Select Search Category

Unplugged: Modern
Wifi Hacking

This course is highly practical, with concepts taught through theory delivered while your hands are on the keyboard,and semi-self-directed practicals at the end of each section to reinforce the learning.The course is hosted in a "WiFi in the cloud" environment we invented several years ago, which means no more fiddling with faulty hardware or turning the classroom into a microwave.

Learning Objectives
Orange Cyberdefence
  • How Wi-Fi hacking fits into wider attack or defence objectives
  • Important physical and low level RF concepts and how to reason through/debug strange situations
  • Understanding how monitor mode works, when to use or not use it, and practical examples of what to do with collected frames or data
  • Grokking the WPA2 4-way handshake and the numerous ways of recovering PSKs and what do with them
  • First looks at attacking WPA3's Dragonfly handshake with downgrades
  • Grokking EAP & EAP vulnerabilities relating to certificate validation, tunnelled mode key derivation and how to practically attack them with downgrades, relays and manipulating state
Course Outline

              <div class=
  • How & Why
  • Physical & Low Level
  • Monitor Mode
  • Probing, Tracking & Deanonymisation
  • WPA/2/3 PSK
  • EAP
  • Tunneled EAP Relays
Session FAQ

This course is for anyone who wants to understand how to attack and defend Wi-Fi networks. It's an offensive course and has obvious benefits for pentesters and red teamers, however, it's also essential for disabusing defenders of false notions of security as well as what defences have a meaningful impact.

  • Take this course if you want to learn WiFi fundamentals well enough to adjust approaches when the basics aren't working.
  • Take this course to learn about new WiFi security protocols like WPA3 and OWE.
  • Take this course to learn about newer WiFi attacks like EAP tunnelling (sycophant), LootyBooty (EAP-GTC downgrade), PMKID cracking and more.

Students should have at least a basic understanding/familiarity with the Linux command line. Prior Wi-Fi hacking experience will help but is not required. The practicals are designed so that more advanced students can progress further and students new to the field can complete the base requirements.

A device with a working web browser and comfortable keyboard is all that is required.

Practicals are hosted at:

can be used to test compatibility and give you a feel for the practical environment. No WiFi hardware is required.

  • Access to our web class portal containing slides, practicals, walkthroughs and tools and prerequisites.
  • Access to your own individual lab with numerous targets and capabilities, used for the practicals.
  • The labs will be available after the course.

Subject matter experts from SensePost/Orange Cyberdefense