WiFi-Pumpkin3
Apache-2.0๐ก Wireless ยท Python
WiFi-Pumpkin3 is a powerful framework for rogue access point attacks, providing an all-in-one solution for wireless security assessments. It creates a fake access point with built-in DHCP, DNS, and captive portal services, capturing credentials from clients who connect and attempt to authenticate. The framework includes proxy plugins for injecting JavaScript, capturing images, modifying HTML responses, and sniffing unencrypted traffic. WiFi-Pumpkin3 features both a command-line and graphical interface, making it accessible for different skill levels. Its plugin architecture supports custom captive portal templates (mimicking hotel WiFi, corporate portals, social media login pages), transparent proxying with SSL stripping, and integration with external tools like Bettercap and Responder for more sophisticated attacks.
Installation
pip
$ pip install wifipumpkin3from source
$ git clone https://github.com/P0cL4bs/wifipumpkin3 && cd wifipumpkin3 && pip install .Use Cases
- Creating convincing captive portal pages for wireless credential phishing
- Deploying rogue access points with transparent proxy and traffic inspection
- Testing user awareness against fake WiFi login pages in security assessments
- Capturing credentials through SSL stripping and DNS spoofing on rogue networks
- Running multi-plugin wireless attack campaigns with a graphical interface
Tags
Details
- Category
- ๐ก Wireless
- Language
- Python
- Repository
- P0cL4bs/wifipumpkin3
- License
- Apache-2.0
- Platforms
- ๐งlinux
Links
Alternatives & Comparisons
Aircrack-ng
CComplete suite for WiFi network security assessment. Monitoring, attacking, testing, and cracking.
Compare WiFi-Pumpkin3 vs Aircrack-ngBettercap
GoSwiss army knife for WiFi, Bluetooth, and ethernet network recon and MITM. Scriptable with JS.
Compare WiFi-Pumpkin3 vs BettercapWifite2
PythonAutomated wireless attack tool. Wraps aircrack-ng, reaver, and hashcat for streamlined WiFi auditing.
Compare WiFi-Pumpkin3 vs Wifite2Reaver
CWPS brute force attack tool. Exploits Wi-Fi Protected Setup to recover WPA/WPA2 passphrases from WPS-enabled routers.
Compare WiFi-Pumpkin3 vs ReaverPixiewps
CWPS offline brute force. Exploits weak random number generation in WPS implementations to recover PINs in seconds.
Compare WiFi-Pumpkin3 vs PixiewpsMore in Wireless
Aircrack-ng
CComplete suite for WiFi network security assessment. Monitoring, attacking, testing, and cracking.
Bettercap
GoSwiss army knife for WiFi, Bluetooth, and ethernet network recon and MITM. Scriptable with JS.
Wifite2
PythonAutomated wireless attack tool. Wraps aircrack-ng, reaver, and hashcat for streamlined WiFi auditing.
Kismet
C++Wireless network detector, sniffer, wardriving tool, and IDS. WiFi, Bluetooth, Zigbee, and more.
Flipper Zero Firmware
CCustom firmware for Flipper Zero. Sub-GHz, RFID, NFC, infrared, and GPIO hacking multi-tool.
Fluxion
ShellWPA security auditing tool that uses social engineering for handshake capture via evil twin attacks.