Skills

offensive-wpa-enterprise

Installation
SKILL.md
Contains Shell Commands

This skill contains shell command directives (!`command`) that may execute system commands. Review carefully before installing.

WPA-Enterprise (802.1X / EAP) Attacks

Enterprise Wi-Fi delegates authentication to a RADIUS server — usually backed by AD. The PSK doesn't exist. Instead, you attack the supplicant's trust in the server certificate, the inner EAP method's crypto, or the cert-issuance path.

Quick Workflow

  1. Identify EAP method from beacons + initial EAP-Request/Identity
  2. If MSCHAPv2-based (PEAP, TTLS): rogue RADIUS to capture challenge-response
  3. If EAP-TLS: target the cert-issuance / cert-storage path (out of band)
  4. Crack captured MSCHAPv2 offline → AD username + password
  5. Pivot into the domain (see offensive-active-directory and offensive-network)

EAP Method Identification

# Watch 802.1X exchange in monitor mode
sudo tshark -i wlan0mon -Y "eapol || eap" -V
Installs
29
Repository
snailsploit/claude-red
GitHub Stars
2.3K
First Seen
May 8, 2026
Security Audits
Gen Agent Trust HubFail
SocketFail
SnykFail
offensive-wpa-enterprise — snailsploit/claude-red