The Evil Twin with Deauth, Sniffer, Captive, Beacon flood on ESP8266Designed by Razor in Poland
WHAT IS IT? If you have ever played with pen testing you probably know what an Evil Twin is. Still not heard of it? "An evil twin is a fraudulent Wi-Fi access point that appears to be legitimate bu...Read More…
If you have ever played with pen testing you probably know what an Evil Twin is. Still not heard of it?
"An evil twin is a fraudulent Wi-Fi access point that appears to be legitimate but is set up to eavesdrop on wireless communications." [WIKI]
Attracthor is a fully working EvilTwin that you can run against your network to see if you are vulnerable for attack.
The main purpose of AttracThor is to obtain a target AP WiFi password. This can be done with a single AttracThor or a distributed approach by placing a few AttracThors around your Lab.
A simple infographic on the deauth mode.
2/6/2021 1.9 Is ready!
You can now buy AttracThor with OLED soldered already or a kit for you to solder it yourself. Be sure to select a proper option !
Take advantage of having a display on top of AttracThor to simply look and understand the status of your operation. No more logging into AttracThor and checking for the status, a simple look of an eye will help you analyze the situation of your scenario.
Very simple status screen (once in operation) displays all info required for you to spot where you are. Have a quick look into what is being displayed on the screen.
Use Repeller for dedicated Deauth process
Use Peryton if you want to switch to cracking the WPA/WPA2 handshakes.
Use Battery Shield to run it on Battery
Here is the list of implemented features, tested and pwning:
|Beacon flood||Yes||No comments|
|Anti Channel Hopping||Yes||Follow target AP Channel|
|Anti SSID change||Yes||Follow target AP SSID|
|Password validation||Yes||Immediately/Every reboot|
|DNS Server||Yes||Part of Captive + Logging|
|Deep view||Yes||Number of STA's connected, Captive viewers, totals|
|Web Configuration||Yes||Simple config panel|
|Monitoring||Yes||Additional binary included to listen updates over WiFi or simply WEB|
|Remote management||Yes||Reboot, Reconfigure, Upgrade, Check status over WiFi|
|Firmware Upgrade option||Yes||Via WEB page, command line (curl) or esp programmer|
|Hackable||Yes||This is ESP8266, you can plugin and hack as you want|
|Battery||Yes||Use dedicated Battery shield to run on juice check|
|File Manager||Yes||Upload web pages to internal FS, have few pages to shuffle around|
|Password protecion||Yes||The setup functionality and status is secured with a login/pass|
|SSID change||Yes||To keep your device low profile|
|OLED||Yes||Implemented in 1.9|
It is a device that I need when I play with pen-testing my lab.
There is nothing like this on the market to purchase. Most of the devices I've seen just perform deauth - which is a tiny part of the whole process. Running this attack on Raspberry PI is messy, and having this in a 5V small version allows you to use this as a throwie, and without the hassle of setting up OS and configuring.
You can run it on power bank, on solar power, or you can buy a Wemos D1 Battery shield.
It has a built in protocol (over WiFi) that sends out status for each of your deployed AttracThors in WiFi Range. Thanks to which you don't have to look at them. All you do is sit at home or in your car and listen to the updates as they come in on your terminal via WiFi.
You can use it as a throwie, or run it from a drone - the sky is the limit.
Please refer to the BOM (Latest Firmware) and DATASHEET (Latest Manual) section below. AttracThorSIS: https://easyupload.io/fqdmal
This is to be used only for testing and educational purposes against your own devices! I don't take responsibility for what you do with it.
Please check the legal regulations for your country to make sure you don't violate any laws.
No country selected, please select your country to see shipping options.
No rates are available for shipping to .
Enter your email address if you'd like to be notified when AttracThor can be shipped to you:
Thanks! We'll let you know when the seller adds shipping rates for your country.
|Shipping Rate||Tracked||Ships From||First Item||Additional Items|
Josh | April 3, 2021
Sean | July 14, 2020
We recognize our top users by making them a Tindarian. Tindarians have access to secret & unreleased features.
We look for the most active & best members of the Tindie community, and invite them to join. There isn't a selection process or form to fill out. The only way to become a Tindarian is by being a nice & active member of the Tindie community!