This workshop will teach you how to deploy Rogue APs in your client's environment. Using Rogue APs lets you test your client's Wireless Intrusion Detection System, passwords, wireless phishing education, and overall wireless security. We will discuss Rogue AP Tactics, Techniques, and Procedures, and how and why they work. In this workshop we will walk through setting up an OPEN, CAPTIVE PORTAL, WPA2, and 802.1x Rogue AP. We will also go over OWE and WPA3-SAE transition mode Rogue APs.

The primary goal is setting up Rogue APs to harvest credentials. In the workshop, we will walk through a scenario at a client’s site, then set up a Rogue AP to harvest users’ credentials for the various networks at the site. We will go through how to crack the harvested credentials. We will be using EAPHAMMER, HOSTAPD-MANA, WIFIPHISHER, and AIRBASE-NG for the Rogue AP portion, HASHCAT, AIRCRACK-NG, and JOHN for the cracking portion. This workshop is for beginners, but participants should have basic Linux and 802.11 knowledge and be comfortable using virtual machines. It is recommended that participants use the provided VM.