WiFi-Pumpkin - Framework for Rogue WiFi Access Point Attack

WiFi-Pumpkin - Framework for Rogue Wi-Fi Access Point Attack

WiFi-Pumpkin is a framework for auditing WiFi security. The main feature is the ability to create a fake AP and make Man In The Middle attack, but the list of features is quite broad.


  • Rogue WiFi Access Point
  • Deauth Attack Clients AP
  • Probe Request Monitor
  • DHCP Starvation Attack
  • Credentials Monitor
  • Transparent Proxy
  • Windows Update Attack
  • Phishing Manager
  • Partial Bypass HSTS protocol
  • Support beef hook
  • ARP Poison
  • DNS Spoof
  • Patch Binaries via MITM
  • Karma Attacks (support hostapd-mana)
  • LLMNR, NBT-NS and MDNS poisoner (Responder)
  • Pumpkin-Proxy (ProxyServer (mitmproxy API))
  • Capture images on the fly
  • TCP-Proxy (with scapy)

WiFi-Pumpkin Screenshot


  • Dns2proxy: This tool offers different features for post-exploitation once you change the DNS server to a Victim.
  • Sstrip2: Sslstrip is a MITM tool that implements SSL stripping attacks.
  • Sergio_proxySergio Proxy (Super Effective Recorder of Gathered Inputs and Outputs) is an HTTP proxy that was written in Python for the Twisted framework.
  • BDFProxy: Patch Binaries via MITM: BackdoorFactory + mitmProxy, bdfproxy-ng is a fork and review of the original BDFProxy.
  • Responder: Responder an LLMNR, NBT-NS and MDNS poisoner.


Note: It requires Python 2.7. You will also have to have an Ethernet as well as a WiFi adapter (support AP mode) available for WiFi-Pumpkin to work.
git clone https://github.com/P0cL4bs/WiFi-Pumpkin.git
 cd WiFi-Pumpkin
 ./installer.sh --install
or download .deb file to install
sudo dpkg -i wifi-pumpkin-0.8.5-all.deb
sudo apt-get -f install

No comments

Powered by Blogger.