Evil Twin Access Point | WiFI Pumpkin

Profile image for skyle17
October 6, 2016 | Views: 9409

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

Hello Everyone:

I would like to share how to setup an Evil Twin Access Point.


Operating System: Kali 2.0/WifiSlax 4.11.1/Parrot 3.0.1/2.0.5

In other Linux like UBUNTU you need to install the following dependencies:

  •     Python 2.7
  •     hostapd
  •     isc-dhcp-server
  •     php
  •     aircrack-ng
  •     dnsmasq

WiFi Adapter: TP-LINK TL-WN722N – I use these on my presentation and demo using 2PCSS.

Note: If you are using VMWARE you can bridge the connection, Connect your OS to through WIFI, if you are using PURE Kali use one LAN for internet source and use the WIFI Adapter for FAKE AP



git clone https://github.com/P0cL4bs/WiFi-Pumpkin.git
 cd WiFi-Pumpkin
 ./installer.sh --install

Note: Use sudo or install in root access.


WIFI Pumpkin

WiFi-Pumpkin is a open source security tool that provides the Rogue access point to Man-In-The-Middle and network attacks.


  • Rogue Wi-Fi Access Point
  • Deauth Attack Clients AP
  • Probe Request Monitor
  • DHCP Starvation Attack
  • Credentials Monitor
  • Transparent Proxy
  • Windows Update Attack
  • Phishing Manager
  • Partial Bypass HSTS protocol
  • Support beef hook
  • Mac Changer
  • ARP Poison
  • DNS Spoof
  • Patch Binaries via MITM


Now, I  would like to share the process how to Capture POST Credentials Request using WiFi-Pumpkin.


Step 1: We need to install follow instruction above.

Step 2: Just start using “sudo wifi-pumpkin” after installed


Step 3: Click Start -> View ->Credential NetCreds

Step 4: Capture Logs
Capture Logs

Step 4: If the Victim connected and login to nont-https

Step 5: Viola, you get plain text credentials

This is for educational purpose and thank to the P0cL4bs Team

Stay tuned and I will show you next the tutorial in bypassing HSTS.




Share with Friends
Use Cybytes and
Tip the Author!
Share with Friends
Ready to share your knowledge and expertise?
  1. Thanks everyone

  2. Running on Kali, but can’t the network adapter to fill.

  3. gonna try this now!!

  4. thank you! i’m going to try this,

  5. Thanks! Good job

Page 2 of 4«1234»
Comment on This

You must be logged in to post a comment.

Get more out of Cybrary
Reach an audience of 1,500,000+ IT and cyber professionals, including the world's top companies
Create impact at a scale by reaching a global audience
Build your personal brand
Supplement or replace your income (average instructor makes ~$1,000 - $2,000/month)
Access the world's largest talent pool of cyber security professionals, and receive candidates with pre-assessed technical skills
Eliminate the pain and costs of technical vetting
Receive candidate skill profiles highlighting knowledge and technical proficiency
Reach active and passive candidates; and, fill your pipeline with pre-vetted, qualified cyber professionals
Get a Job
Work with a dedicated mentor to help you select the career that's right for you, and get a job at one of the world's top companies.
Receive all the training and assessments you need to prepare for the job
Work with a dedicated Mentor
Get placed through Cybrary for jobs earning average salaries of $116,000/yr

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?