@felixvoigt

Part 4: WPA2/3-Mixed Mode (Downgrade & Rogue Access Point)

Apr 3 · 9 min read · 1. Executive Summary Although WPA3 effectively mitigates the offline dictionary attacks that troubled its predecessor, modern enterprise and home network infrastructures still rely on backward compati

Part 3: WPA2 Deauth & 4-Way Handshake (Frame Injection & Offline Cracking)

Apr 3 · 14 min read · 1. Executive Summary While the WPA2-Personal protocol ensures that the Pre-Shared Key (PSK) is never transmitted in plaintext, its architecture harbors a critical vulnerability: standard 802.11 Manage

Part 2: WPA2 PMKID (Silent & Clientless Attacks)

Apr 3 · 9 min read · 1. Executive Summary The PMKID attack represents a significant paradigm shift in 802.11 wireless network exploitation. This vector exploits a historical implementation flaw in the IEEE 802.11i Robust

Part 1: Pin-based Attacks on 802.11 (Legacy & WPS)

Apr 3 · 7 min read · 1. Executive Summary It must be stated upfront that in contemporary red teaming engagements, Wi-Fi Protected Setup (WPS) is largely considered a dead attack vector. The Wi-Fi Alliance has deprecated P