An (Updated) Hacker’s Toolkit


We thought that this would be a good time to update this popular article, as new tools to hack private communications in WiFi hotspots are always evolving. This article discusses some of the most well-known WiFi hacking tools.


Unfortunately, novice hackers don’t have to look very hard to find all they need to know regarding how to hack. For example:

  • Kali Linux is one of the best known hacking tool collections, and their website provides many how-to hacking links.
  • YouTube now has more than 300,000 videos on WiFi hacking, some with millions and millions of views. One of the first listed is called “how to hack any WiFi hotspot in about 30 seconds.”
  • There are many other hacking websites out there, but since many of them are dubious and may have malware installed on them, we do not want to link to them as they may put you at risk.


The following is a list of the top 10 tools preferred by both ethical and black hat hackers in 2015:

  • Angry IP Scanner: Angry IP Scanner is a free network scanner that is very easy to use. It scans IP addresses and ports to find open ports.
  • Burp Suite:  A penetration testing tool that has several features that can map out the various pages and structure of a website by looking at cookies, and then initiates attacks on various web applications.
  • Cain & Able: This is a multi-purpose tool that can intercept network traffic, using information contained in those packets to crack encrypted passwords using dictionary, brute-force and cryptanalysis attack methods, record VoIP conversations, recover wireless network keys, and analyze routing protocols. Its main purpose is the simplified recovery of passwords and credentials. This software has been downloaded over 400,000 times.
  • Ettercap: This widely used hacking tool works by placing a user’s network interface into promiscuous mode and by ARP poisoning, which is a process in which the hacker gives the wrong MAC or IP address to the network in order to carry out a Man-in-the-Middle attack.
  • John the Ripper: This hacking tool is popular for dictionary attack. It takes text string samples from a large dictionary, encrypts it in the same way as the password being crack, and then compares the output to the encrypted string. This is an example of a brute force attack.
  • Metasploit: This hacking tool can be used for exploiting a network’s backdoor. While it’s not free, it is a huge popular penetration testing tool used by both ethical hackers, as well as unethical ones. It helps provide information about known security vulnerabilities for a network.
  • NMap: Also known as Network Mapper (or nmap for short), this free hacking tool is used by network administrators for security and auditing purposes. It uses IP packets to determine what hosts are available on the networks, what services they offer, what types of protocols are being used, what operating systems are being used on the network, and what type of packet filters and firewalls are being used.
  • Nessus Remote Security Scanner: This hacking tool can be used with client-server frameworks, and is the most popular vulnerability scanner worldwide.
  • THC Hydra: This is another password hacking tool that uses a dictionary or brute force attack to try various password and login combinations against a log in page.
  • Wapiti: This is a penetration testing tool that is able to scan hundreds of possible vulnerabilities. It can audit the security of web application by performing black box scans, which scans the HTML pages of the application it is trying to attack in order to inject data.

For hackers that prefer a turn-key package, there are also hardware wireless hacking tools available. We’ve highlighted one called WiFi Pineapple. It’s a simple, small, portable device that can be carried into any hotspot and used to attract any laptop trying to find a WiFi  access point. The Pineapple uses a technique called an Evil Twin attack. Hackers have used tools like KARMA to do the same thing for years, but with Pineapple, now you can buy a piece of hardware for only $100 that allows you to become a hacker without downloading or installing any software.

Here’s what their website says: “Of course all of the Internet traffic flowing through the pineapple such as e-mail, instant messages and browser sessions are easily viewed or even modified by the pineapple holder.”

Hacking Countermeasures

Fortunately, there are resources that you can use to help combat these threats. Below are two excellent books:

  • Hacking Exposed: Network Security Secrets & Solutions, by Joel Scambray. This book talks about security from an offensive angle and includes a catalog of the weapons hackers use. Readers see what programs are out there, quickly understand what the programs can do, and benefit from detailed explanations of concepts that most system administrators do not understand in detail. Hacking Exposed wastes no time in explaining how to implement the countermeasures that will render known attacks ineffective. Taking on the major network operating systems and network devices one at a time, the authors tell you exactly what UNIX configuration files to alter, what Windows NT Registry keys to change, and what settings to make in NetWare.
  • Wi-Foo: The Secrets of Wireless Hacking, by A. Vladimirov, K. Gavrilenko, and A. Mikhailovsky. This book is the first practical and realistic book about 802.11 network penetration testing and hardening, based on a daily experience of breaking into and securing wireless LANs. Rather than collecting random wireless security news, tools, and methodologies, Wi-Foo presents a systematic approach to wireless security threats and countermeasures starting from the rational wireless hardware selection for security auditing and describes how to choose the optimal encryption ciphers for the particular network you are trying to protect.


The following list includes common WiFi terms discussed in this white paper. For additional terms and definitions, please see our online glossary.

Brute Force Attack

Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords through exhaustive effort (using brute force) rather than employing intellectual strategies. Just as a criminal might break into, or “crack” a safe by trying many possible combinations, a brute force cracking application proceeds through all possible combinations of legal characters in sequence. Brute force is considered to be an infallible, although time-consuming, approach.


Encryption is the translation of data into a secret code. To read encrypted data, you must have access to the secret key or password that was used to translate the data into cipher text. That same key or password enables you to decrypt cipher text back into the original plain text. Encryption is the most effective way to achieve data security, but depends on using keys known only by the sender and intended recipient. If a hacker can guess (crack) the key, data security is compromised.

Evil Twin

This is a rogue WiFi access point that appears to be a legitimate one, but actually has been set up by a hacker to intercept wireless communications. An Evil Twin is the wireless version of the “phishing” scam: an attacker fools wireless users into connecting their laptop or mobile phone by posing as a legitimate access point (such as a hotspot provider). When a victim connects to the Evil Twin, the hacker can launch man-in-the-middle attacks, listening in on all Internet traffic, or just ask for credit card information in the standard pay-for-access deal. Tools for setting up an evil twin are easily available (e.g., Karma and Hotspotter). One recent study found that over 56% of laptops were broadcasting the name of their trusted WiFi networks, and that 34% of them were willing to connect to highly insecure WiFi networks – which could turn out to be Evil Twins.


Hypertext Transfer Protocol Secure (HTTPS) combines the Hypertext Transfer Protocol used by browsers and websites with the SSL/TLS protocol used to provide encrypted communication and web server authentication. HTTPS connections are often used to protect payment transactions on the Internet so that anyone that might intercept those packets cannot decipher sensitive information contained therein.

Man-In-the-Middle Attacks

A man-in-the-middle attack is a form of active eavesdropping in which the attacker makes independent connections a communication source and destination and relays messages between them, making those victims believe that they are talking directly to each other, when in fact the entire conversation is being controlled by the attacker. The attacker must be able to intercept all messages exchanged between the two victims. For example, an attacker within reception range of an unencrypted WiFi access point can insert himself as a man-in-the-middle by redirecting all packets through an Evil Twin. Or an attacker can create a phishing website that poses as an online bank or merchant, letting victims sign into the phishing server over a SSL connection. The attacker can then log onto the real server using victim-supplied information, capturing all messages exchanged between the user and real server – for example, to steal credit card numbers.


Sidejacking is a web attack method where a hacker uses packet sniffing to steal a session cookie from a website you just visited. These cookies are generally sent back to browsers unencrypted, even if the original website log-in was protected via HTTPS.  Anyone listening can steal these cookies and then use them access your authenticated web session. This recently made news because a programmer released a Firefox plug-in called Firesheep that makes it easy for an intruder sitting near you on an open network (like a public wifi hotspot) to sidejack many popular website sessions. For example, a sidejacker using Firesheep could take over your Facebook session, thereby gaining access to all of your sensitive data, and even send viral messages and wall posts to all of your friends.


Packet sniffers allow eavesdroppers to passively intercept data sent between your laptop or smartphone and other systems, such as web servers on the Internet. This is the easiest and most basic kind of wireless attack. Any email, web search or file you transfer between computers or open from network locations on an unsecured wireless network can be captured by a nearby hacker using a sniffer. Sniffing tools are readily available for free on the web and there are at least 184 videos on YouTube to show budding hackers how to use them. The only way to protect yourself against WiFi sniffing in most public WiFi hotspots is to use a VPN to encrypt everything sent over the air.


A Netscape-defined protocol for securing data communications – particularly web transactions – sent across computer networks. The Secure Sockets Layer (SSL) protocol establishes a secure session by electronically authenticating the server end of any connection, and then using encryption to protect all subsequent transmissions. The Transport Layer Security (TLS) protocol refers to the Internet standard replacement for SSL. Websites that are addressed by URLs that begin with https instead of http use SSL or TLS.


WEP and WPA are security protocols used to protect wireless networks. Wired Equivalent Privacy (WEP) is a deprecated security protocol for IEEE 802.11 wireless networks. Because all wireless transmissions are susceptible to eavesdropping, WEP was introduced as part of the original 802.11 standard in 1997. It was intended to provide confidentiality comparable to that of a traditional wired network. Since 2001, several serious weaknesses in the protocol have been identified so that today a WEP connection can be cracked within minutes. In response to these vulnerabilities, in 2003 the Wi-Fi Alliance announced that WEP had been superseded by Wi-Fi Protected Access (WPA). Wi-Fi Protected Access versions 1 and 2 (WPA and WPA2) refer to certification programs that test WiFi product support for newer IEEE 802.11i standard security protocols that encrypt data sent over the air, from WiFi user to WiFi router.

Get Private Wifi   Protect your personal information.
Get DataCompress   Cut your mobile data usage.

Jared Howe

Jared Howe is PRIVATE WiFi’s Senior Manager, Product Marketing Communications. Working in high tech for over 15 years, Jared currently lives in Seattle with his wife, daughter, and their two cats.

979 Responses

  1. Anonymous says:

    Please beware of fake bitcoin mining/clouding out there, I have been a victim once but now a certified blockchain consultant and I know better now. The whole plan was so smooth I could not doubt it. Bitcoin is actually a great investment option but one thing I discovered over time is that it is not possible to mine bitcoin so don’t be deceived. I invested $45000 on a particular website called eurekaminingblock, I monitored the profit yielding but was told to open a new blockchain account to receive my payout. A public wallet was imported into the account and I was made to believe that was my profit. The bitcoin was labelled non spendable and it took me 3 months to be able to access it without the knowledge of the company true the help of (recoverstolenbitcoin@GMAIL. Com) The non spendable bitcoin is the scam out there now and a lot of people are falling victim of it. So be very careful when dealing with those fake investor’s

  2. Ava says:

    I can see many are really good on posting there so called bitcoin experts, congratulations to you all that meets an expert whom recovers your stolen bitcoin back to you, after all what matters is to get your lost funds back. I will for ever be grateful to bitcoinrecoveryservice AT gmail DOT com I was a victim of forest trading scam, I lost $200k to those wicked broker who made me invest all my life savings just to scam me. Don’t be deceived with all this recovery experts and post. Apply to the service of this company and get your funds back.

  3. Brandon Khan says:

    As a business inclined individual I hated just staying home, saving all my pensions and not being able to make use of it to make more money so I went on looking for an investment, I tried binary options and forex, lost some money to that and took sometime off the online investment thing and after a while i had to make a research on how to recover my stolen investment and that’s when i came across DARKRECOVERYHACKS @ GMAIL .COM . He retrieved the whole bitcoin last 2 weeks. I can’t still thank him enough because they almost took away my Life savings .

  4. Curtis Black says:

    Hey guys this is crazy , listen to this Turns out ! My cousin’s account was hacked on Facebook and I got contacted he talked to me about a company he recently invested a few thousands and how much profit he has made so far . Stated some convincing fact and being a bad time for me and a deadline to make a vital payment I decided to see what happens if I give them a try, one thing led to another I have invested over $500k in this crypto company hoping to flip and get 1 million or more , Long story short my cousin called me a week to the day I was going to withdraw my investment asked if I have been talking with anyone on his Facebook , my heart froze for a moment already the company be moving shady postponing my date of withdrawal over one excuse or the other. He explained that his account was hacked after he lost his bag in the subway which already cost me over $500k. I fell ill , luckily for me my cousins knew people who knew the best when it comes to situations
    like this CALLED THEM;

    LOL ! funny now but not funny then , I was pale and lost a lot of weight after I got scammed , started feeling a lot better after a successful recovery of my investment . It’s crazy how we still have a fighting chance against these cyberbully & cybercriminals , good and genuine service worth every remark. Don’t hesitate to contact them immediately if you have a similar case , I’m happy to say that i’m also fully recovered and healthy now.

    • Lionel Emily says:


  5. Lionel Emily says:

    We are in the era of technology advancement and a shift in the way things functioned in the past , I got contacted on my social app from an acclaimed investor who seemed friendly . One thing led to another one month in it and we are already close friends sharing so much with each other with thoughts of meeting soon. While this was going on, he suggested a new way to make money which he said involved crypto and that it is the future of money. Before I knew it I’m investing in this binary investment company ,first few weeks of investing were good everything went smoothly , this continued until I was made to trust this company and in a period of 3 months I already invested $740,000 American . I really thought I had things under control and had made millions as profit, little did I know that I was being lied to and being led on all along. In total i lost $745,000 American to this fake investment company or so I thought , I was out for months pale and loosing weight until a friend introduced me to a hacker or more like a firm “VALORHACK” at first I didn’t believe there was anything anyone could do but in the first week of contacting “VALORHACK” I already have 60% of what I lost back in my wallet and the rest was recovered successfully by second week !. I was given a second chance not everyone gets a second chance and I felt I thank them publicly and in so doing help any one who needs “VALORHACK” .

    This is a medium you can contact them with:
    valorhaQ@gmail. Com

  6. Peter Filipp says:

    In the last month to six weeks, I had lost around $230,000 worth of Bitcoins to a fake forex trader, hoping I would earn huge from my investment. This was going on for 6 weeks until I ran out of funds, the forex trader wouldn’t allow me to withdraw my profits or my initial investment. Luckily for me, my friend told me about Cryptocurrency scans and the services of AstraWeb, who I contacted immediately to help me retrieve my stolen coins. It took AstraWeb 72 hours to get my funds back and I’m grateful for their service. They are truly an amazing company with ethical standards and professionalism. You can trust them to help you recover your funds.


    Thank you for your time.

  7. Ahmed Peterside says:

    I lost my MacBook and iphone14 pro max some time ago when i was attacked at home , in that process all my crypto wallet accounts & password got lost , I had difficulties logging in and I consulted lots of agencies to assist but all to no avail, until I came across ( santoshihacker@hotmail .com )my email account detailswhere send to me as recovery i now got back my accounts succussful Santoshi hacker are just the best and I can refer anyone to them whose going through such mess.

  8. armando marchionne says:

    I LOST EVERYTHING!, It looked like the end of the line for me…actually it was end of the line for me and no help was forthcoming , I was dyeing silently embarrassed to talk to anyone about what happened to me .I invested and even took loan that amounted to a total of $1.11M American, I was lured and deceived into investing so much with promises of high ROI and all that was also a big scam just like their company , in fact it was a well orchestrated Ponzi scheme devised for the innocent ones like you and I to fall prey too and loose millions to. I was pained and nearly lost my house to this scam company , my health started deteriorating , at this time I had to help myself or loose my mind or maybe my whole life to this scam . A colleague at work who mined bitcoin got me talking with a tech company “VALOR HACK” I didn’t know what to expect but I’m here making this review that “VALOR HACK” SAVED ME !!! Not only did I recover all I lost, the scam company was taken down to end this chain of heartbreak . Contact them now!

    EMAIL: valorhaq @ gmail . Com

    Currently news is that there is heavy traffic on telegram for fast replies send an email now !

  9. Danielle Brown says:

    Few days ago I came across a video clip on Youtube about Mike the credit guy, I contacted him and he asked for my info and I gave him all he needed to proceed with the hack. I thought it was a joke after which I had funded the exploits and I was told to wait for 3days . He helped me hack into the FICO and get my credit score boosted to 812 plus and now, I got a new perfect job and had to pay my mortgage and I’m living my life in peace without debts and bad credits. All thanks to Mike, the realest hacker alive! get to him through MTHECREDITGUY AT Gmail DOT COM, swift and affordable. I bet you get to find me and thank me later…

  10. Isabella Nelson says:

    Last year Christmas. My debit card was hacked buy a scammer and he made away with all the money in my local bank account. I went to the bank after Christmas with some debit alerts I received doing the Christmas, they bank said there is nothing they can do about it because the money was withdraw true my debit card. I started looking for a way to get a loan from the bank to start life afresh. Luckily a banker in that same bank who knows about my situation introduced me to ( Where I can recover my lost funds and also apply for a business loan. After giving them some information about me, they told me about their interest and It was as low as 2% , that’s exactly what I wanted. Now I can take care of my family and business with the help of this company. They also helped to get back at those scammers by getting back my lost funds. They come highly recommended. Contact them with the above information if you need their service.

  11. Eric Mendes says:

    The pains of being ripped off by these heartless scammers who pose as binary investment company , mine started with a female investor who I became close friends with in a few months after we started chatting , she was nice and the sweetest person to talk to , she talked me into investing she sweet talked me into trusting her and the said company and investing a wholesome amount into this company .By the time It dawned on me that all this was a trick and a scheme to get in my pocket I already lost over $500,000 . She tried to persuade me into investing more in order to cash out at my next roll over with the company but I wasn’t about to fall for that nonsense anymore , the painful realization of being ripped off I had to seek for a solution . I searched online and the reviews I saw about “VALOR HACK” gave me the Nod to give them a try , I did and I can say I’m happy with the service I received at “VALOR HACK” and will advice anyone seeking for an INVESTMENT RECOVERY to go no further with your search . I recently began my RECOVERY JOURNEY and I have parts of my investment already and soon I’d have all I lost back in my account . THANK YOU VALOR HACK
    Contact them now!
    EMAIL: valorhaq @ gmail . Com

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.