quick script to automate converting WPA .cap files for Hashcat .hccap files.
• Wpa-autopwn - WPA/WPA2 autopwn script that parses captured handshakes and sends them to the Crackq
• Wpa-bruteforcer - Attacking WPA/WPA encrypted access point without client.
• wpacrack - Open-source distributed Wifi-Protected Access (WPA) cracker
• WPA_DECRYPTION_MPI - WPA/WPA2 for cluster processing
• WPAdiz - Bruteforce - New method for generate dictionaries (Wireless)

WPS

• autoreaver - Automatically exported from code.google.com/p/auto-reaver
• bully - New implementation of the WPS brute force attack, written in C
• greaver - GUI for Reaver, WPS brute force tool
• HT-WPS-Breaker - HT-WPS Breaker (High Touch WPS Breaker)
• Penetrators-wps - Experimental tool that is capable of attacking multiple WPS-enabled wireless access points in real time.
• phpreaver - A command line PHP script which uses the reaver WPS pin cracker to test multiple AP's with multiple WiFi adapters.
• Pixiewps-android - Pixiewps is a tool written in C used to bruteforce offline the WPS pin exploiting the low or non-existing entropy of some APs (pixie dust attack).
• pixiewps - An offline WPS brute-force utility
• pyReaver - WPS attack tool written in Python
• pyxiewps_WPShack-Python - Wireless attack tool written in python that uses reaver, pixiewps and aircrack to retrieve the WPS pin of any vulnerable AP in seconds
• reaver_reattempt - Change the Mac address of the wifi connection as well as the emulated one created by airmon-ng in an attempt to avoid being locked out of routers for repeated WPS attack attempts
• Reaver-ui - Hacky UI to wrap around reaver-wps
• Reaver-webui - Simple WebUI to crack wireless networks using reaver
• Reaver-wps-fork-t6x - Community forked version which includes various bug fixes, new features and additional attack method (such as the offline Pixie Dust attack)
• Reaver-wps - Brute force attack against Wifi Protected Setup
• wpscrack - Continuation of wpscrack originally written by Stefan Viehböck
• wps - WPS related utilities
• WPSIG - Simple tool (written in Python) that does information gathering using WPS information elements.
• wpsoffline - PoC for routers vulnerable with WPS and deficiencies in their PRNG state
• Wps-scripts - WPS hacking scripts
• Wps-Ultimate-Cracker - This script will help help you to get the most of router in morocco by using pixiewps , reaver , aircrack-ng ,wifite

Others

• apbleed - Allows you to use existing heartbleed tools to test the RADIUS server
• eapmd5pass - An implementation of an offline dictionary attack against the EAP-MD5 protocol. This utility can be used to audit passwords used for EAP-MD5 networks from wireless packet captures, or by manually specifying the challenge, response and associated authentication information.
• haircrack - Automated aircrack/reaver/pyrit (An interface for aircrack/reaver/pyrit written in python. The interface itself may never get finished.)
• IKECrack - IKE/IPSec authentication crack tool. This tool is designed to bruteforce or dictionary attack the key/password used with Pre-Shared-Key [PSK] IKE authentication.
• Wpe-parse - This is a simple parsing script to convert output from hostapd-wpe (which makes John the Ripper-formatted logs) to Hashcat format.

Injection

• Aggr-inject - Remote frame injection PoC by exploiting a standard compliant A-MPDU aggregation vulnerability in 802.11n networks.
• Aircrack-db - A list of wireless cards tested with the dual-card injection test and in the field
• airown - Packet injection tool
• airpwn - A generic packet injection tool for 802.11 networks.
• Airpwn-ng - New and improved version of airpwn
• Iitis-generator - Software for distributed statistical evaluation of IEEE 802.11 wireless networks using Linux mac80211 packet injection facility
• libfcap - Library for manipulate 802.11 frame in monitor mode
• libmoep - Allows for frame injection on monitor mode devices with per-frame radiotap options such as TX rate / MCS index and RTS/CTS protection
• Lorcon-examples - Various examples and patches for LORCON
• lorcon - A common injection and control library for wireless packet crafting
• lrc - Fast Wi-Fi hijacker in C, based on AirPwn ideas and LORCON
• moepdefend - Example monitoring/injection tool based on libmoep
• packetinjector - Packet analyzer and injector, written in JavaScript
• packetvector - 802.11 management packet injection tool based on packetspammer
• pylorcon2 - Pure Python wrapper for the LORCON library.
• wifitap - WiFi injection tool through tun/tap device
• wiwo - Wiwo is a distributed 802.11 monitoring and injecting system that was designed to be simple and scalable
• wperf - 802.11 frame injection/reception tool for Linux mac80211 stack

Rogue AP/Fake AP/ MITM

• Aerial - Multi-mode wireless LAN Based on a Software Access point for Kali Linux.
• AIRBASE-NG-SSLSTRIP-AIRSTRIP- - AIRBASE-NG + SSLSTRIP = AIRSTRIP
• cupid - Patch for hostapd and wpa_supplicant to attempt to exploit heartbleed on EAP-PEAP/TLS/TTLS connections
• FakeAP - Create fake AP in Kali with 1 command
• fakeaps - Fake Access Points using Atheros wireless cards in Linux
• fluxion - Fluxion is the future of MITM WPA attacks
• FuzzAP - A python script for obfuscating wireless networks
• Hostapd-karma - DigiNinja patches to hostapd for rogue access points.
• Hostapd-wpe-extended - Modification and tools for using hostapd for rogue AP attacks impersonating WPA-Enterprise networks to steal user credentials
• Hostapd-wpe - Modified hostapd to facilitate AP impersonation attacks
• karma - KARMA Attacks Radioed Machines Automatically (KARMA)
• mana - Our mana toolkit for wifi rogue AP attacks and MitM
• mitmAP - A python program to create a fake AP and sniff data
• Mitm-helper-wifi - Make it easy and straight-forward to configure a Ubuntu virtual machine to act as a WiFi access point (AP)
• Mitm-rogue-WiFi-AP - MITM Attack Example Code with Rogue Wi-Fi AP
• openrtls -
• Platform-hostapd - Wireless access point for experimental-platform.
• PwnSTAR - PwnSTAR (Pwn SofT-Ap scRipt) - for all your fake-AP needs
• rogue_ap - RogueAP_hostapd.py is a script designed to create a Rogue Access Point
• rogueap - Start a rogue access point with no effort, with support for hostapd, airbase, sslstrip, sslsplit, tcpdump builtin
• rogueDetect -
• RogueSploit - Powerfull Wi-Fi trap
• Rspoof - Wifi Automated Fake HotSpot Hijacking with aicrack-ng, airbase, ssl-strip, and dns spoof in Python
• Scapy-fakeap - Fake wireless Access Point (AP) implementation using Python and Scapy
• snifflab - Scripts to create your own MITM'ing, packet sniffing WiFi access point
• startools - To use a RasPi to do an Evil Twin attack and capture 802.1x RADIUS creds
• wifi_honey - Setting up four fake access points, each with a different type of encryption, None, WEP, WPA and WPA2 and the seeing which of the four the client connects to
• wifiphisher - Automated victim-customized phishing attacks against Wi-Fi clients
• WiFi-Pumpkin - Framework for Rogue Wi-Fi Access Point Attack
• wifisoftap -
• Wifi_Trojans - Collection of wireless based bind and reverse connect shells for penetration testers

Sniffing

• Airodump-iv - A python implementation of airodump-ng
• Airodump-logger - Logging clients with airodump-ng
• Airport-sniffer - Very simple Wi-Fi sniffer and dump parser for built-in macbook AirPort Extreme card. Only native MacOS tools used.
• airtraf - Wireless 802.11 network sniffer and analyzer
• darm - Intelligent network sniffer for the masses
• datasamalen - Pick up wifi-probe requests
• DeSniffer - 802.11 wireless sniffer
• dot11sniffer - Sniffs 802.11 traffic and counts the number of active wireless devices in an area
• eap_detect - A simple script using the python library Scapy to detect the 802.1X authentication mechanism
• handshakeharvest -
• liber80211 - 802.11 monitor mode for Android without root
• libpcap-80211-c - Sniffs on a RFMON-enabled device for a beacon when compiled, linked and loaded
• mac80211-user - Intercept 80211 data frame and put it into userspace
• milicone - Investigating interaction with wireless communication traffic
• Mr-nosy - Liked to know about everything that was going on
• mupe - MUltiPath Estimator - Create statistical analysis of 802.11 Radiotap sniffs
• Naive-project -
• Native-WiFi-API-Beacon-Sniffer - Tool that dumps beacon frames to a pcap file. Works on Windows Vista or Later with any Wireless Card
• oculus - Lightweight tool to collect traces from wifi
• ofxSniffer - Wrapper for the libtins library. Libtins can be used to sniff network packages, or to generate network pacakages yourself.
• phystats - Gather & plot ieee80211 counters from Linux debugfs
• probecap - A quick and dirty utility to capture and store WiFi probes.
• probemon - Monitors 802.11 probe packets sent from roaming mobile devices. Developed using PyLorcon2.
• probesniffer - A tool for sniffing unencrypted wireless probe requests from devices
• rifsniff - Remote Interface Sniffer
• ScapyGELFtoGraylog2 - Sniff some 802.11 packages and send the date and MAC with GELF UDP to Graylog2
• Scapy-wireless-scanner - Simple wireless scanner built using Scapy Library
• SSIDentity - Passive sniffing of 802.11 probe requests, stored in a central database.
• TCP-SeqNum - Means to sniff 802.11 traffic and obtain TCP session info using netfiter_queue. Use that data to construct a packet in scappy.
• wallofshame - Multi protocol sniffer, created for ChaosConstruction conference HackSpace
• Watcher - Canari framework based Maltego transform pack that allows you to perform wireless sniffing within Maltego
• WiFi-802.11-Demo-Sniffer - This 802.11 sniffer written in Python provides a useful tool to raise awareness at the amount of data phones release for anyone to read.
• Wifi-harvester - For collecting probed SSID name by wireless devices, Access point detail and connected clients.
• wifijamMac - Allows you to select one or more nearby wireless networks, thereupon presenting a list of clients which are currently active on the network(s)
• Wifimon - Wi-fi 802.11 Beacon Frame sniffer
• Wifi-scan - Short python script scans for probe requests from whitelisted WiFi clients
• wifispy - Sniff Wifi traffic, log device addresses
• Wireless-info - Obtain information about wireless interfaces from MAC80211 stack
• Wireless-radar - DF and other tools to explore a 2.4GHz environment
• Wireless-Sniffer - A 802.11 wireless sniffer tool (c-based)

Wardriving

• MappingWirelessNetworks - Code, data, and (possibly) schematics for recording wireless network data around a city
• WAPMap - Parse Kismet .netxml output and then return a CSV file that can be uploaded to Google Maps Engine to map WEP or OPEN networks
• warcarrier - An NCURSES-based, all-in-one instrument panel for professional Wardriving
• WifiScanAndMap - A Linux Python application to create maps of 802.11 networks

Miscellaneous Attacking Tools

• 80211scrambler - Small collection of tools in Verilog for working
• airgeddon - This is a multi-use bash script for Linux systems to audit wireless networks
• airodump_mar_attack - Maroviher attack
• AirPirate - Android 802.11 pentesting tool
• airspf - AirSpoof/Airpwn ??
• airxploit - Wireless discovery and exploitation framework written in Python
• AtEar - Wireless Hacking, WiFi Security, Vulnerability Analyzer, Pentestration
• BoopSuite - A Suite of Tools written in Python for wireless auditing and security testing.
• chap2aleap - Work with asleap+genk
• CloudCrackInstaller - Script which installs Crunch, Pyrit and Cowpatty on a running Amazon EC2 Cluster GPU Instance to crack WPA and WPA2 keys.
• Crippled - WPA/WPA2 Belkin.XXXX, Belkin_XXXXXX, belkin.xxx and belkin.xxxx router default key generator.
• eapeak - Analysis Suite For EAP Enabled Wireless Networks
• Easy-creds - Leverages tools for stealing credentials during a pen test
• FruityWiFi - Wireless network auditing tool
• Hijacker - Aircrack, Airodump, Aireplay, MDK3 and Reaver GUI Application for Android
• killosx - Use the Apple CoreText exploit (CVE-2012-3716) and launch an AP to affect all devices within wifi range
• LANs.py - Inject code, jam wifi, and spy on wifi users
• Null-packet-wifi-promt - Simple script to prompt responses from wireless devices with a known MAC address
• PiWAT - Wireless Attack Toolkit
• Python-wireless-attacks - Wireless Attacks in Python (Based on blog series)
• Secpi - Python based script for wifi pentesting on the RasPi
• Sly-fi - Wifi pwnage automation
• smoothie - Web based wireless auditory tools
• WHAT-PRO - 802.11 Exploitation Tool for use with Kali 2. More tools available than WHAT or WHAT Pi
• Wi-door - Wi-Fi Backdoors
• WIDSTT - Wireless Intrusion Detection Systems Testing Tool – test your WIDS by performing attacks
• WifiAttack -
• wifi-default-password - Bash script that tries all the default passwords for a particular wifi access point
• wifimonster - Wifi sniffing and hijacking tool
• wifuzz - Access Point 802.11 stack fuzzer
• wifuzzit - A 802.11 wireless fuzzer
• wtf - Wireless Test Framework. Collection of test suites for validating various wifi functionality on various wifi devices.
• zarp - Network attack tool centered around the exploitation of local networks

Information Gathering

• 3WiFi Database - Collect data from Router Scan log reports, search for access points, obtain its geolocation coordinates, and display it on world map
• access_points - Scan your WiFi and get access point information and signal quality
• Accumulation-rssi - Linux utility for accumulation of WiFi RSSI to text file. Using nl80211, Managed mode. Useful for experiments with WiFi (example, localization)
• airscan - Wi-Fi scanning utility for the Nintendo DS
• basiciw - Retrieve information such as ESSID or signal quality from wireless cards (Python module)
• Get-rssi - Linux utility for getting RSSI WiFi of APs to text file. Using Monitor mode, libpcap.
• IndoorPositionr - Indoor positioning using Android to provide the surrounding Access Points signals and guess the position
• Isniff-GPS - Passive sniffing tool for capturing and visualising WiFi location data disclosed by iOS devices
• rssi - Indoor localisation using RSSI. RSSI is received signal strength indicator in IEEE 802.11 beacon packet to announce the presence of WiFi
• whoishere - WIFI Client Detection - Identify people by assigning a name to a device performing a wireless probe request.
• Wifi-Dumper - Dump the wifi profiles and cleartext passwords of the connected access points on the Windows machine
• Wifi-monitor - Prints the IPs on your local network that're sending the most packets ack = 802.11 control frame acknowledgement or …
• WIG - Tools for 802.11 information gathering.

Defence/Detection

• badkarma - BadKarma is a simple python script used to detect and disrupt rouge access points/honeypots using the karma attack such as the wifi pineapple
• EvilAP_Defender - Protect your Wireless Network from Evil Access Points
• huntpineapples - WiFi Pineapple hunter from DC23
• KisMac2 - Free, open source wireless stumbling and security tool for Mac OS X
• kismetclient - A Python client for the Kismet server protocol
• kismet - Wireless network detector, sniffer, and intrusion detection system
• kismon - A GUI client for kismet
• Openwips-ng - Open source and modular Wireless IPS (Intrusion Prevention System)
• Python-kismet - Python threaded listener to Kismet broadcasts
• RogueDetection - Rogue Access Point Detection and WIDS
• waidps - Wireless Auditing, Intrusion Detection & Prevention System
• Wave - 802.11 IDS, visualizer, and analytics platform for the web
• Wireless-forensics-framework - Automated Wireless Penetration Testing and Carrying out Wireless Forensics in Python
• Wireless-ids - Ability to detect suspicious activity such as (WEP/WPA/WPS) attack by sniffing the air for wireless packets
• wmd - Simple solution for the detection and location of Rogue Access Points.
• wraith - Wireless Reconnaissance And Intelligent Target Harvesting
• wspy - Python tool to create a wireless ids it detects which clients are connected to a network to allow the creation of usage patterns of a netowrk by the clients

Libraries/General Purpose Tools

• 80211p_raw - Raw socket utilities for 802.11p transmission
• 80211_raw - Sender and receiver for WiFi (IEEE802.11) network with raw sockets
• banjax - Library for low-level programming of IEEE 802.11 wireless network interfaces on the GNU/Linux operating system
• dot11er - Some tools for playing with IEEE802.11
• Frame-utils.js - A collection of utilities for processing streams of 80211 frames and radiotap headers.
• Gopacket-80211 - Extra gopacket layers for Radiotap and 802.11 (has been integrated in Gopacket)
• itamae - 802.11 radiotap and MPDU parser
• Libairpcap-nl - Implementation of AirPcap library, targetting the NL80211 protocol.
• libuwifi - C library for parsing, generating and analyzing Wifi (WLAN 802.11) frames in userspace and related functions
• packetparser - IEEE 802.11 packetparser
• pcap2xml - Convert 802.11 Packet Traces to XML and SQLITE Format
• PCS - Set of Python modules and objects that make building network protocol code easier for the protocol developer
• Probr-core - The core-component for generic WiFi tracking: remote device management, packet capturing, packet storage
• py80211 - Suite of libraries for parsing 802.11 packets as well as managing wireless cards and working with 802.11 information
• PyRIC - PyRIC (is a Linux only) library providing wireless developers and pentesters the ability to identify, enumerate and manipulate their system's wireless cards programmatically in Python.
• python3-wifi - Python WiFi is a Python module that provides read and write access to a wireless network card's capabilities using the Linux Wireless Extensions.
• Python-radiotap - Tiny lib for parsing radiotap/802.11 headers in python
• python-wifi - Python WiFi is a Python module that provides read and write access to a wireless network card's capabilities using the Linux Wireless Extensions.
• Qca-swiss-army-knife - Hosts a set of utilities that we use to debug / help with our driver development
• Radioparse - A WiFi protocol parser that can be used with radiotap packets and node-pcap
• Scapy - Python-based interactive packet manipulation program & library
• Wifi-scan - A nl80211 C/C++ library for monitoring signal strength of WiFi networks
• wifi-scripts - Misc scripts and tools for WiFi
• wireless - Dead simple, cross-platform Python library to connect to wireless networks

Visualization

• airview - A python web application compliment to py80211 which allows you to visualize the airwaves around you with your web browser.
• speccy - Visualization tool for ath spectral scan
• Wifi-contour - A contour mapping program of wireless 802.11 signal strength
• Wifi-heatmap - Generate heatmaps of wifi coverage with Python
• wifiscanvisualizer - Wi-Fi Scan Visualizer by Pentester Academy
• Wifi-Signal-Plotter - A Python script for graphing and comparing the WiFi signal strengths between WiFi adaptors in Windows or Linux.
• wifivis - Visualize some mit wifi access point data
• wipi - Visualize the WiFi packages that are floating around us all the time.
• Wlan-stats - Tool chain using tshark to pull data from pcaps, further process them in python, and graph the output in R.

Localisation

• Find-lf - Track the location of every Wi-Fi device (📱) in your house using Raspberry Pis and FIND
• geowifi - This is a Geographic WiFi Positioning program written under the Linux.(it is also a WiFi Positioning API written for C language
• GrapplingHook - Open Source 802.11 Direction Finder
• gtaiad - Indoor Wi-Fi navigation prototype using triangulation
• Openwifimap-api - OpenWiFiMap database and its api
• Python Wi-Fi Positioning System - Python Wi-Fi Positioning System - Wi-Fi geolocation script using the Google Geolocation API
• pyWPSLocation - Using Python for localisation using Google Geolocation API (GGAPI) and WiFi Positioning System (WPS)
• whereami - Uses WiFi signals 📶 and machine learning to predict where you are
• Wifi-geolocation - Get your latitude/longitude via wifi access points
• Wifi-localization - Wifi Localization using a map and reference
• Wifi-locator - Determines physical location of station judging from 802.11 beacons' BSSID/Signal/Noise/Quality information.
• Wi-finder - Wi-Fi hotspot finder
• Wlan-pos - Location fingerprinting and triangulation engine for WLAN (IEEE802.11,aka WiFi) environment.

Configuration/setup

• 802.11p-iw - Wireless configuration tool (UNIX)
• agentapd - Agent of WiFi hardware
• AirLibre - Python API For UBNT AirOS Devices
• Atheros-AR9271 - Kernel Extension for AR9271 chipset (Wireless USB Card)
• AtherosROMKit - Atheros ROM modding and recovery kit
• cac - A Centralized Adaptive Control algorithm that optimises the performance of IEEE 802.11 WLANs
• captiveportal - A captive portal that can be used on most linux distributions.
• cloudap - AP Manager in Cloud,AP Hardware on your side
• connme - Client for Hostapd
• crda - Central Regulatory Domain Agent
• create_ap - This script creates a NATed or Bridged WiFi Access Point.
• disable-802.11b-snmp - A tool to set 802.11 protocols on thousands of Access Points with SNMP.
• Do-wifi - Command line tool for scanning and connecting to wifi networks in Linux.
• full_permissive_unlock_ath - This kernel patch enable all 2GHZ & 5GHZ channels (without restriction) for ath9k & ath5k forced to use buildin world regulatory
• FWAP - Minimal, very lightweight access point implementation
• hostapd - Python script to make using and configuring hostapd easier
• hostapd - User space daemon for access point and authentication servers
• Hostapd-mana - Hostapd-mana for the 6.th gen. Wifi Pineapple, and OpenWRT
• hostapd-mana-openwrt - Hostapd-mana - build-files, and installation-files for OpenWRT
• Hostapd-with-WebID - WebID integrated hostapd
• Hostapd-wpe-openwrt - Hostapd-wpe (Wireless Pwnage Edition) packages for OpenWRT Barrier Breaker 14.07
• hotspotd - Simple daemon to create a wifi hotspot on Linux
• IEEE802.11-complete - IEEE802.11 protocol, including PHY, MAC, and rate adaptation approaches upon GNURadio/USRP software-defined radio platform
• Linux-wifi-tools - A set of Linux command line tools for managing and troubleshooting wifi
• monmob - Set of tools to provide monitor mode and raw frame injection for devices using broadcom chipsets bcm4325, bcm4329 and bcm4330
• nexmon - The C-based Firmware Patching Framework for Broadcom/Cypress WiFi Chips that enables Monitor Mode, Frame Injection and much more
• PyWiWi - Python Windows Wifi
• reghack - Replaces the regulatory domain rules in the driver binaries with less restrictive ones
• RegMon - RegMon is a Atheros WiFi card register monitoring tool for Linux OpenWrt
• remoteapd - Remote NL80211-Extent driver for Hostapd 2.0
• resfi - Framework supporting creation of RRM functionality in residential WiFi deployments
• rollmac - Automated WiFi limit evasion
• RT73-USB-Wireless- - Patched version of RT73USBWireless for Yosemite
• RTL8188-hostapd - Hostapd for Realtek RTL8188
• Wifi-ap - Library wrapper around hostapd and dnsmasq and their respective configuration files that allows for programmatically creating access points in Debian-based Linux environments
• Wifi-frequency-hacker - A modified frequency regulatory domain configuration that doesn't limit you.
• Wifi-pentesting - Wifi Penetration Testing of Home Network
• WirelessConfig - A 802.1x Python wireless configuration tool with Cocoa wrappers

Monitoring

• como - CoMo is a passive monitoring system that supports arbitrary real time traffic queries
• horst - Lightweight IEEE802.11 wireless LAN analyzer with a text interface. Its basic function is similar to tcpdump, Wireshark or Kismet, but it's much smaller and shows different, aggregated information which is not easily available from other tools.
• scapybase - 802.11 monitor AP based on scapy
• Scapy-survey - 802.11 signal strength logger using Scapy
• sigmon - Modular WiFi/RF Monitoring and Analysis Implementation
• Uniband-installer - Wireless monitoring framework to help using kismet dumpcap and horst (installation files)
• Wifi-linux - Simple python script to monitor access point signal strength.
• Wifi-monitor -
• Wifi-monitor - Python, py_libpcap, handover
• WiPy - Sends the WiFi signal strength from multiple clients to a central server. Built for Arch Linux ARM running on Raspberry pi 2
• WLAN-Monitoring - Monitor our vicinity to monitor wireless devices and traffic
• wmon - A Wireless Network Monitor with advanced measurement capabilities.

Miscellaneous/not sorted :)

• 80211ping - Linux command-line tool to ping 802.11 stations (e.g. any WiFi device)
• acs - Automatic Channel Selection utility
• Airfree-wt - Wireless Security Toolkit
• Ap-notify - An example of using the Linux kernel netlink protocol, specifically nl80211 via libnl/libnl-genl, to catch stations associating/disassociating with an 802.11 AP
• ath9k-4w-patch - Resources for increasing power of ath9k devices, such as TP-link WN722N
• Ath9k-nav - Linux kernel module to poll the NAV register on Atheros 9k series WLAN cards.
• bunny - Bunny is a wireless. meshing, darknet that uses 802.11 to hide its communications
• captiv8 - Captive Portal Evasion Tool
• Connect-wifi - Dmenu based application for Linux that connects to the strongest open wireless network
• Cover-channel - Userland code for creating a covert channel in wireless broadcast medium
• disassociatedWiFi - DisassociatedWiFi creates a virtual network interface (using the Linux TUN/TAP device driver) which sends and receives ethernet frames over an 802.11 (WiFi) interface, that has been placed in monitor mode, and supports packet injection.
• FFT_eval - Aid open source spectrum analyzer development for Qualcomm/Atheros AR92xx and AR93xx based chipsets
• Frame-randomizer - Capture and randomize 802.11 Association Request frames
• FreeWifi - How to get free wifi
• Haiku-wifi - Turn your wireless router's extra radios into a public billboard!
• kismet2earth - Set of utilities that convert from Kismet logs to Google Earth .kml format
• kismeth2earth - Parsing Kismet logs to get collected data from wireless networks and generate a Google Earth map
• Kismet-to-KML - Converts kismet gps log files into kml files
• Mac-analyzer - Collects cross layer stats from ath9k
• Madwifi-be - Modified version of the madwifi driver allowing update of WME parameters for the BE access category
• Madwifi-hopping - Modified version of the Madwifi WLAN driver, that employs power-hopping for packet transmission
• make-a-new-mac80211-to-wirelessAP -
• netxml2kml - Converts netxml files from Kismet Newcore into KML or KMZ files for Google Earth
• Osx-wificleaner - Cleans out open wireless connections from OSX machine
• Osx-wifi-scan - Hacky wifi signal scanner for osx
• parsecaps - Parse wpa.cap generated from besside-ng and create individual .caps for each network with a captured handshake.
• pcap80211analyzer - Not-so-smart 802.11 frame pcapng analyzer
• Probr-analysis - Analysis components for the probr WiFi tracking system
• py_DD_WRT_Remote_Mac_Adder - Python Script to remotely update mac filterlists of DD-WRT routers with wl or atheros wifi drivers
• pykismetkml - Python script designed to export .gps and .xml files (in < Kismet RC1) to .kml files and .netxml files to .kml files in => Kismet RC2
• pykismetstats - Pykismetstats parses NetXML file generated by kismet and write statistics to CSV file.
• PyScapy - This is a package of using scapy.
• react80211 - Solution for mitigating the performance impairments of CSMA/CA protocols in multi-hop topologies based on the dynamic adaptation of the contention process experienced by nodes in a wireless network
• Rollmac - Automated WiFi limit evasion
• Scapy-rssi - Example of how to read RSSI values from wifi packaged using Scapy
• setbssid - Modify the MAC80211 layer in Linux Kernel
• skybluetero - 802.11b/g packet airtime consumption analyzer GUI for Linux
• sniffmypackets - Canari package for pcap file analysis within Maltego
• Snoopy-ng - Snoopy v2.0 - modular digital terrestrial tracking framework
• spectrum.py -
• VX - It might be fun to play tricks on somebody trying to crack your WEP protected router
• Wbc-utils - Couple of hacked together utils for use with the wifibroadcast system by befinitiv
• wi5-aggregation - Implementing and testing 802.11 frame aggregation (A-MPDU)
• WiFi-Analyzer - Analyzer 802.11 networks - android app [to refactor]
• wifi_based_population_estimator - This is a piece of glueware that sticks up different components from hardware detection to real-time web display.
• Wifi-beeper - Linux command-line tool to make WLAN frames audible
• wifidec - Repository for scriptz playing around with decoding elements of the Wifi stack (mainly Radiotap and 802.11 frames)
• wifi_decode - Wireless Key Dumper for Windows
• WifiDirectLinux - Use p2p with Wifi Direct on Linux
• Wifidog-gateway - Repository for the wifidog-gateway captive portal designed for embedded systems
• Wifi-dump-analysis - Processing wireless traces from binary files written and read in custom format.
• wifi_dump_parser-v3 - Is the modified parser for the new data set collected using Wifi-dump
• wifi_dump-tmpfs - Dumps wifi data
• wifihisicipy - Temporarily runs a wifi hotspot and a 'captive portal' to let you choose a permanent wireless network to connect to.
• wifi - [unmaintained] WiFi tools for linux http://pypi.python.org/pypi/wifi
• wifirxpower - Linux-based WiFi RX Power Grapher
• wifiScanMap - An other wifi mapping tool
• WiFi-scheduling - This project evaluates the efficiency and overhead of wireless network scheduling
• wifi_statistics - Linux kernel module to gather wifi statistics from peer and non-peer STAs
• wifitracker - Raspberry Pi Wifi Tracking API
• WifiTrafficAnalyzer -
• wifresti - Find your wireless network password in Windows , Linux and Mac OS
• wime - Wifi password recover tool for Windows, Linux, Mac.
• win32wifi - Python Windows Wifi
• wireless_half-mini - MacOS Airport Half Mini (WiFi and Bluetooth)
• WIRELESSINFO - Extract Important Data From Cisco Wireless Controllers
• wireless_RSSI -
• Wireless-tools - Wireless tools for Node.js
• wit - Command-line wifi manager for linux
• wobs - Detects near-by devices such as cell phones, tablets, and laptops. Does this through 802.11, Bluetooth, cell phone protocols, etc..