Education is the most powerful weapon used to change the world

Having trained thousands of students on the art of network and application exploitation for the past decade, it's safe to say we enjoy teaching others how to own networks and applications. Our courses are developed from the work we perform for clients, so that you get a better understanding of how to exploit real-world scenarios.

Unplugged - Modern WiFi Hacking

Unplugged - Modern WiFi Hacking

This course is all about understanding and compromising modern Wi-Fi networks. This course will take you on a journey to understand the basic hardware and different security protocols involved in wireless networks. By the end of the course you will understand how to master WiFi attacks in such a way that you can vary them when you encounter real world complexities. You will also be introduced to newer types of WiFi security protocols and some great new attacks.

Course Details

If you want to learn how to understand and compromise WiFi networks, this is your course.

Learning modern WiFi hacking can be a pain. There is lots of outdated material for technologies we rarely see deployed in the real world anymore. Numerous tools overly rely on automation, and leave you wondering when they don't work, because neither the fundamentals nor underlying attack is understood. Even worse, some popular attacks will rarely if ever work in the real world.

If you want to really understand what's going on, and master the attacks in such a way that you can vary them when you encounter real world complexities, this course will teach you what you need to know.

We've been pentesting WiFi networks for nearly two decades, and have built some popular WiFi hacking tools such as Snoopy, Mana and Sycophant.

This course is highly practical, with concepts taught through theory delivered while your hands are on the keyboard,and semi-self directed practicals at the end of each section to reinforce the learning.

Learning Objectives:

  • How Wi-Fi hacking fits into wider attack or defence objectives.
  • Important physical and low level RF concepts and how to reason through/debug strange situations.
  • Understanding how monitor mode works, when to use or not use it, and practical examples of what to do with collected frames or data.
  • Grokking the WPA2 4-way handshake and the numerous ways of recovering PSKs and what do with them.
  • First looks at attacking WPA3's Dragonfly handshake with downgrades.
  • Grokking EAP & EAP vulnerabilities relating to certificate validation, tunnelled mode key derivation and how to practically attack them with downgrades, relays and manipulating state.

Course Content

The Basics of Wireless Network and WiFi Hacking

You will understand when and why to use WiFi attacks in the real word. You will also understand the basics of spectrum, signals and propagation. This section of the course will introduce you to the peculiarities of crowded WiFi spectrums and the resulting behaviour in Tx and Rx. Through practical recommendations you will understand the hardware involved in WiFi hacking things like antennas and cards will be demystified.

WiFI Technologies

During the course you will be introduced to the basic WiFi technologies including WPA/2/3 PSK, EAP and PEAP. You will understand the differences, learn how to identify these technologies and formulate the correct attack needed to practically hack it. This course will teach you the WiFi fundamentals well enough to adjust approaches when the basics aren't working. You will learn about new WiFi security protocols like WPA3 and OWE. Furthermore, you will be exposed to newer WiFi attacks like EAP tunnelling (sycophant), LootyBooty (EAP-GTC downgrade), PMKID cracking and more.


We've setup the whole course with Katakoda to host our "WiFi in the cloud" environment we invented several years ago. This ensures students can interact with the labs and content online during the course. This means no more fiddling with faulty hardware or turning the classroom into a microwave.

Who should take this course?

This course is for anyone who wants to understand how to attack and defend Wi-Fi networks. It's an offensive course and has obvious benefits for pentesters and red teamers, however it's also essential for disabusing defenders of false notions of security as well as what defences have a meaningful impact.


If you wish to have training, please get in touch with our sales team to discuss further.