Deauth / Disassoc Attacks

The most-used 802.11 management-frame attack: send a forged deauthentication or disassociation frame as the AP, and the client disconnects. Modern PMF (802.11w) authenticates these frames cryptographically — but most consumer and many enterprise deployments still don't require PMF.

Quick Workflow

1. Identify target client + AP (BSSID, channel)
2. Pick deauth scope: single client (quiet) vs. broadcast (loud, DoS)
3. Verify PMF status — if required, classic deauth fails; pivot to action-frame attacks
4. Send the deauth burst at the right rate

Single-Client Deauth (Preferred)

Used to force handshake capture, push client to evil twin, or test reconnection behavior.