Skip to content
Back to Blog

tutorials · 1 min read

Stealing Credentials with a FakeAP

Practical guide to creating a fake WiFi access point (Evil Twin / FakeAP) with Wifiphisher. We clone a hotel captive portal, deauthenticate users, and steal credentials. Updated with modern tools and ethical recommendations.

· Pablo Plaza Martínez · tutorials

Practical guide to creating a fake WiFi access point (Evil Twin / FakeAP) with Wifiphisher. We clone a hotel captive portal, deauthenticate users, and steal credentials. Updated with modern tools and ethical recommendations.

Stealing passwords with a FakeAP

Share:
Back to Blog

Related Posts

View All Posts »
Bypassing WiFi Network Login Pages

tutorials · 5 min

Bypassing WiFi Network Login Pages

Two real techniques for bypassing captive portals on WiFi networks: MAC cloning (weak authentication) and DNS tunnelling with iodine (for more secure portals). Updated with modern tools, best practices, and security recommendations.

· Pablo Plaza Martínez

Remote Code Execution WinRAR (CVE-2018-20250) POC

tutorials · 3 min

Remote Code Execution WinRAR (CVE-2018-20250) POC

Proof of Concept (PoC) for the WinRAR CVE-2018-20250 vulnerability, allowing remote code execution by extracting malicious files to arbitrary directories. Step-by-step guide to create a malicious ACE file that executes a payload on system startup.

· Manuel López Pérez

Stealing Windows NTLM Hashes with a Malicious PDF

tutorials · 3 min

Stealing Windows NTLM Hashes with a Malicious PDF

Practical guide to generating a malicious PDF that, when opened in Windows, forces NTLM authentication and captures the NET-NTLMv2 hash. Includes generation with modern tools, cracking with hashcat, and use of psexec. Updated with best practices and current alternatives.

· Pablo Plaza Martínez