Anonymizes 802.11 Layer 2 information found in capture files (BSSID, SSID, AP name, etc.)
Clone or download
Adrian Granados
Latest commit 18c5798 Jan 10, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
LICENSE Create LICENSE Jan 3, 2018
README.md Add support for Mist AP names. Jan 10, 2019
dot11anonymizer-example.png Add files via upload Aug 25, 2017
dot11anonymizer.py Add support for Mist AP names. Jan 10, 2019

README.md

dot11anonymizer

This is a Python script that anonymizes 802.11 Layer 2 information found in capture files. It supports the following 802.11 Layer 2 identifiable fields:

  • MAC addresses (OUIs are preserved)
  • SSID
  • Aerohive, Aruba, Cisco, MikroTik/Routerboard, Mist and Zebra AP names (if present)
  • HESSID (Hotspot 2.0)
  • P2P Device ID (Wi-Fi Alliance P2P Specification)
  • Device Name (WiFi Protected Setup)

Original vs. Anonymized Capture File

Requirements

You need Python2 and Scapy.

Usage

python dot11anonymizer.py <input_file> [<input_file> ...]

where <input_file> is a capture file that contains 802.11 frames with Radiotap headers.

The script generates a copy of the file ending with the suffix -anonymized.pcap in the same location as the original file.

For example:

python dot11anonymizer.py ~/Desktop/mycapture.pcap

generates ~/Desktop/mycapture-anonymized.pcap

Notes

Since modifications to the frame will result in a different frame checksum, the script automatically fixes the FCS field for frames that originally had a good FCS. For frames that originally had a bad FCS, the script will set the FCS field to 0x00000000 to ensure that the FCS remains bad after any modifications.