Rogue Access Point Detector
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
data
imgs
logs
manufacturer
modules
profiles
scripts
.gitignore
LICENSE
README.md
dependencies.sh
requirements.txt
rogueAP_detector.py

README.md

RogueAP Detector

rogueAP Detector is an open source tool to detect Wi-Fi Rogue Access Points, covering the most commonly known attacks. This tool is a modular framework composed of Scanners, Detectors and Actuators, which are responsible for scanning for available APs, apply a set of heuristics to detect them, and apply a defensive mechanism.

RogueAP Detector_1

Modules

Scanners: Methods to scan the network  
Detectors: Set of passive detectors to identify RogueAP types  
Actuators: Set of active detectors to identify RogueAP types  

Usage

./rogueAP_detector.py

Options:

-i interface		-> interface to monitor the network  
-im interface		-> interface for active mode  
-p profile              -> name of the profile to load  
-s scan_type            -> name of scanning type (iwlist, scapy)  
-h hive_mode		-> creates an AP (configured in profiles/rogueAP.txt) 
-d deauth               -> deauthenticates users from target AP  
-wifi_attacks_detect    -> detects deauthentication and pmkid attacks  
-a active_mode		-> activates random probe requests  

Examples:

 Scan for RAPs without a profile - (iwlist mode)  
./rogueAP_detector.py -i iface -s iwlist  

 Scan for RAPs using a profile - (iwlist mode)  
./rogueAP_detector.py -i iface -s iwlist -p example_profile.txt  

 Scan for RAPs using a profile - (scapy mode)  
./rogueAP_detector.py -i iface -s scapy -p example_profile.txt  

 Scan for RAPs with karma detect active mode enabled - (iwlist mode)  
./rogueAP_detector.py -i iface1 -im iface2 -s iwlist -a  

 Scan for RAPs using a profile and karma detect active mode enabled - (iwlist mode)  
./rogueAP_detector.py -i iface1 -im iface2 -s iwlist -p profile.txt -a  

 Create a RAP  
./rogueAP_detector.py -im iface -h  

 Deauthenticate defensive mechanism mode  
./rogueAP_detector.py -im iface -d  

 Deauthentication and PMKID attacks detection  
./rogueAP_detector.py -im iface -wifi_attacks_detect  

Detecting Evil Twin, Multi-Channel, Different Encryption and Recently Created Rogue APs:

RogueAP Detector_2

Validate Free WiFis and Detecting Karma Attacks:

RogueAP Detector_3

PMKID Attack Detection:

RogueAP Detector_4

PMKID and Deauthentication Attacks Detection:

RogueAP Detector_5

Dependencies

python2.7
scapy
wireless-tools
iw

To install the dependencies, run: ./dependencies.sh