Wireless Attackswirelessauditingwepwpawpspmkidaircrack-ng

Wifite

Wifite is a Python script that automates wireless auditing of WEP or WPA encrypted networks using aircrack-ng tools. It targets access points with customizable attacks including WPS, PMKID, and handshake capture.

Description

Wifite is designed to audit WEP or WPA encrypted wireless networks by automating the use of tools like aircrack-ng, pyrit, reaver, and tshark. It simplifies wireless security testing with minimal arguments and can run unsupervised, making it ideal for penetration testers auditing access points.

The tool supports targeting specific network types such as WEP, WPA/WPA2/WPA3, WPS-enabled, and OWE networks. It offers flexibility through options for scan time, power thresholds, interface selection, and attack modes, allowing users to focus on high-signal or vulnerable targets.

Use cases include automated scanning and attacking of wireless networks during security assessments, checking captured handshakes, and managing cracked or ignored access points. It integrates with Kali Linux dependencies for comprehensive wireless auditing.

How It Works

Wifite operates by enabling monitor mode on wireless interfaces, scanning for targets using airodump-ng, and applying attacks based on flags: WEP cracking with fake authentication and IVS reuse; WPA handshake capture for dictionary attacks; WPS PIN/Pixie-Dust via reaver/bully; PMKID capture without association. It kills conflicting processes, randomizes MAC if specified, filters by power/channel, and supports infinite scanning or timed attacks. Outputs include captured files for offline cracking with tools like aircrack-ng.

Installation

bash

sudo apt install wifite

Flags

-pow, --power [min_power]Attacks any targets with at least min_power signal strength

-wpsShow only WPS-enabled networks

-i [interface]Wireless interface to use, e.g. wlan0mon (default: ask)

-c [channel]Wireless channel to scan e.g. 1,3-6 (default: all 2Ghz channels)

--wepShow only WEP-encrypted networks

--wpaShow only WPA/WPA2-encrypted networks (may include WPS)

--wpa3Show only WPA3-encrypted networks (SAE/OWE)

--pmkidOnly use PMKID capture, avoids other WPS & WPA attacks (default: off)

--dict [file]File containing passwords for cracking (default: /usr/share/dict/wordlist-probable.txt)

-v, --verboseShows more options (-h -v). Prints commands and outputs. (default: quiet)

Examples

Attack access points with over 50 dB of power using the WPS attack

wifite -pow 50 -wps

Show help message with all available options

wifite -h

Print previously-cracked access points

wifite --cracked

Print ignored access points

wifite --ignored

Check a .cap file (or all hs/*.cap files) for WPA handshakes

wifite --check [file]

Show commands to crack a captured handshake

wifite --crack

Update the local MAC address prefix database from IEEE registries

wifite --update-db

Updated 2026-04-16kali.org ↗