PhantomKit v1.2.0
PhantomKit v1.2.0
Security and stealth upgrade — real 802.11 parsing, dashboard authentication, webhook alerts, and NTP timestamps.
What's new
🔐 Dashboard Authentication
Password-protected dashboard (auditor123 by default, configurable in config.h). Session token stored as an HttpOnly cookie. All /api/* routes require a valid session.
📡 Real Probe Sniffer
Rewrote the probe sniffer to parse actual 802.11 management frames using the ESP8266 SDK promiscuous callback. Extracts source MAC, sought SSID, and RSSI directly from frame offsets — no more heuristics.
🎯 Unicast Deauth
Added a passive 800 ms sniff window before each deauth run to detect associated client MACs. Sends targeted AP→Client and Client→AP deauth frames for each detected client, bypassing the modern mobile defense against broadcast deauth (802.11w PMF is not enforced on ESP8266 soft-APs).
🔔 Webhook Notifications
New NotifierModule — sends an HTTP POST to ntfy.sh or any custom webhook every time a credential is captured. Configure URL and topic from the Ajustes tab. Saved to LittleFS across reboots.
🕐 NTP Real Timestamps
When uplink WiFi (UPLINK_SSID / UPLINK_PASSWORD) is configured, the device syncs with pool.ntp.org on boot. Credentials and logs show YYYY-MM-DD HH:MM:SS instead of relative T+HH:MM:SS.
👻 Stealth Mode
Hides the management SSID PhantomKit from Wi-Fi scans using the ESP8266 SDK wifi_softap_set_config. Toggle from the Ajustes tab without reflashing.
✅ GitHub Actions CI
Every push to main compiles the firmware automatically. Build badge in README.
Upgrade from v1.1.0
git pull origin main
pio run --target uploadfs && pio run --target uploadSet DASHBOARD_PASSWORD in src/config.h before flashing.
For authorized security audits and educational use only.