Skip to main content
Warning: You are using the test version of PyPI. This is a pre-production deployment of Warehouse. Changes made here affect the production instance of TestPyPI (
Help us improve Python packaging - Donate today!

Automated phishing attacks against Wi-Fi networks

Project Description

|Build Status| |Python Version| |License| |Chat IRC|

.. raw:: html

<p align="center">

.. raw:: html



Wifiphisher is a security tool that mounts automated victim-customized
phishing attacks against WiFi clients in order to obtain credentials or
infect the victims with malwares. It is primarily a social engineering
attack that unlike other methods it does not include any brute forcing.
It is an easy way for obtaining credentials from captive portals and
third party login pages (e.g. in social networks) or WPA/WPA2 pre-shared

Wifiphisher works on Kali Linux and is licensed under the GPL license.

How it works

After achieving a man-in-the-middle position using the Evil Twin attack,
Wifiphisher redirects all HTTP requests to an attacker-controlled
phishing page.

>From the victim’s perspective, the attack makes use in three phases:

1. **Victim is being deauthenticated from her access point**.
Wifiphisher continuously jams all of the target access point’s wifi
devices within range by forging “Deauthenticate” or “Disassociate”
packets to disrupt existing associations.
2. **Victim joins a rogue access point**. Wifiphisher sniffs the area
and copies the target access point’s settings. It then creates a
rogue wireless access point that is modeled by the target. It also
sets up a NAT/DHCP server and forwards the right ports. Consequently,
because of the jamming, clients will eventually start connecting to
the rogue access point. After this phase, the victim is MiTMed.
3. **Victim is being served a realistic specially-customized phishing
page**. Wifiphisher employs a minimal web server that responds to
HTTP & HTTPS requests. As soon as the victim requests a page from the
Internet, wifiphisher will respond with a realistic fake page that
asks for credentials or serves malwares. This page will be
specifically crafted for the victim. For example, a router
config-looking page will contain logos of the victim’s vendor. The
tool supports community-built templates for different phishing

.. raw:: html

<p align="center">

Performing MiTM attack

.. raw:: html



Following are the requirements for getting the most out of Wifiphisher:

- Kali Linux. Although people have made Wifiphisher work on other
distros, Kali Linux is the officially supported distribution, thus
all new features are primarily tested on this platform.
- One wireless network adapter that supports AP mode. Drivers should
support netlink.
- One wireless network adapter that supports Monitor

.. |Build Status| image::
.. |Python Version| image::
.. |License| image::
.. |Chat IRC| image::

Release History

This version
History Node


History Node


History Node


History Node


Download Files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, Size & Hash SHA256 Hash Help File Type Python Version Upload Date
(1.0 MB) Copy SHA256 Hash SHA256
Wheel py2 Mar 22, 2017

Supported By

Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Google Google Cloud Servers DreamHost DreamHost Log Hosting