Search the Community

EAPHammer is a toolkit for performing targeted evil twin attacks against WPA2-Enterprise networks. It is designed to be used in full scope wireless assessments and red team engagements. As such, the focus is placed on providing an easy-to-use interface that can be leveraged to execute powerful wireless attacks with minimal manual configuration. To illustrate how fast this tool is, here’s an example of how to set up and execute a credential-stealing evil twin attack against a WPA2-TTLS network in just two commands: Features Steal RADIUS credentials from WPA-EAP and WPA2-EAP networks. Perform hostile portal attacks to steal AD creds and perform indirect wireless pivots Perform captive portal attacks Built-in Responder integration Support for Open networks and WPA-EAP/WPA2-EAP No manual configuration is necessary for most attacks. No manual configuration necessary for the installation and setup process Leverages the latest version of hostapd (2.8) Support for evil twin and karma attacks Generate timed Powershell payloads for indirect wireless pivots Integrated HTTP server for Hostile Portal attacks Support for SSID cloaking Fast and automated PMKID attacks against PSK networks using hcxtools Password spraying across multiple usernames against a single ESSID EAPHammer now supports attacks against 802.11a and 802.11n networks. This includes the ability to create access points that support the following features: Both 2.4 GHz and 5 GHz channel support Full MIMO support (multiple inputs, multiple output) Frame aggregation Support for 40 MHz channel widths using channel bonding High Throughput Mode Short Guard Interval (Short GI) Modulation & coding scheme (MCS) RIFS HT power management Changelog v1.13.5 Fixed gevent / Python 3.9 related issues. [hide][Hidden Content]]