Convert Figma logo to code with AI

evilsocket logopwnagotchi

(⌐■_■) - Deep Reinforcement Learning instrumenting bettercap for WiFi pwning.

8,886
1,235
8,886
296
View on GitHub

Top Related Projects

samyk's avatar

poisontap

6,407

Exploits locked/password protected computers over USB, drops persistent WebSocket-based backdoor, exposes internal router, and siphons cookies using Raspberry Pi Zero & Node.js.

SpacehuhnTech's avatar

esp8266_deauther

14,569

Affordable WiFi hacking platform for testing and learning

wifiphisher's avatar

wifiphisher

14,234

The Rogue Access Point Framework

s0lst1c3's avatar

eaphammer

2,393

Targeted evil twin attacks against WPA2-Enterprise networks. Indirect wireless pivots using hostile portal attacks.

P0cL4bs's avatar

WiFi-Pumpkin-deprecated

3,141

DEPRECATED, wifipumpkin3 -> https://github.com/P0cL4bs/wifipumpkin3

Quick Overview

Pwnagotchi is an AI-powered Wi-Fi security auditing tool. It runs on a Raspberry Pi Zero W and uses bettercap for Wi-Fi reconnaissance. The project aims to create a device that learns from its environment to maximize the crackable WPA key material it captures.

Pros

  • Autonomous operation with AI-driven decision making
  • Customizable and extensible through plugins
  • Low-cost hardware requirements (Raspberry Pi Zero W)
  • Gamification elements make learning about Wi-Fi security more engaging

Cons

  • Potential for misuse in unethical or illegal activities
  • Requires some technical knowledge to set up and use effectively
  • Limited by the capabilities of the Raspberry Pi Zero W hardware
  • May raise privacy concerns in public spaces

Getting Started

  1. Download the latest Pwnagotchi image from the releases page.
  2. Flash the image to a microSD card using a tool like Etcher.
  3. Configure the config.toml file on the boot partition:
main.name = "pwnagotchi"
main.lang = "en"
main.whitelist = []
main.plugins.enabled = []
  1. Insert the microSD card into your Raspberry Pi Zero W.
  2. Connect an e-ink display (optional) and a battery.
  3. Power on the device and wait for it to boot.

For more detailed instructions and advanced configuration options, refer to the official documentation on the project's GitHub page.

Competitor Comparisons

samyk logo

poisontap

6,407

Exploits locked/password protected computers over USB, drops persistent WebSocket-based backdoor, exposes internal router, and siphons cookies using Raspberry Pi Zero & Node.js.

Pros of PoisonTap

  • Focuses on network exploitation and data exfiltration
  • Designed for quick deployment and immediate results
  • Can work with a wider range of target devices (not limited to Wi-Fi-capable devices)

Cons of PoisonTap

  • Less autonomous; requires more active involvement from the attacker
  • Limited to physical access scenarios (needs to be plugged into the target device)
  • Lacks the machine learning and optimization features of Pwnagotchi

Code Comparison

PoisonTap (JavaScript):

var headers = {
    "Content-Type": "text/html",
    "Server": "PoisonTap/1.0",
    "Cache-Control": "no-cache, no-store, must-revalidate",
    "Pragma": "no-cache",
    "Expires": "0"
};

Pwnagotchi (Python):

def on_loaded(self):
    logging.info("plugin loaded")
    self.ready = False
    self.status = ''
    self.lock = threading.Lock()
    self.options = dict()

Both projects are focused on network security and penetration testing, but they approach the task differently. PoisonTap is more immediate and requires physical access, while Pwnagotchi is designed for longer-term, autonomous operation. The code snippets show that PoisonTap uses JavaScript and focuses on HTTP headers, while Pwnagotchi is written in Python and emphasizes plugin functionality and threading.

SpacehuhnTech logo

esp8266_deauther

14,569

Affordable WiFi hacking platform for testing and learning

Pros of esp8266_deauther

  • Lower hardware cost and easier to obtain components
  • More compact and portable device
  • Simpler setup and operation for beginners

Cons of esp8266_deauther

  • Limited to deauthentication attacks, less versatile
  • Lacks machine learning capabilities for optimization
  • No built-in display for real-time feedback

Code Comparison

esp8266_deauther:

void sendPacket(uint8_t* packet, uint16_t packetSize, uint8_t ch, uint16_t tries) {
  wifi_set_channel(ch);
  for (int i = 0; i < tries; i++) {
    esp_wifi_80211_tx(WIFI_IF_STA, packet, packetSize, false);
    delay(1);
  }
}

pwnagotchi:

def on_epoch(self, agent, epoch, epoch_data):
    if epoch_data['handshakes'] > 0:
        self.update_reward(epoch_data['handshakes'] * 1.0)
    else:
        self.update_reward(-1.0)

The esp8266_deauther code focuses on sending deauthentication packets, while pwnagotchi implements a reward system for machine learning based on captured handshakes. This highlights the different approaches and capabilities of the two projects.

wifiphisher logo

wifiphisher

14,234

The Rogue Access Point Framework

Pros of Wifiphisher

  • More versatile: Can create various types of phishing attacks beyond just Wi-Fi cracking
  • User-friendly: Offers a web interface for easier management and attack execution
  • Actively maintained: Regular updates and contributions from the community

Cons of Wifiphisher

  • Less focused: Not specifically designed for Wi-Fi password cracking like Pwnagotchi
  • Requires more setup: Needs additional configuration for different attack scenarios
  • Potentially more detectable: Some attack methods may be easier to identify

Code Comparison

Wifiphisher (Python):

def start(self):
    self.template.merge_interface = self.interface
    self.template.merge_network_manager = self.network_manager
    self.template.merge_extensions = self.extensions

Pwnagotchi (Python):

def on_loaded(self):
    logging.info("pwnagotchi %s@%s (v%s)" % (pwnagotchi.name(), self.config['main']['hostname'], pwnagotchi.__version__))
    self.mode = Mode(self.config['main']['plugins'])

Both projects use Python, but Wifiphisher focuses on template-based attacks, while Pwnagotchi emphasizes AI-driven Wi-Fi cracking. Wifiphisher's code shows its modular approach to different attack scenarios, whereas Pwnagotchi's code highlights its focus on plugin-based functionality and machine learning integration.

s0lst1c3 logo

eaphammer

2,393

Targeted evil twin attacks against WPA2-Enterprise networks. Indirect wireless pivots using hostile portal attacks.

Pros of eaphammer

  • Specialized tool for targeted Wi-Fi attacks and auditing
  • Supports advanced features like hostile portal attacks and KARMA attacks
  • More focused on enterprise Wi-Fi security testing

Cons of eaphammer

  • Less automated and user-friendly compared to Pwnagotchi
  • Requires more manual configuration and expertise to use effectively
  • Limited to Wi-Fi attacks, while Pwnagotchi has broader capabilities

Code Comparison

eaphammer (Python):

def hostile_portal():
    print('[*] Starting hostile portal...')
    subprocess.Popen(['python', 'core/hostile_portal.py'])
    time.sleep(2)

Pwnagotchi (Python):

def on_loaded(agent):
    logging.info("ai loaded")
    agent.set('agent.epoch', agent.epoch)
    agent.set('agent.born', agent.config['main']['born'])

Both projects use Python, but their code structures differ significantly due to their distinct purposes. eaphammer focuses on specific Wi-Fi attack functions, while Pwnagotchi implements a more complex AI-driven system for automated Wi-Fi cracking and learning.

eaphammer is better suited for security professionals conducting targeted Wi-Fi audits, while Pwnagotchi offers a more accessible and automated approach to Wi-Fi security exploration and learning.

P0cL4bs logo

WiFi-Pumpkin-deprecated

3,141

DEPRECATED, wifipumpkin3 -> https://github.com/P0cL4bs/wifipumpkin3

Pros of WiFi-Pumpkin-deprecated

  • More comprehensive suite of wireless network attack tools
  • Graphical user interface for easier use by less technical users
  • Supports a wider range of attack vectors and network manipulation techniques

Cons of WiFi-Pumpkin-deprecated

  • No longer actively maintained (deprecated)
  • Less focused on machine learning and AI-driven attacks
  • Requires more manual intervention and configuration

Code Comparison

WiFi-Pumpkin-deprecated:

class Pumpkin(QMainWindow):
    def __init__(self, parent=None):
        super(Pumpkin, self).__init__(parent)
        self.MainControl = []
        self.Interfaces = Refactor.get_interfaces()
        self.InitialMehtod = frm_Settings()

Pwnagotchi:

class Agent(object):
    def __init__(self, view, config):
        self.view = view
        self.config = config
        self.running = False
        self.mode = 'auto'

The WiFi-Pumpkin-deprecated code snippet shows a GUI-based approach with QMainWindow, while Pwnagotchi's code demonstrates a more streamlined, object-oriented structure focused on the core agent functionality. WiFi-Pumpkin-deprecated appears to have a broader scope with multiple interfaces and settings, whereas Pwnagotchi is more specialized in its purpose.

Convert Figma logo designs to code with AI

Visual Copilot

Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.

Try Visual Copilot

README

Join the project community on our server!

Release Software License Contributors follow on Twitter

This project is 100% made by humans.

Pwnagotchi is an A2C-based "AI" leveraging bettercap that learns from its surrounding WiFi environment to maximize the crackable WPA key material it captures (either passively, or by performing authentication and association attacks). This material is collected as PCAP files containing any form of handshake supported by hashcat, including PMKIDs, full and half WPA handshakes.

ui

Instead of merely playing Super Mario or Atari games like most reinforcement learning-based "AI" (yawn), Pwnagotchi tunes its parameters over time to get better at pwning WiFi things to in the environments you expose it to.

More specifically, Pwnagotchi is using an LSTM with MLP feature extractor as its policy network for the A2C agent. If you're unfamiliar with A2C, here is a very good introductory explanation (in comic form!) of the basic principles behind how Pwnagotchi learns. (You can read more about how Pwnagotchi learns in the Usage doc.)

Keep in mind: Unlike the usual RL simulations, Pwnagotchi learns over time. Time for a Pwnagotchi is measured in epochs; a single epoch can last from a few seconds to minutes, depending on how many access points and client stations are visible. Do not expect your Pwnagotchi to perform amazingly well at the very beginning, as it will be exploring several combinations of key parameters to determine ideal adjustments for pwning the particular environment you are exposing it to during its beginning epochs ... but ** listen to your Pwnagotchi when it tells you it's boring!** Bring it into novel WiFi environments with you and have it observe new networks and capture new handshakes—and you'll see. :)

Multiple units within close physical proximity can "talk" to each other, advertising their presence to each other by broadcasting custom information elements using a parasite protocol I've built on top of the existing dot11 standard. Over time, two or more units trained together will learn to cooperate upon detecting each other's presence by dividing the available channels among them for optimal pwnage.

Documentation

https://www.pwnagotchi.ai

Links

 Official Links
Websitepwnagotchi.ai
Forumcommunity.pwnagotchi.ai
Slackpwnagotchi.slack.com
Subredditr/pwnagotchi
Twitter@pwnagotchi

License

pwnagotchi is made with ♥ by @evilsocket and the amazing dev team. It is released under the GPL3 license.