Wireless Attackswirelessnl80211wificonfigurationscanningmeshap

iw

iw is a command line tool for configuring and showing information about Linux wireless devices using the nl80211 kernel interface. It supports modern wireless hardware and replaces the deprecated iwconfig tool.

Description

iw provides comprehensive control over wireless network interfaces, enabling users to scan for networks, connect to access points, set up access points, manage mesh networks, and configure advanced features like channel availability checks and power save modes. It is essential for wireless security testing, network diagnostics, and customization of WiFi behavior in Kali Linux environments.

Common use cases include wireless reconnaissance through scanning, setting up monitor mode for packet capture, creating ad-hoc or mesh networks for testing, and configuring specific bitrate masks or transmit power levels. The tool supports a wide range of modern wireless standards including HT, VHT, and HE capabilities.

Based on nl80211, iw offers detailed control over phy (physical device) and dev (network interface) operations, making it suitable for both interactive troubleshooting and scripted automation in penetration testing workflows.

How It Works

iw communicates with the Linux kernel via the nl80211 netlink interface to configure wireless devices. It supports operations on physical wireless devices (phy) and virtual network interfaces (dev), handling tasks like channel switching, authentication, scanning, and mesh path management. Features leverage kernel subsystems for AP mode (often requiring hostapd), IBSS/ad-hoc networks, monitor mode with specific flags, and advanced capabilities like WoWLAN patterns, FTM responders, and SAR specs.

Installation

bash
sudo apt install iw

Flags

--debugenable netlink debugging
--versionshow version (6.17)
-wwait for the connect to finish or fail (used with connect)
-tprint timestamp (used with event)
-Tprint absolute, human-readable timestamp (used with event)
-rprint relative timestamp (used with event)
-fprint full frame for auth/assoc etc. (used with event)
-uprint unknown data in the scan results (used with scan dump)
-vverbose output (used with station dump)

Examples

Show usage help for all commands
iw -h
Join the network with the given SSID (and frequency, BSSID). With -w, wait for the connect to finish or fail.
iw dev <devname> connect [-w] <SSID> [<freq in MHz>] [<bssid>]
Scan on the given frequencies and probe for the given SSIDs (or wildcard if not given) unless passive scanning is requested.
iw dev <devname> scan
List all stations known, e.g. the AP on managed interfaces
iw dev <devname> station dump
Show capabilities for the specified wireless device.
iw phy <phyname> info
Register for receiving certain mgmt frames and print them. Frames are selected by their type and pattern.
iw dev wlan0 mgmt dump frame 40 00 frame 40 01:02 count 10
Disconnect from the current network.
iw dev <devname> disconnect
Monitor events from the kernel with timestamp.
iw event -t
Updated 2026-04-16kali.org ↗