wirespy

WireSpy enables the automation of various WiFi attacks to conduct Man-In-The-Middle-Attacks (MITMAs).

WireSpy allows attackers to set up quick honeypots to carry out MITMAs. Monitoring and logging functionality is implemented in order to keep records of the victims' traffic/activities. Other tools can be used together with Wirespy to conduct more advanced attacks.

Two type of attacks are supported at the moment:

Evil twin: Force victims to auto-connect to the honeypot by spoofing a "trusted" hotspot (clone an existing access point and de-authenticate its users to force them to transparently connect to the spoofed honeypot).
Honeypot: Set up a simple rogue hotspot and wait for clients to connect.

Features

Capture victims' traffic.
MAC address spoofing.
Set-up honeypot and evil twin attacks.
Show the list of in range access points.
Wireless adapter|card|dongle power amplification.

Usage

Set as executable:
```
chmod +x wirespy.sh
```
Execute as root:
```
sudo ./wirespy.sh
```

Type help to get started.

Attacks:
    eviltwin      > launch an evil twin attack
    honeypot      > launch a rogue access point attack

Commands:
    clear         > clear the terminal
    help          > list available commands
    quit|exit     > exit the program
    apscan        > show all wireless access points nearby
    leases        > display DHCP leases
    powerup       > power wireless interface up (may cause issues)
    start capture > start packet capture (tcpdump)
    stop capture  > stop packet capture (tcpdump)
    status        > show modules status

Roadmap

[ ] Add WPA/WPA2 support for honeypot.
[ ] Bash autocompletion.
[x] Optimise the source code.
[x] Improve the stability.
[x] Improve the UI (e.g. uniformise the style and colors).
[x] Show the status of processes running in the background.
[ ] Validate all user inputs against regexes.

Project Information

This script was developed in the context of my master thesis work in June 2015.

The project was presented on Pentester Academy TV's toolbox in 2017:

Work on a new improved version has commenced in 2018.

Sponsor 💖

If you want to support this project and appreciate the time invested in developping, maintening and extending it; consider donating toward my next cup of coffee. ☕

It is easy, all you got to do is press the Sponsor button at the top of this page or alternatively click this link. 💸

Reporting Issues

Found a bug? I would love to squash it! 🐛

Please report all issues on the GitHub issues tracker.

Contributing

You would like to contribute to better this project? 🤩

Please submit all PRs on the GitHub pull requests tracker.

License

See LICENSE.

Project Name	Stars	Packages Using This	Most Recent Commit	Total Releases	Latest Release	Open Issues	License	Language
Wifiphisher	12,081	2	6 days ago	3	January 13, 2018	298	gpl-3.0	Python
The Rogue Access Point Framework
Wifite2	5,303		11 days ago			284	gpl-2.0	Python
Rewrite of the popular wireless network auditor, "wifite"
Kickthemout	2,166		a year ago			103	mit	Python
💤 Kick devices off your network by performing an ARP Spoof attack.
Eaphammer	1,802		16 days ago			47	gpl-3.0	C
Targeted evil twin attacks against WPA2-Enterprise networks. Indirect wireless pivots using hostile portal attacks.
Wifipumpkin3	1,497		12 days ago			1	apache-2.0	Python
Powerful framework for rogue access point attack.
Wifi Arsenal	1,049		3 years ago			3		C
WiFi arsenal
Infernal Twin	1,027		5 years ago			11		Python
wireless hacking - This is automated wireless hacking tool
Linset	413		8 years ago			40	gpl-3.0
Evil Twin Attack Bash script
Wirespy	407		a year ago			4	apache-2.0	Shell
Framework designed to automate various wireless networks attacks (the project was presented on Pentester Academy TV's toolbox in 2017).
Pidense	361		4 years ago			3	gpl-3.0	Python
🍓📡🍍Monitor illegal wireless network activities. (Fake Access Points), (WiFi Threats: KARMA Attacks, WiFi Pineapple, Similar SSID, OPN Network Density etc.)