wifikit 0.1.0__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- wifikit-0.1.0/.github/workflows/ci.yml +31 -0
- wifikit-0.1.0/.github/workflows/release.yml +73 -0
- wifikit-0.1.0/.gitignore +37 -0
- wifikit-0.1.0/CODE_OF_CONDUCT.md +44 -0
- wifikit-0.1.0/CONTRIBUTING.md +47 -0
- wifikit-0.1.0/LICENSE +21 -0
- wifikit-0.1.0/PKG-INFO +280 -0
- wifikit-0.1.0/README.md +249 -0
- wifikit-0.1.0/SECURITY.md +24 -0
- wifikit-0.1.0/docs/architecture.md +101 -0
- wifikit-0.1.0/docs/assets/wifikit.gif +0 -0
- wifikit-0.1.0/docs/capture-to-crack.md +228 -0
- wifikit-0.1.0/docs/firmware.md +166 -0
- wifikit-0.1.0/docs/index.md +70 -0
- wifikit-0.1.0/docs/performance.md +84 -0
- wifikit-0.1.0/docs/troubleshooting.md +191 -0
- wifikit-0.1.0/docs/usage.md +179 -0
- wifikit-0.1.0/pyproject.toml +73 -0
- wifikit-0.1.0/src/wifikit/__init__.py +19 -0
- wifikit-0.1.0/src/wifikit/__main__.py +6 -0
- wifikit-0.1.0/src/wifikit/bench.py +174 -0
- wifikit-0.1.0/src/wifikit/bootstrap.py +159 -0
- wifikit-0.1.0/src/wifikit/capture.py +388 -0
- wifikit-0.1.0/src/wifikit/cli.py +391 -0
- wifikit-0.1.0/src/wifikit/doctor.py +131 -0
- wifikit-0.1.0/src/wifikit/flash.py +195 -0
- wifikit-0.1.0/src/wifikit/marauder.py +228 -0
- wifikit-0.1.0/src/wifikit/session.py +216 -0
- wifikit-0.1.0/src/wifikit/tui.py +617 -0
- wifikit-0.1.0/tests/test_bench.py +52 -0
- wifikit-0.1.0/tests/test_bootstrap.py +77 -0
- wifikit-0.1.0/tests/test_capture.py +93 -0
- wifikit-0.1.0/tests/test_doctor.py +55 -0
- wifikit-0.1.0/tests/test_marauder.py +100 -0
- wifikit-0.1.0/uv.lock +769 -0
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
name: CI
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
branches: [main]
|
|
6
|
+
pull_request:
|
|
7
|
+
|
|
8
|
+
jobs:
|
|
9
|
+
lint-and-test:
|
|
10
|
+
runs-on: ubuntu-latest
|
|
11
|
+
strategy:
|
|
12
|
+
matrix:
|
|
13
|
+
python-version: ["3.10", "3.11", "3.12", "3.13"]
|
|
14
|
+
steps:
|
|
15
|
+
- uses: actions/checkout@v4
|
|
16
|
+
|
|
17
|
+
- name: Install uv
|
|
18
|
+
uses: astral-sh/setup-uv@v5
|
|
19
|
+
with:
|
|
20
|
+
python-version: ${{ matrix.python-version }}
|
|
21
|
+
|
|
22
|
+
- name: Install dependencies
|
|
23
|
+
run: uv sync
|
|
24
|
+
|
|
25
|
+
- name: Lint (ruff)
|
|
26
|
+
run: |
|
|
27
|
+
uv run ruff check .
|
|
28
|
+
uv run ruff format --check .
|
|
29
|
+
|
|
30
|
+
- name: Test (pytest)
|
|
31
|
+
run: uv run pytest -q
|
|
@@ -0,0 +1,73 @@
|
|
|
1
|
+
name: Release
|
|
2
|
+
|
|
3
|
+
# Cut a PyPI release by pushing a version tag, e.g.:
|
|
4
|
+
# git tag v0.1.0 && git push origin v0.1.0
|
|
5
|
+
# hatch-vcs turns the tag into the package version, and the package is published
|
|
6
|
+
# to PyPI using an API token stored as the repo secret PYPI_API_TOKEN.
|
|
7
|
+
on:
|
|
8
|
+
push:
|
|
9
|
+
tags:
|
|
10
|
+
- "v*"
|
|
11
|
+
|
|
12
|
+
jobs:
|
|
13
|
+
build:
|
|
14
|
+
name: Build sdist + wheel
|
|
15
|
+
runs-on: ubuntu-latest
|
|
16
|
+
steps:
|
|
17
|
+
- uses: actions/checkout@v4
|
|
18
|
+
with:
|
|
19
|
+
fetch-depth: 0 # full history + tags so hatch-vcs can read the version
|
|
20
|
+
|
|
21
|
+
- name: Install uv
|
|
22
|
+
uses: astral-sh/setup-uv@v5
|
|
23
|
+
with:
|
|
24
|
+
python-version: "3.12"
|
|
25
|
+
|
|
26
|
+
- name: Build
|
|
27
|
+
run: uv build
|
|
28
|
+
|
|
29
|
+
- name: Show built version
|
|
30
|
+
run: ls -l dist/
|
|
31
|
+
|
|
32
|
+
- uses: actions/upload-artifact@v4
|
|
33
|
+
with:
|
|
34
|
+
name: dist
|
|
35
|
+
path: dist/
|
|
36
|
+
|
|
37
|
+
publish:
|
|
38
|
+
name: Publish to PyPI
|
|
39
|
+
needs: build
|
|
40
|
+
runs-on: ubuntu-latest
|
|
41
|
+
steps:
|
|
42
|
+
- uses: actions/download-artifact@v4
|
|
43
|
+
with:
|
|
44
|
+
name: dist
|
|
45
|
+
path: dist/
|
|
46
|
+
|
|
47
|
+
- name: Publish
|
|
48
|
+
uses: pypa/gh-action-pypi-publish@release/v1
|
|
49
|
+
with:
|
|
50
|
+
# API token stored as a repo secret (Settings → Secrets → Actions).
|
|
51
|
+
password: ${{ secrets.PYPI_API_TOKEN }}
|
|
52
|
+
|
|
53
|
+
github-release:
|
|
54
|
+
name: GitHub Release
|
|
55
|
+
needs: publish
|
|
56
|
+
runs-on: ubuntu-latest
|
|
57
|
+
permissions:
|
|
58
|
+
contents: write
|
|
59
|
+
steps:
|
|
60
|
+
- uses: actions/download-artifact@v4
|
|
61
|
+
with:
|
|
62
|
+
name: dist
|
|
63
|
+
path: dist/
|
|
64
|
+
|
|
65
|
+
- name: Create GitHub Release with artifacts
|
|
66
|
+
env:
|
|
67
|
+
GH_TOKEN: ${{ github.token }}
|
|
68
|
+
run: >
|
|
69
|
+
gh release create "${GITHUB_REF_NAME}"
|
|
70
|
+
--repo "${GITHUB_REPOSITORY}"
|
|
71
|
+
--title "${GITHUB_REF_NAME}"
|
|
72
|
+
--generate-notes
|
|
73
|
+
dist/*
|
wifikit-0.1.0/.gitignore
ADDED
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
# Python
|
|
2
|
+
__pycache__/
|
|
3
|
+
*.py[cod]
|
|
4
|
+
*.egg-info/
|
|
5
|
+
.eggs/
|
|
6
|
+
build/
|
|
7
|
+
dist/
|
|
8
|
+
.pytest_cache/
|
|
9
|
+
.ruff_cache/
|
|
10
|
+
|
|
11
|
+
# Virtual environments
|
|
12
|
+
.venv/
|
|
13
|
+
venv/
|
|
14
|
+
env/
|
|
15
|
+
|
|
16
|
+
# uv
|
|
17
|
+
# (uv.lock IS committed for apps; keep it tracked)
|
|
18
|
+
|
|
19
|
+
# Firmware blobs are fetched at flash time, never vendored
|
|
20
|
+
*.bin
|
|
21
|
+
|
|
22
|
+
# Session / capture artifacts
|
|
23
|
+
*.pcap
|
|
24
|
+
*.pcapng
|
|
25
|
+
*.hc22000
|
|
26
|
+
.wifikit_history
|
|
27
|
+
|
|
28
|
+
# Internal session working docs — kept local, not part of the published repo.
|
|
29
|
+
# Public documentation lives in docs/.
|
|
30
|
+
/HANDOFF.md
|
|
31
|
+
/CAPTURE_STREAMING.md
|
|
32
|
+
|
|
33
|
+
# OS / editor
|
|
34
|
+
.DS_Store
|
|
35
|
+
*.swp
|
|
36
|
+
.idea/
|
|
37
|
+
.vscode/
|
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
# Contributor Covenant Code of Conduct
|
|
2
|
+
|
|
3
|
+
## Our Pledge
|
|
4
|
+
|
|
5
|
+
We as members, contributors, and leaders pledge to make participation in our
|
|
6
|
+
community a harassment-free experience for everyone, regardless of age, body
|
|
7
|
+
size, visible or invisible disability, ethnicity, sex characteristics, gender
|
|
8
|
+
identity and expression, level of experience, education, socio-economic status,
|
|
9
|
+
nationality, personal appearance, race, religion, or sexual identity and
|
|
10
|
+
orientation.
|
|
11
|
+
|
|
12
|
+
We pledge to act and interact in ways that contribute to an open, welcoming,
|
|
13
|
+
diverse, inclusive, and healthy community.
|
|
14
|
+
|
|
15
|
+
## Our Standards
|
|
16
|
+
|
|
17
|
+
Examples of behavior that contributes to a positive environment:
|
|
18
|
+
|
|
19
|
+
- Demonstrating empathy and kindness toward other people
|
|
20
|
+
- Being respectful of differing opinions, viewpoints, and experiences
|
|
21
|
+
- Giving and gracefully accepting constructive feedback
|
|
22
|
+
- Focusing on what is best for the overall community
|
|
23
|
+
|
|
24
|
+
Examples of unacceptable behavior:
|
|
25
|
+
|
|
26
|
+
- The use of sexualized language or imagery, and unwelcome sexual attention
|
|
27
|
+
- Trolling, insulting or derogatory comments, and personal or political attacks
|
|
28
|
+
- Public or private harassment
|
|
29
|
+
- Publishing others' private information without explicit permission
|
|
30
|
+
- Encouraging or facilitating unlawful use of this project
|
|
31
|
+
|
|
32
|
+
## Enforcement
|
|
33
|
+
|
|
34
|
+
Instances of abusive, harassing, or otherwise unacceptable behavior may be
|
|
35
|
+
reported to the maintainer at `ravindra@budgurjar.org`. All complaints will be
|
|
36
|
+
reviewed and investigated promptly and fairly.
|
|
37
|
+
|
|
38
|
+
## Attribution
|
|
39
|
+
|
|
40
|
+
This Code of Conduct is adapted from the [Contributor Covenant][homepage],
|
|
41
|
+
version 2.1, available at
|
|
42
|
+
https://www.contributor-covenant.org/version/2/1/code_of_conduct.html.
|
|
43
|
+
|
|
44
|
+
[homepage]: https://www.contributor-covenant.org
|
|
@@ -0,0 +1,47 @@
|
|
|
1
|
+
# Contributing to wifikit
|
|
2
|
+
|
|
3
|
+
Thanks for your interest! Contributions of all kinds are welcome — bug reports,
|
|
4
|
+
features, docs, and board-compatibility notes.
|
|
5
|
+
|
|
6
|
+
## Ground rules
|
|
7
|
+
|
|
8
|
+
- **Authorized use only.** This project exists for lawful security testing and
|
|
9
|
+
education. Do not submit code whose primary purpose is to attack third-party
|
|
10
|
+
networks, evade detection maliciously, or otherwise facilitate unlawful use.
|
|
11
|
+
- Be respectful — see the [Code of Conduct](CODE_OF_CONDUCT.md).
|
|
12
|
+
|
|
13
|
+
## Development setup
|
|
14
|
+
|
|
15
|
+
We use [uv](https://github.com/astral-sh/uv) for environments and packaging.
|
|
16
|
+
|
|
17
|
+
```bash
|
|
18
|
+
git clone https://github.com/BadRat-in/wifikit
|
|
19
|
+
cd wifikit
|
|
20
|
+
uv sync # venv + runtime + dev deps
|
|
21
|
+
```
|
|
22
|
+
|
|
23
|
+
Before opening a PR, make sure these pass:
|
|
24
|
+
|
|
25
|
+
```bash
|
|
26
|
+
uv run ruff check . # lint
|
|
27
|
+
uv run ruff format --check .
|
|
28
|
+
uv run pytest # unit tests (no hardware required)
|
|
29
|
+
```
|
|
30
|
+
|
|
31
|
+
## Guidelines
|
|
32
|
+
|
|
33
|
+
- **Docstrings & comments**: every module and public function should have a
|
|
34
|
+
docstring explaining *what* and *why*; comment non-obvious logic.
|
|
35
|
+
- **Keep firmware knowledge in `marauder.py`** and transport in `session.py` so
|
|
36
|
+
the UIs stay firmware-agnostic.
|
|
37
|
+
- **Small, focused commits** with clear messages (Conventional Commits style,
|
|
38
|
+
e.g. `feat(tui): add station table`).
|
|
39
|
+
- Add or update tests for parsing/logic changes.
|
|
40
|
+
- Do not vendor Marauder firmware binaries into the repo — they are fetched at
|
|
41
|
+
flash time.
|
|
42
|
+
|
|
43
|
+
## Reporting bugs
|
|
44
|
+
|
|
45
|
+
Open an issue with your board model, `wifikit --list-ports` output, the command
|
|
46
|
+
you ran, and what happened. For security-sensitive reports, see
|
|
47
|
+
[SECURITY.md](SECURITY.md).
|
wifikit-0.1.0/LICENSE
ADDED
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
MIT License
|
|
2
|
+
|
|
3
|
+
Copyright (c) 2026 Ravindra Singh
|
|
4
|
+
|
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
6
|
+
of this software and associated documentation files (the "Software"), to deal
|
|
7
|
+
in the Software without restriction, including without limitation the rights
|
|
8
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
9
|
+
copies of the Software, and to permit persons to whom the Software is
|
|
10
|
+
furnished to do so, subject to the following conditions:
|
|
11
|
+
|
|
12
|
+
The above copyright notice and this permission notice shall be included in all
|
|
13
|
+
copies or substantial portions of the Software.
|
|
14
|
+
|
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
17
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
18
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
19
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
20
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
21
|
+
SOFTWARE.
|
wifikit-0.1.0/PKG-INFO
ADDED
|
@@ -0,0 +1,280 @@
|
|
|
1
|
+
Metadata-Version: 2.4
|
|
2
|
+
Name: wifikit
|
|
3
|
+
Version: 0.1.0
|
|
4
|
+
Summary: Terminal UI + CLI to drive an ESP32 running the Marauder firmware for authorized WiFi security testing.
|
|
5
|
+
Project-URL: Homepage, https://github.com/BadRat-in/wifikit
|
|
6
|
+
Project-URL: Repository, https://github.com/BadRat-in/wifikit
|
|
7
|
+
Project-URL: Issues, https://github.com/BadRat-in/wifikit/issues
|
|
8
|
+
Author-email: Ravindra Singh <ravindra@budgurjar.org>
|
|
9
|
+
License-Expression: MIT
|
|
10
|
+
License-File: LICENSE
|
|
11
|
+
Keywords: 802.11,deauth,esp32,hardware,marauder,pentest,security,textual,tui,wardriving,wifi
|
|
12
|
+
Classifier: Development Status :: 4 - Beta
|
|
13
|
+
Classifier: Environment :: Console
|
|
14
|
+
Classifier: Intended Audience :: Developers
|
|
15
|
+
Classifier: Intended Audience :: Information Technology
|
|
16
|
+
Classifier: License :: OSI Approved :: MIT License
|
|
17
|
+
Classifier: Operating System :: OS Independent
|
|
18
|
+
Classifier: Programming Language :: Python :: 3
|
|
19
|
+
Classifier: Programming Language :: Python :: 3.10
|
|
20
|
+
Classifier: Programming Language :: Python :: 3.11
|
|
21
|
+
Classifier: Programming Language :: Python :: 3.12
|
|
22
|
+
Classifier: Programming Language :: Python :: 3.13
|
|
23
|
+
Classifier: Topic :: Security
|
|
24
|
+
Classifier: Topic :: System :: Networking :: Monitoring
|
|
25
|
+
Requires-Python: >=3.10
|
|
26
|
+
Requires-Dist: esptool>=4.0
|
|
27
|
+
Requires-Dist: prompt-toolkit>=3.0
|
|
28
|
+
Requires-Dist: pyserial>=3.5
|
|
29
|
+
Requires-Dist: textual>=0.80
|
|
30
|
+
Description-Content-Type: text/markdown
|
|
31
|
+
|
|
32
|
+
# wifikit
|
|
33
|
+
|
|
34
|
+
**A terminal UI + CLI for driving an ESP32 running the [ESP32 Marauder][marauder] firmware — for authorized WiFi security testing and learning.**
|
|
35
|
+
|
|
36
|
+
[](https://github.com/BadRat-in/wifikit/blob/main/LICENSE)
|
|
37
|
+
[](https://www.python.org/)
|
|
38
|
+
[](https://github.com/BadRat-in/wifikit/actions/workflows/ci.yml)
|
|
39
|
+
[](https://github.com/astral-sh/ruff)
|
|
40
|
+
[](https://github.com/Textualize/textual)
|
|
41
|
+
[](https://github.com/BadRat-in/wifikit/blob/main/CONTRIBUTING.md)
|
|
42
|
+
|
|
43
|
+
`wifikit` turns the raw Marauder serial command line into a single-screen,
|
|
44
|
+
target-oriented dashboard. Instead of memorising commands or juggling the
|
|
45
|
+
multi-terminal aircrack-ng workflow (airodump here, aireplay there, aircrack in
|
|
46
|
+
a third window), you **scan**, **pick a target from a live table**, and act on
|
|
47
|
+
it from a menu or with hotkeys — then run the host-side crack from the same UI.
|
|
48
|
+
|
|
49
|
+
<p align="center">
|
|
50
|
+
<img src="https://raw.githubusercontent.com/BadRat-in/wifikit/main/docs/assets/wifikit.gif" width="820"
|
|
51
|
+
alt="wifikit TUI cycling through the Targets, Stations, Console and Crack tabs">
|
|
52
|
+
</p>
|
|
53
|
+
|
|
54
|
+
> The demo above runs with `wifikit --demo` (sample data, no board required).
|
|
55
|
+
|
|
56
|
+
---
|
|
57
|
+
|
|
58
|
+
## ⚠️ Legal & authorized-use notice
|
|
59
|
+
|
|
60
|
+
This is a tool for **authorized security testing and education only**. Attacking
|
|
61
|
+
networks you do not own or lack **explicit written permission** to test is
|
|
62
|
+
illegal in most jurisdictions.
|
|
63
|
+
|
|
64
|
+
- Only use `wifikit` against **your own** networks/devices or those you are
|
|
65
|
+
contractually authorized to assess.
|
|
66
|
+
- Deauthentication and handshake capture affect real users on a network — never
|
|
67
|
+
run them against third parties.
|
|
68
|
+
- The authors accept **no liability** for misuse. By using this software you
|
|
69
|
+
agree you are solely responsible for complying with all applicable laws.
|
|
70
|
+
|
|
71
|
+
`wifikit` is a *front-end*: it drives the already-open-source ESP32 Marauder
|
|
72
|
+
firmware and standard tools like `hashcat`/`aircrack-ng`. It contains no novel
|
|
73
|
+
attack code.
|
|
74
|
+
|
|
75
|
+
---
|
|
76
|
+
|
|
77
|
+
## Features
|
|
78
|
+
|
|
79
|
+
- 🖥️ **Textual TUI** (default): live AP table, tabbed layout, mouse + keyboard.
|
|
80
|
+
- 🎯 **Target-oriented**: select an AP, then Deauth / Capture PMKID / Capture
|
|
81
|
+
handshake / set channel — via an Actions menu (Enter or right-click) or hotkeys.
|
|
82
|
+
- 👥 **Stations tab**: clients grouped by AP (via Marauder's `list -c`), populated
|
|
83
|
+
live during a scan; select a station to deauth it directly.
|
|
84
|
+
- 📥 **SD-free capture**: `wifikit --capture --channel N` streams the pcap over
|
|
85
|
+
USB (Marauder's `-serial`) into `captures/` — no microSD card needed.
|
|
86
|
+
- 🔌 **Auto-detects** the ESP32's serial port (by USB-UART chip), ignoring
|
|
87
|
+
Bluetooth/debug ports.
|
|
88
|
+
- ⌨️ **Nice REPL** (`--cli`): local echo, history and tab-completion — a painless
|
|
89
|
+
replacement for `screen`, which Marauder's non-echoing CLI makes miserable.
|
|
90
|
+
- 🤖 **Scriptable** one-shot mode (`--exec "scanall"`).
|
|
91
|
+
- 🧨 **Integrated cracking**: run `hashcat`/`aircrack-ng` in a Crack tab with live
|
|
92
|
+
streaming output — scan → deauth → capture → crack in one place.
|
|
93
|
+
- ⚡ **One-command flashing** of the correct classic-ESP32 build (`wifikit-flash`).
|
|
94
|
+
|
|
95
|
+
```
|
|
96
|
+
● /dev/cu.usbserial-…. | SCANNING | APs: 4 | [s]can [x]stop [r]efresh
|
|
97
|
+
┌ Targets ─┬ Console ─┬ Crack ─────────────────────────────────────────────────┐
|
|
98
|
+
│ Idx CH ESSID / BSSID RSSI │
|
|
99
|
+
│ 0 3 rb_alderson -72 ← cursor; press Enter for Actions │
|
|
100
|
+
│ 1 3 8e:86:dd:a0:8b:68 -73 │
|
|
101
|
+
│ 2 3 rb_alderson -84 │
|
|
102
|
+
└──────────────────────────────────────────────────────────────────────────────┘
|
|
103
|
+
s Scan x Stop r Refresh a Actions d Deauth p PMKID ^r Reconnect q Quit
|
|
104
|
+
```
|
|
105
|
+
|
|
106
|
+
## Documentation
|
|
107
|
+
|
|
108
|
+
Full guides live in [`docs/`](https://github.com/BadRat-in/wifikit/tree/main/docs):
|
|
109
|
+
|
|
110
|
+
- [Overview & mental model](https://github.com/BadRat-in/wifikit/blob/main/docs/index.md) — what wifikit is and how to navigate.
|
|
111
|
+
- [Architecture](https://github.com/BadRat-in/wifikit/blob/main/docs/architecture.md) — modules, data flow, threading.
|
|
112
|
+
- [Usage](https://github.com/BadRat-in/wifikit/blob/main/docs/usage.md) — flashing, the TUI, the CLI/REPL, hotkeys.
|
|
113
|
+
- [Capture → crack](https://github.com/BadRat-in/wifikit/blob/main/docs/capture-to-crack.md) — the SD-free `-serial` workflow.
|
|
114
|
+
- [Performance & GPU](https://github.com/BadRat-in/wifikit/blob/main/docs/performance.md) — measured crack rates, `--benchmark`.
|
|
115
|
+
- [Firmware](https://github.com/BadRat-in/wifikit/blob/main/docs/firmware.md) — the Marauder build, `-serial`, future plans.
|
|
116
|
+
- [Troubleshooting](https://github.com/BadRat-in/wifikit/blob/main/docs/troubleshooting.md) — ports, baud, captures, and more.
|
|
117
|
+
|
|
118
|
+
## Hardware
|
|
119
|
+
|
|
120
|
+
- An **ESP32** board (developed and tested on a classic **ESP32-WROOM-32**
|
|
121
|
+
DevKit) flashed with **ESP32 Marauder**.
|
|
122
|
+
- A **microSD module** (SPI) is **optional** — capture streams over USB via
|
|
123
|
+
Marauder's `-serial`, so an SD card is only needed for *untethered* capture
|
|
124
|
+
(running the board off the host).
|
|
125
|
+
|
|
126
|
+
## Install
|
|
127
|
+
|
|
128
|
+
Requires Python 3.10+. Using [uv][uv] (recommended):
|
|
129
|
+
|
|
130
|
+
```bash
|
|
131
|
+
uv tool install wifikit # once published to PyPI
|
|
132
|
+
# or run from a clone:
|
|
133
|
+
uv venv && uv pip install -e .
|
|
134
|
+
```
|
|
135
|
+
|
|
136
|
+
With pipx:
|
|
137
|
+
|
|
138
|
+
```bash
|
|
139
|
+
pipx install wifikit
|
|
140
|
+
```
|
|
141
|
+
|
|
142
|
+
Installing wifikit pulls its **Python** dependencies automatically (including
|
|
143
|
+
`esptool` for flashing). Nothing else is needed to **scan, deauth, or capture**.
|
|
144
|
+
|
|
145
|
+
## Requirements: external tools (for cracking)
|
|
146
|
+
|
|
147
|
+
The **cracking** half of the workflow shells out to native CLI tools that pip
|
|
148
|
+
**cannot** install — grab them from your OS package manager. They're optional:
|
|
149
|
+
everything except cracking works without them.
|
|
150
|
+
|
|
151
|
+
```bash
|
|
152
|
+
wifikit --setup # auto-install the missing tools (brew/apt/dnf/pacman)
|
|
153
|
+
wifikit --doctor # just report what's present + how to install the rest
|
|
154
|
+
```
|
|
155
|
+
|
|
156
|
+
`--setup` detects your package manager, shows the exact command, and installs the
|
|
157
|
+
missing tools; the underlying commands are:
|
|
158
|
+
|
|
159
|
+
| Tool | Needed for | macOS | Debian/Ubuntu |
|
|
160
|
+
| :-- | :-- | :-- | :-- |
|
|
161
|
+
| `hashcat` | crack WPA (Crack tab, `--benchmark`) | `brew install hashcat` | `sudo apt install hashcat` |
|
|
162
|
+
| `hcxtools` (`hcxpcapngtool`) | convert `.pcap` → `.hc22000` | `brew install hcxtools` | `sudo apt install hcxtools` |
|
|
163
|
+
| `aircrack-ng` | alternative cracker (optional) | `brew install aircrack-ng` | `sudo apt install aircrack-ng` |
|
|
164
|
+
|
|
165
|
+
The **ESP32 firmware** is not a manual dependency — `wifikit-flash` downloads the
|
|
166
|
+
correct Marauder build on demand from the official release.
|
|
167
|
+
|
|
168
|
+
## Flash the ESP32
|
|
169
|
+
|
|
170
|
+
`wifikit-flash` downloads the **correct classic-ESP32 build** (the `old_hardware`
|
|
171
|
+
app plus the matching bootloader/partition table) and writes it. It does **not**
|
|
172
|
+
vendor Marauder's binaries — they are fetched from the official release.
|
|
173
|
+
|
|
174
|
+
```bash
|
|
175
|
+
wifikit-flash # auto-detect port, flash at a safe 115200 baud
|
|
176
|
+
wifikit-flash --erase # wipe flash first
|
|
177
|
+
```
|
|
178
|
+
|
|
179
|
+
> Note: the Marauder `flipper` build is for the ESP32-**S2** and will **not** run
|
|
180
|
+
> on a classic WROOM-32 (`Unexpected chip ID`). `wifikit-flash` picks the right
|
|
181
|
+
> one for you.
|
|
182
|
+
|
|
183
|
+
## Usage
|
|
184
|
+
|
|
185
|
+
```bash
|
|
186
|
+
wifikit # launch the TUI (auto-detect the board)
|
|
187
|
+
wifikit --cli # line-based REPL instead of the TUI
|
|
188
|
+
wifikit --exec "scanall" --timeout 15 # one-shot, print output, exit
|
|
189
|
+
wifikit --capture --channel 3 # stream a pcap over USB into captures/ (no SD)
|
|
190
|
+
wifikit --list-ports # show candidate serial ports
|
|
191
|
+
wifikit --demo # try the TUI with sample data (no board needed)
|
|
192
|
+
wifikit --benchmark # measure this GPU's WPA crack rate + time table
|
|
193
|
+
wifikit --doctor # check external tools (hashcat, hcxtools) + hints
|
|
194
|
+
wifikit --setup # auto-install missing external tools (--yes to skip prompt)
|
|
195
|
+
```
|
|
196
|
+
|
|
197
|
+
`--capture` also accepts `--seconds S`, `--mode pmkid|handshake`, and `--out
|
|
198
|
+
PATH`. It enables Marauder's `SavePCAP`, sniffs with `-serial`, and reassembles
|
|
199
|
+
the streamed `.pcap` on the host.
|
|
200
|
+
|
|
201
|
+
**TUI hotkeys:** `s` scan · `x` stop · `r` refresh list · `a`/Enter actions ·
|
|
202
|
+
`d` deauth selected · `p` PMKID selected · `Ctrl-R` reconnect · `q` quit. The
|
|
203
|
+
**Stations** tab lists clients grouped by AP and fills live during a scan.
|
|
204
|
+
|
|
205
|
+
### The capture → crack loop (on *your own* network)
|
|
206
|
+
|
|
207
|
+
No SD card required — the capture streams over USB straight to your Mac.
|
|
208
|
+
|
|
209
|
+
1. `s` to scan, `x` to stop — the table fills live from Marauder's `list -a`.
|
|
210
|
+
2. Highlight your AP, press **Enter** → **Capture (stream to Mac)**, or from the
|
|
211
|
+
CLI run `wifikit --capture --channel N` (add `--seconds S`, `--mode
|
|
212
|
+
pmkid|handshake`, `--out PATH`).
|
|
213
|
+
3. **Deauth** briefly to force a client to reconnect (generates a handshake).
|
|
214
|
+
4. `wifikit` enables Marauder's `SavePCAP`, runs the sniff with `-serial`, and
|
|
215
|
+
**reassembles the streamed `.pcap` into `captures/`** — then converts it via
|
|
216
|
+
`hcxpcapngtool` to an `hc22000` line.
|
|
217
|
+
5. In the **Crack** tab, run e.g.
|
|
218
|
+
`hashcat -m 22000 capture.hc22000 wordlist.txt` — output streams live.
|
|
219
|
+
|
|
220
|
+
## How it works
|
|
221
|
+
|
|
222
|
+
```
|
|
223
|
+
┌────────────── wifikit (Python) ──────────────┐
|
|
224
|
+
ESP32 <──USB serial──> session.py ──> tui.py / cli.py
|
|
225
|
+
Marauder (threaded I/O) (UI + parsing)
|
|
226
|
+
│
|
|
227
|
+
marauder.py (command set + `list` parser)
|
|
228
|
+
│
|
|
229
|
+
flash.py (esptool + firmware fetch)
|
|
230
|
+
```
|
|
231
|
+
|
|
232
|
+
- `session.py` — port auto-detect + a threaded serial reader/writer.
|
|
233
|
+
- `marauder.py` — the firmware's command set and `list` parser (APs + stations).
|
|
234
|
+
- `capture.py` — demuxes Marauder's `-serial` pcap stream into a `.pcap` and
|
|
235
|
+
(optionally) converts it to `hc22000` via `hcxpcapngtool`.
|
|
236
|
+
- `cli.py` / `tui.py` — the two front-ends (REPL and Textual dashboard).
|
|
237
|
+
- `flash.py` — one-command flashing via `esptool`.
|
|
238
|
+
|
|
239
|
+
## Development
|
|
240
|
+
|
|
241
|
+
```bash
|
|
242
|
+
uv sync # create venv + install deps (incl. dev group)
|
|
243
|
+
uv run ruff check . # lint
|
|
244
|
+
uv run ruff format . # format
|
|
245
|
+
uv run pytest # tests (parser/port logic run without hardware)
|
|
246
|
+
```
|
|
247
|
+
|
|
248
|
+
Please read [CONTRIBUTING.md](https://github.com/BadRat-in/wifikit/blob/main/CONTRIBUTING.md) and the
|
|
249
|
+
[Code of Conduct](https://github.com/BadRat-in/wifikit/blob/main/CODE_OF_CONDUCT.md). Security reports: see [SECURITY.md](https://github.com/BadRat-in/wifikit/blob/main/SECURITY.md).
|
|
250
|
+
|
|
251
|
+
## Acknowledgements & credits
|
|
252
|
+
|
|
253
|
+
`wifikit` stands entirely on the shoulders of these projects — please star and
|
|
254
|
+
support them:
|
|
255
|
+
|
|
256
|
+
- **[ESP32 Marauder][marauder]** by **[justcallmekoko][jcmk]** — the firmware
|
|
257
|
+
that does all the actual WiFi/BLE work. `wifikit` is only a host-side driver
|
|
258
|
+
for it; the firmware binaries it flashes are built and distributed by that
|
|
259
|
+
project.
|
|
260
|
+
- **[Textual][textual]** & **Rich** by Textualize — the TUI framework.
|
|
261
|
+
- **[pyserial][pyserial]** — serial transport.
|
|
262
|
+
- **[esptool][esptool]** by Espressif — flashing.
|
|
263
|
+
- **[prompt_toolkit][ptk]** — the REPL experience.
|
|
264
|
+
- **[hashcat][hashcat]** and **[aircrack-ng][aircrack]** — the cracking tools the
|
|
265
|
+
Crack tab drives.
|
|
266
|
+
|
|
267
|
+
## License
|
|
268
|
+
|
|
269
|
+
[MIT](https://github.com/BadRat-in/wifikit/blob/main/LICENSE) © 2026 Ravindra Singh. The ESP32 Marauder firmware is the property
|
|
270
|
+
of its respective authors under its own license.
|
|
271
|
+
|
|
272
|
+
[marauder]: https://github.com/justcallmekoko/ESP32Marauder
|
|
273
|
+
[jcmk]: https://github.com/justcallmekoko
|
|
274
|
+
[textual]: https://github.com/Textualize/textual
|
|
275
|
+
[pyserial]: https://github.com/pyserial/pyserial
|
|
276
|
+
[esptool]: https://github.com/espressif/esptool
|
|
277
|
+
[ptk]: https://github.com/prompt-toolkit/python-prompt-toolkit
|
|
278
|
+
[hashcat]: https://hashcat.net/hashcat/
|
|
279
|
+
[aircrack]: https://www.aircrack-ng.org/
|
|
280
|
+
[uv]: https://github.com/astral-sh/uv
|