An (Updated) Hacker’s Toolkit


We thought that this would be a good time to update this popular article, as new tools to hack private communications in WiFi hotspots are always evolving. This article discusses some of the most well-known WiFi hacking tools.


Unfortunately, novice hackers don’t have to look very hard to find all they need to know regarding how to hack. For example:

  • Kali Linux is one of the best known hacking tool collections, and their website provides many how-to hacking links.
  • YouTube now has more than 300,000 videos on WiFi hacking, some with millions and millions of views. One of the first listed is called “how to hack any WiFi hotspot in about 30 seconds.”
  • There are many other hacking websites out there, but since many of them are dubious and may have malware installed on them, we do not want to link to them as they may put you at risk.


The following is a list of the top 10 tools preferred by both ethical and black hat hackers in 2015:

  • Angry IP Scanner: Angry IP Scanner is a free network scanner that is very easy to use. It scans IP addresses and ports to find open ports.
  • Burp Suite:  A penetration testing tool that has several features that can map out the various pages and structure of a website by looking at cookies, and then initiates attacks on various web applications.
  • Cain & Able: This is a multi-purpose tool that can intercept network traffic, using information contained in those packets to crack encrypted passwords using dictionary, brute-force and cryptanalysis attack methods, record VoIP conversations, recover wireless network keys, and analyze routing protocols. Its main purpose is the simplified recovery of passwords and credentials. This software has been downloaded over 400,000 times.
  • Ettercap: This widely used hacking tool works by placing a user’s network interface into promiscuous mode and by ARP poisoning, which is a process in which the hacker gives the wrong MAC or IP address to the network in order to carry out a Man-in-the-Middle attack.
  • John the Ripper: This hacking tool is popular for dictionary attack. It takes text string samples from a large dictionary, encrypts it in the same way as the password being crack, and then compares the output to the encrypted string. This is an example of a brute force attack.
  • Metasploit: This hacking tool can be used for exploiting a network’s backdoor. While it’s not free, it is a huge popular penetration testing tool used by both ethical hackers, as well as unethical ones. It helps provide information about known security vulnerabilities for a network.
  • NMap: Also known as Network Mapper (or nmap for short), this free hacking tool is used by network administrators for security and auditing purposes. It uses IP packets to determine what hosts are available on the networks, what services they offer, what types of protocols are being used, what operating systems are being used on the network, and what type of packet filters and firewalls are being used.
  • Nessus Remote Security Scanner: This hacking tool can be used with client-server frameworks, and is the most popular vulnerability scanner worldwide.
  • THC Hydra: This is another password hacking tool that uses a dictionary or brute force attack to try various password and login combinations against a log in page.
  • Wapiti: This is a penetration testing tool that is able to scan hundreds of possible vulnerabilities. It can audit the security of web application by performing black box scans, which scans the HTML pages of the application it is trying to attack in order to inject data.

For hackers that prefer a turn-key package, there are also hardware wireless hacking tools available. We’ve highlighted one called WiFi Pineapple. It’s a simple, small, portable device that can be carried into any hotspot and used to attract any laptop trying to find a WiFi  access point. The Pineapple uses a technique called an Evil Twin attack. Hackers have used tools like KARMA to do the same thing for years, but with Pineapple, now you can buy a piece of hardware for only $100 that allows you to become a hacker without downloading or installing any software.

Here’s what their website says: “Of course all of the Internet traffic flowing through the pineapple such as e-mail, instant messages and browser sessions are easily viewed or even modified by the pineapple holder.”

Hacking Countermeasures

Fortunately, there are resources that you can use to help combat these threats. Below are two excellent books:

  • Hacking Exposed: Network Security Secrets & Solutions, by Joel Scambray. This book talks about security from an offensive angle and includes a catalog of the weapons hackers use. Readers see what programs are out there, quickly understand what the programs can do, and benefit from detailed explanations of concepts that most system administrators do not understand in detail. Hacking Exposed wastes no time in explaining how to implement the countermeasures that will render known attacks ineffective. Taking on the major network operating systems and network devices one at a time, the authors tell you exactly what UNIX configuration files to alter, what Windows NT Registry keys to change, and what settings to make in NetWare.
  • Wi-Foo: The Secrets of Wireless Hacking, by A. Vladimirov, K. Gavrilenko, and A. Mikhailovsky. This book is the first practical and realistic book about 802.11 network penetration testing and hardening, based on a daily experience of breaking into and securing wireless LANs. Rather than collecting random wireless security news, tools, and methodologies, Wi-Foo presents a systematic approach to wireless security threats and countermeasures starting from the rational wireless hardware selection for security auditing and describes how to choose the optimal encryption ciphers for the particular network you are trying to protect.


The following list includes common WiFi terms discussed in this white paper. For additional terms and definitions, please see our online glossary.

Brute Force Attack

Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords through exhaustive effort (using brute force) rather than employing intellectual strategies. Just as a criminal might break into, or “crack” a safe by trying many possible combinations, a brute force cracking application proceeds through all possible combinations of legal characters in sequence. Brute force is considered to be an infallible, although time-consuming, approach.


Encryption is the translation of data into a secret code. To read encrypted data, you must have access to the secret key or password that was used to translate the data into cipher text. That same key or password enables you to decrypt cipher text back into the original plain text. Encryption is the most effective way to achieve data security, but depends on using keys known only by the sender and intended recipient. If a hacker can guess (crack) the key, data security is compromised.

Evil Twin

This is a rogue WiFi access point that appears to be a legitimate one, but actually has been set up by a hacker to intercept wireless communications. An Evil Twin is the wireless version of the “phishing” scam: an attacker fools wireless users into connecting their laptop or mobile phone by posing as a legitimate access point (such as a hotspot provider). When a victim connects to the Evil Twin, the hacker can launch man-in-the-middle attacks, listening in on all Internet traffic, or just ask for credit card information in the standard pay-for-access deal. Tools for setting up an evil twin are easily available (e.g., Karma and Hotspotter). One recent study found that over 56% of laptops were broadcasting the name of their trusted WiFi networks, and that 34% of them were willing to connect to highly insecure WiFi networks – which could turn out to be Evil Twins.


Hypertext Transfer Protocol Secure (HTTPS) combines the Hypertext Transfer Protocol used by browsers and websites with the SSL/TLS protocol used to provide encrypted communication and web server authentication. HTTPS connections are often used to protect payment transactions on the Internet so that anyone that might intercept those packets cannot decipher sensitive information contained therein.

Man-In-the-Middle Attacks

A man-in-the-middle attack is a form of active eavesdropping in which the attacker makes independent connections a communication source and destination and relays messages between them, making those victims believe that they are talking directly to each other, when in fact the entire conversation is being controlled by the attacker. The attacker must be able to intercept all messages exchanged between the two victims. For example, an attacker within reception range of an unencrypted WiFi access point can insert himself as a man-in-the-middle by redirecting all packets through an Evil Twin. Or an attacker can create a phishing website that poses as an online bank or merchant, letting victims sign into the phishing server over a SSL connection. The attacker can then log onto the real server using victim-supplied information, capturing all messages exchanged between the user and real server – for example, to steal credit card numbers.


Sidejacking is a web attack method where a hacker uses packet sniffing to steal a session cookie from a website you just visited. These cookies are generally sent back to browsers unencrypted, even if the original website log-in was protected via HTTPS.  Anyone listening can steal these cookies and then use them access your authenticated web session. This recently made news because a programmer released a Firefox plug-in called Firesheep that makes it easy for an intruder sitting near you on an open network (like a public wifi hotspot) to sidejack many popular website sessions. For example, a sidejacker using Firesheep could take over your Facebook session, thereby gaining access to all of your sensitive data, and even send viral messages and wall posts to all of your friends.


Packet sniffers allow eavesdroppers to passively intercept data sent between your laptop or smartphone and other systems, such as web servers on the Internet. This is the easiest and most basic kind of wireless attack. Any email, web search or file you transfer between computers or open from network locations on an unsecured wireless network can be captured by a nearby hacker using a sniffer. Sniffing tools are readily available for free on the web and there are at least 184 videos on YouTube to show budding hackers how to use them. The only way to protect yourself against WiFi sniffing in most public WiFi hotspots is to use a VPN to encrypt everything sent over the air.


A Netscape-defined protocol for securing data communications – particularly web transactions – sent across computer networks. The Secure Sockets Layer (SSL) protocol establishes a secure session by electronically authenticating the server end of any connection, and then using encryption to protect all subsequent transmissions. The Transport Layer Security (TLS) protocol refers to the Internet standard replacement for SSL. Websites that are addressed by URLs that begin with https instead of http use SSL or TLS.


WEP and WPA are security protocols used to protect wireless networks. Wired Equivalent Privacy (WEP) is a deprecated security protocol for IEEE 802.11 wireless networks. Because all wireless transmissions are susceptible to eavesdropping, WEP was introduced as part of the original 802.11 standard in 1997. It was intended to provide confidentiality comparable to that of a traditional wired network. Since 2001, several serious weaknesses in the protocol have been identified so that today a WEP connection can be cracked within minutes. In response to these vulnerabilities, in 2003 the Wi-Fi Alliance announced that WEP had been superseded by Wi-Fi Protected Access (WPA). Wi-Fi Protected Access versions 1 and 2 (WPA and WPA2) refer to certification programs that test WiFi product support for newer IEEE 802.11i standard security protocols that encrypt data sent over the air, from WiFi user to WiFi router.

Get Private Wifi   Protect your personal information.
Get DataCompress   Cut your mobile data usage.

Jared Howe

Jared Howe is PRIVATE WiFi’s Senior Manager, Product Marketing Communications. Working in high tech for over 15 years, Jared currently lives in Seattle with his wife, daughter, and their two cats.

736 Responses

  1. patrick throp says:

    My experience was a downcast to say the least. They went with over $97k
    from my retirement saving, that i kept in my coinbase wallet I tried
    reaching out to them via email but they won’t respond. alot of back and
    forth with coinbase support and i was told their is nothing they can do
    to assist me, but they recommended Donaldcyberlord@gmail. Com and i was able to
    recover my money back with his service. Everyone should be careful with
    this investment platform. You can contact the team that helped me out.
    Dont hesitate to reach out to support at Donaldcyberlord dot com to retrieve
    your stolen assets..

  2. Sheila Oswalt says:

    I had over $300k in bitcoin Lost to a fake investor online that I came across last year through a colleague of mine at work which also lost her investment along the line though she has been investing with the company for months and been paid out severally before this happened , tried reaching the support team but did not get any feedback for several weeks , at some point I thought about getting a hacker to see if that will help and then I read about a team “ KNIGHTHOODBOT At GMAIL DOT COM where they helped people retrieve their lost funds in investment or even stolen from their bank accounts , I reached out to him without hesitating and the outcome was wonderful , after retrieving the whole money he also worked for my colleague and is in the final stage of retrieving the last investment she made . If you find it hard to reach him through email then contact him through Telegram and get your issues sorted out … Telegram username : KNIGHTHOODBOT09

  3. patrick throp says:

    I have been looking for a way to invest on bitcoin investment company. I contacted some company but was not convinced with there explanation. I was researching and came across Binary options investment company. They investor made everything real and legitimate in the way that you won’t believe it all scam. Everything was going well still last week when i requested for a withdraw. I was told to invest more till when it reached withdrawal limit, than I can withdraw. I stopped talking to them and started looking for a way to recover my money cause I don’t want them to notice my next plans. All thanks to (Donaldcyberlord@gmail. com) He puts an ever lasting smile on my face by getting back my lost funds. I will keep on recommending your service to anyone I know.

  4. says:

    The name above got my crypto back I don’t Really know how he manager to but I guess his supreme in his hacking stuff and’ all call him for help thanks once again.

  5. Crypto Intel says:



    Recovery Precinct is a financial regulator, private investigation and funds recovery body. We specialize in cases concerning ethical hacking, cryptocurrency, FAKE investment schemes and recovery scam. We are also experts in credit repair.

    Visit WWW RECOVERYPRECINCT COM now to report your case or contact our support team via the contact information below to get started.


    Stay Safe !

  6. Laura Williams says:

    We can’t forget CYBER CREDIT GURU in a hurry. My husband was declared bankruptcy in 2019 (and we later on realized that the mobile home in which we lived was included). While I had a debt of $26k and about 9 negative items on my report. As a result, we couldn’t get a mortgage until we had our reports fixed. We were frustrated, there was absolutely nothing we could do until we encountered CYBERCREDITGURU (AT) GMAIL DOT COM / +1 (650) 439 0624 via a positive review about them on a blog. Today we are in a house of our own, all negative items removed and score raised from 430, 470 respectively to 782 each in 6 days. Thanks to team CyberGuru!

  7. says:

    Recovery companies are institutions created for the main purpose of assisting and helping out people that were or are victims of cryptocurrency scam, and there are no companies that are created to work for free. There will be an operational fee only if you really want the job to be done perfectly for you, just like a Recovery Expert. ☝️☝️☝️They are professionals at what they do, and not only do they do but they do it better.

    When you need something to be done, you should be ready to do anything to do it perfectly. ☝️☝️☝️will do that for you.

  8. Ziva Alvarado says:

    Reach out to QUICKRECOVERY07 at GMAIL dot com to get help if you have lost money to any crypto scam. Service delivery is a priority for them which is one of the reasons I’m recommending their service.

  9. I was scammed out of 24.7 bitcoin this week when a hacker found a security hole in Trezor’s wallet software and stole 7,140 BTC ($60 million). A few days later, I recovered $50 million worth of Bitcoin from him by reporting the theft and opening a case immediately with digital triangulation experts at Claimpayback but I am still waiting for more bitcoins to be returned to me. I just detached 50 m being the first part of the recovered sum. waiting for the bnb gas fee to go through so I can detach the rest into my trust wallet

  10. i’m a bitcoin scammer’s victim how i got my bitcoin back
    You can recover scammed Bitcoin and cryptocurrency transactions by either filing a report or employing a certified crypto recovery service like Claimpayback, get bitcoins back from scammer, bitcoin recovery expert company uk, legit bitcoins recovery firms.
    If you lost Bitcoin due to fraud, investment or an Online Scam, don’t be discouraged!
    You may still have the opportunity to recover your stolen funds if you’re able to provide the details ranging from wallet addresses to transaction hashes and all the correspondence of communications. in my case I lost 24.7 btc in my Trevor wallet after clicking a phishing link. I opened a case with digital triangulation experts at Claimpayback. I just detached 20.7btc being the first part of the recovered sum. waiting for the bob gas fee to go through so I can detach the rest into my trust wallet

  11. I was scammed out of 24.7 bitcoin this week when a hacker found a security hole in Trezor’s wallet software and stole 7,140 BTC ($60 million). A few days later, I recovered $50 million worth of Bitcoin from him by reporting the theft and opening a case immediately with digital triangulation experts at Claimpayback but I am still waiting for more bitcoins to be returned to me. I just detached some btc being the first part of the recovered sum. waiting for the bnb gas fee to go through so I can detach the rest into my trust wallet

  12. Henreietta Lawrence says:

    I bless the very day I came across KNIGHTHOODBOT At GMAIL DOT COM , these incredible hacker was able to retrieve our late grandpa’s funds that was being held for years by the bank , each time we try to reach the bank manager they will be requesting that the next of kin will be present and the signatory is needed as well meanwhile the next of kin is my dad who is no more as well , I was so furious and confused at same time and that was when I came online here to see if I could get any other alternatives and I saw a review about KNIGHTHOODBOT and reached out to him asap , the fee was very okay and worth the work he did , he retrieved the whole funds and left no trace that will lead to me at all .. I advice you contact them Via telegram : KNIGHTHOODBOT09 or via email : KNIGHTHOODBOT AT GMAIL dot COM .

  13. Helen Vargas says:

    My hope in crypto is renewed after a recovery expert I hired when a sim-swap hack was carried out on my device leaving my crypto account vulnerable. My wallet was accessed and coins moved outside to an external wallet. JimfundsrecoveryAt ConsultantD0t C0m simply pursued my case with a local police report I made/ some required info and was able to recover 95% for me in a 2 weeks long recovery process.  

  14. JENKINS COOPER says:


    ( Morris Gray 830 At gmail Dot Com, is the man for the job ) This man is dedicated to his work and you can trust him more than yourself. I contacted him a year and a half Ago and he didn’t succeed. when i got ripped of $491,000 worth of bitcoins by scammers, I tried several recovery programs with no success too. I kept on. And now after so much time Mr Morris Gray contacted me with a success, and the reward he took was small because obviously he is doing this because he wants to help idiots like me who fell for crypto scam, and love his job. Of course he could have taken all the coins and not tell me , I was not syncing this wallet for a year, but he didn’t. He is the MAN guys , He is! If you have been a victim of crypto scam before you can trust Morris Gray 10000000%. I thought there were no such good genuine guys anymore on earth, but Mr Morris Gray brought my trust to humanity again. GOD bless you sir…you can reach him via ( MORRIS GRAY 830 at Gmail dot com )

  15. Karim Harrell says:

    A victim right here and it is always a very complicated situation. I firmly believe that those who fall for these scams should be treated with compassion because genuine love is never wrong. I nearly lost $102,434 to a stunning fake woman on Tinder who in 2018 told me about investing in bitcoin. A year later, I made the decision to go all-in using her recommended platform, but sadly, it was all a planned process.
    I was unable to recover all of my money, but the reputable solution provider QUICK RECOVERY via (quickrecovery07 at gma%l >com), who is currently assisting people in recovering from situations like this, was able to recover more than 89% of it. Forever indebted to you.

  16. Lucas Freeman says:

    Hey, I just want to take this moment to explain how much you can gain from investing in Marketplus247, and online platform where your invested funds is being traded and returned back with percentage profit. It id safe, secure and tested. Check out for clearer information.

  17. Mildred Avans says:

    After Loosing about 189k to fake company that claims to mine bitcoin I was devastated because I thought it was all going to turn out well after coming across their websites and even speaking to their customer services on phones several times as she helped me with when I had issues making deposits to them , I paid to them severally without getting any payout till it totaled to 189k , I could not think straight at that point for straight one week , after I was able to pull myself together I now made inquiries on how to get a private hacker who could help me see if I can retrieve back my money and that was when I read about KNIGHTHOODBOT @ GMAIL .COM on LINKEDIN , and guess what ? He did his magic and got back all my money back to my bitcoin wallet .. Make sure to reach I’m today incase you had the same experience as me in the past and wish to get back your hard earned money because these people out there don’t deserve to treat us like that … KNIGHTHOODBOT @ GMAIL .COM saved me .

  18. kyle noel says:

    Do you need professional help with hacking anything? Contact Mr Michael Calce for help. He is currently one of the best hackers out There.who took off my bad Report and Raise My score to 815 excellent score within 72 hours i’m very happy right now You can reach him on EMAIL- ( He literally saved me. Helped me remove some bad records that kept preventing me from getting any good job. I currently have a good job and its really refreshing. I am forever grateful to him.
    He also offers services such as:
    -Credit Repair
    -Website hack
    -hacking of cheating spouse
    -Bank account hack/funds transfer
    -Facebook and whatsapp hack
    -Email hack
    -Phone cloning

  19. Alfredo Morgan says:

    All thanks to the humble and expert hacker at KNIGHTHOODBOT @ GMAIL .COM , Last 2 months I contacted the company for a job , after I read several reviews about them . I even reached out to one of their clients who had worked with them in the past just to verify how genuine they are before I could proceed with the work at hand with them , they were able to retrieve back my 820k worth of ETH/BTC that was stolen from my wallet when my email and computer was attacked and my wallet phrase was there as well when I tried working investing with a Russian based investment company , not knowing they were fake and never existed , he got the job done within 2 weeks after I contacted their team … here is their contact address
    Telegram: KNIGHTHOODBOT09

  20. In a world where almost every business has invested in cryptocurrency, the rate of crypto fraud cases rises. In my case, I was scammed of 5 million AUD by an online crypto firm. They refused to release the funds without payment of money as a percentage of commission. I was pained and frustrated, so I filed a complaint with cybercrime unit but to no avail. They directed me to TheHackerspro who helped me get a refund. Since then, I am very happy and can finally start living an uncomplicated life again

  21. Crypto Intel says:



    Recovery Precinct is a financial regulator, private investigation and funds recovery body. We specialize in cases concerning ethical hacking, cryptocurrency, FAKE investment schemes and recovery scam. We are also experts in credit repair.

    Visit www recoveryprecinct com now to report your case or contact our support team via the contact information below to get started.

    recoveryprecinct @ gmail com

    Stay Safe !

  22. James Dickson says:

    I got my credit score been repaired and fixed by this man who helped me in erasing all the credit deficit and wipe away all the credit debt off my credit report. just get to him via

  23. John Giles says:

    Get your credit score increased above 845 across your three credit bureaus; Equifax, Experian and TransUnion.
    Get to hack your spouse/partner cell phone recovery without been caught.
    Get to remove all the negative items and bad collections from your credit report.
    Get to wipe away all there past eviction on your credit report without no traces
    Get to pay off your credit card debit and erase all the credit inquiries off your credit report.
    Get approved for your Auto loan worth over $150,000 without no upfront payment
    Just contact this great man Via or Text him at 914 344 6903.

  24. Nadine Koeller says:

    invested with a South African based trading company not knowing that the company was a fake company , I lost a total of 923k worth of bitcoin to them and that left me devastated and broken because I thought it was all true at first but it all ended up that way , I tried keeping it from my sister who I was very close with until I broke it out to her because I can’t keep secrets from her , she didn’t react as I expected though she quickly started making research and hired a private investigator who then referred us to this great Recovery hacker “KNIGHTHOODBOT@GMAIL.COM “ he was just as great as people said he was , he recovered all of the lost BITCOIN back to me and I can really say that was an awesome feeling

  25. Patrickthrop says:

    Loosing ones Crypto currency can be a devastating thing to experience, the fact that it is almost impossible to recover a Stolen or lost Crypto coin hurt more than anything. When a person get scammed of their money while investing in a crypto currency platform the only thing they can think of is how to report the company and get back their money. Most victims of the scam contact their wallet account provider, their bank or the law enforcement, a few end up hiring a lawyer to sue the company but after all these stress they still cant get their money back. Please everyone should be careful where they invest their money. Cryptocurrency has made many rich and at the same time made so many broke and desperate. Few weeks ago when I was referred to Donaldcyberlord and I was able to get back all my dogecoin that was Stolen through their services. If you want to recover your cryptocurrency that was stolen or lost I recommend you to Donaldcyberlord are reliable and trustworthy. You can also contact them via Donaldcyberlord@gmail . Com I wish you all the best .

  26. Rickymgilliam says:


    DONALDCYBERLORD(@) GMAIL, COM is the best tech expert you need to help you.

    Perhaps I didn’t perform my task nicely, I didn’t analyze sufficient to know that scams exist in crypto trading and investments I used to be solely thrilling however the mouth watering affords they put ahead to me, I invested virtually all my financial savings , time to withdraw and it’s at all times asking to pay more cash even on their web site, later came upon it was utterly fake they usually’ve duped lots of people. I used to be damaged and I used to be devastated on the look at which my cash disappeared, identical to a spell on me. OMG I used to be down and virtually losing focus at work. Katie is a buddy from work, known as me she noticed an assessment of somebody on restoration agent, I didn’t consider something trigger I learned online it can’t be recovered as soon as transferred. It’s the opposite means spherical although, this genius recovers Bitcoin ( DONALDCYBERLORD Gmail,Com) reach out by way of gmail and my unhappy story turned into a joyful story. Please recommendation on the place to speculate and by which coin the way forward for funding yields higher income, I nevertheless love cryptocurrency however I’m rattling scared I don’t need to be scammed once more. Be happy to share your information with me guys, I’ll be studying from y’all thanks.

    Send your complaint to [ DONALDCYBERLORD (@) GMAILCOM for any crypto tech issues, recovery of your lost funds and stolen crypto/ digital assets.

    This team offers other services such as

    Spying and monitoring and suspected cheating


    Phone cloning

    Clearing of criminal records

    Fixes bad debts

    Upgrade of credit scores and a lot more


  27. Evelyn Gonzalez says:

    I and my husband were looking for the right hacker to help fix our credit, we wanted to get a home since we were expecting our first child and Alienman hacker delivered. He took time in arranging our credit report profile in the direction we wanted and we saw changes to our credit in less than a week, our chances in getting our home doubled. He increased our credit score to 780 and deleted all negative items that affected our credit, He never stopped communicating along the way and us feel secured about our decision. If you are looking for one of the best hackers our there to help fix your credit report contact ALIENMAN. HACKER ‘at’ GMAIL,COM

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.