Simple play icon Course

Initial Access with WiFi-Pumpkin

by Ricardo Reimao

During a red team exercise, getting access to the internal network is one of your first tasks. In this course, we cover the WiFi-Pumpkin tool, which allows you to create rogue access points with fake captive portals.

What you'll learn

Having valid credentials is one of the most effective ways of getting access to the internal network of a company. It gives you the same level of access of a target employee, which often includes VPN access to the internal network as well as several external systems. In this course, Initial Access with WiFi-Pumpkin, you will explore the WiFi-Pumpkin tool, which is a rogue access point framework developed by Marcos Bomfim from the P0cL4bs. First, you will learn how to create rogue access points that look exactly like the WiFi network of your target company. Then, you will see how to set up captive portals, so that when users try to login to your rogue access point, they will be prompted to type their domain credentials and you can harvest them to use in other attacks. Finally, you will discover how to set up a rogue access point, how to set up a fake captive portal, how to customize the login page, and how to harvest the credentials that were submitted. By the end of this course, you will know two important tactics from the MITRE ATT&CK framework: Rogue WiFi Access Points (T1465) and Valid Accounts (T1078).

About the author

Ricardo is a Cybersecurity Consultant based in Toronto (Canada). He has 14+ years of IT experience, 10 of them in the IT Security field. His main interests are: SIEM solutions (IBM QRadar), Enterprise Security Risk, Penetration Testing, Security processes/procedures and Network Security.

Ready to upskill? Get started