mdk4 vs Reaver
GitHub Stats
About mdk4
mdk4 is a Wi-Fi testing tool that exploits common IEEE 802.11 protocol weaknesses. It is the successor to mdk3, rewritten to work with the modern cfg80211 wireless subsystem in Linux. mdk4 provides a suite of attacks for wireless penetration testing including beacon flooding (creating thousands of fake access points), authentication/deauthentication flooding, SSID brute forcing, 802.11s mesh network exploitation, and WDS confusion attacks. It can probe access points for connected clients, test for MAC filtering bypass, and stress-test wireless infrastructure under various attack conditions. mdk4 is primarily used to test the resilience of wireless networks and intrusion detection systems against denial of service and protocol-level attacks. It requires a wireless adapter in monitor mode.
About Reaver
Reaver implements a brute force attack against Wi-Fi Protected Setup (WPS) registrar PINs to recover WPA/WPA2 passphrases. WPS uses an 8-digit PIN where the last digit is a checksum and the first and second halves are validated separately, reducing the effective keyspace from 100 million to about 11,000 possibilities. Reaver systematically tries PIN combinations against the target access point, typically recovering the passphrase within 4-10 hours depending on the target. It includes features like automatic detection of WPS-enabled access points, session saving and restoring for interrupted attacks, and configurable timing and delay options to handle rate limiting and lockout mechanisms. Reaver is often used alongside Pixiewps for the more efficient Pixie Dust attack against vulnerable WPS implementations that leak enough information to recover the PIN offline in seconds.
Platform Support
Tags
mdk4 only
Reaver only