mdk4

mdk4 is a Wi-Fi testing tool designed to demonstrate vulnerabilities in IEEE 802.11 protocol implementations. Developed as a successor to mdk3 by E7mer of 360PegasusTeam and ASPj of k2wrlz, it leverages the osdep library from aircrack-ng for frame injection across multiple operating systems. The tool includes 10 attack modules targeting different aspects of wireless networks, from beacon flooding to mesh network attacks.

Use cases include testing Wi-Fi network resilience against common attacks like deauthentication floods that disconnect clients from access points, authentication DoS that overwhelms APs with fake clients, and Michael Countermeasures exploitation specific to TKIP-encrypted networks. It also supports advanced IDS evasion through ghosting (rate/power switching) and fragmenting techniques. Additionally, features like SSID probing/bruteforcing help verify AP visibility and hidden network detection.

IMPORTANT: Users must obtain explicit permission from network owners before testing, as these attacks can crash scanners, reset APs, or disrupt legitimate traffic. The tool is licensed under GPLv3 or later.

mdk4 injects crafted IEEE 802.11 frames using the osdep library from aircrack-ng, exploiting protocol weaknesses across 10 attack modes. Beacon Flooding sends fake AP beacons to overwhelm clients and scanners. Deauthentication/Disassociation modes target data traffic to disconnect stations from APs. Authentication DoS floods APs with auth frames. Michael Countermeasures sends QoS queue manipulation packets to trigger TKIP AP shutdowns. EAPOL injection creates fake sessions or logoffs. Mesh attacks manipulate 802.11s link management and routing. IDS evasion via --ghost (dynamic rate/power switching) and --frag (packet fragmentation) modifies outgoing packets. Packet Fuzzer applies modifiers to multiple packet sources. Mode 'x' tests protocol implementation vulnerabilities potentially causing disconnects or crashes.