OpenCourser brand icon
Sign in
We may earn an affiliate commission when you visit our partners.
Course image
Pluralsight logo

Initial Access with WiFi-Pumpkin

Ricardo Reimao
Having valid credentials is one of the most effective ways of getting access to the internal network of a company. It gives you the same level of access of a target employee, which often includes VPN access to the internal network as well as several external...
Read more
Having valid credentials is one of the most effective ways of getting access to the internal network of a company. It gives you the same level of access of a target employee, which often includes VPN access to the internal network as well as several external systems. In this course, Initial Access with WiFi-Pumpkin, you will explore the WiFi-Pumpkin tool, which is a rogue access point framework developed by Marcos Bomfim from the P0cL4bs. First, you will learn how to create rogue access points that look exactly like the WiFi network of your target company. Then, you will see how to set up captive portals, so that when users try to login to your rogue access point, they will be prompted to type their domain credentials and you can harvest them to use in other attacks. Finally, you will discover how to set up a rogue access point, how to set up a fake captive portal, how to customize the login page, and how to harvest the credentials that were submitted. By the end of this course, you will know two important tactics from the MITRE ATT&CK framework: Rogue WiFi Access Points (T1465) and Valid Accounts (T1078).
Enroll now

Here's a deal for you

We found an offer that may be relevant to this course.
Save money when you learn. All coupon codes, vouchers, and discounts are applied automatically unless otherwise noted.
Valid for a limited time only
Future-proof your career
Access O'Reilly books, live events, courses, and more. Save with an annual subscription.
Take
15%
off

Good to know

Know what's good
, what to watch for
, and possible dealbreakers
Taught by Ricardo Reimao, a well-known expert in computer security and hacking
Provides hands-on training and interactive materials for a comprehensive learning experience
Suitable for intermediate learners who have some familiarity with computer security concepts
Requires learners to have access to a Linux-based computer and some basic knowledge of command-line tools
Focuses on a specific aspect of computer security (network access) and does not cover a wide range of topics
Provides valuable skills for cybersecurity professionals interested in penetration testing and ethical hacking

Save this course

Save Initial Access with WiFi-Pumpkin to your list so you can find it easily later:
Save

Activities

Coming soon We're preparing activities for Initial Access with WiFi-Pumpkin. These are activities you can do either before, during, or after a course.

Career center

Learners who complete Initial Access with WiFi-Pumpkin will develop knowledge and skills that may be useful to these careers:
Ethical Hacker
Ethical Hackers are responsible for testing the security of networks and systems by simulating real-world attacks. This course, which covers creating rogue access points, captive portals to harvest credentials, and other malicious techniques, could be useful for Ethical Hackers to gain better insight into a hacker's tactics and learn to better defend against them.
See salaries and explore the career path for Ethical Hacker
Computer Security Analyst
Computer Security Analysts are responsible for protecting computer systems and networks from unauthorized access, use, disclosure, disruption, modification, or destruction. This course, which covers creating rogue access points, captive portals to harvest credentials, and other malicious techniques, could be useful for Computer Security Analysts to gain better insight into a hacker's tactics and learn to better defend against them.
See salaries and explore the career path for Computer Security Analyst
Information Assurance Analyst
Information Assurance Analysts are responsible for protecting information from unauthorized access, use, disclosure, disruption, modification, or destruction. This course, which covers creating rogue access points, captive portals to harvest credentials, and other malicious techniques, could be useful for Information Assurance Analysts to gain better insight into a hacker's tactics and learn to better defend against them.
See salaries and explore the career path for Information Assurance Analyst
Network Analyst
Network Analysts are responsible for analyzing and troubleshooting network problems. This course, which covers creating rogue access points, captive portals to harvest credentials, and other malicious techniques, could be useful for Network Analysts to gain better insight into a hacker's tactics and learn to better defend against them.
See salaries and explore the career path for Network Analyst
Vulnerability Analyst
Vulnerability Analysts are responsible for identifying and assessing vulnerabilities in systems and networks. This course, which covers identifying and exploiting vulnerabilities, could be useful for Vulnerability Analysts to gain a deeper understanding of various malicious techniques that can be used to exploit vulnerabilities in networks and systems.
See salaries and explore the career path for Vulnerability Analyst
Security Consultant
Security Consultants advise organizations on how to improve their security posture and protect their information assets. This course can provide knowledge on different malicious techniques that can be used to exploit security weaknesses and vulnerabilities, which could be valuable for Security Consultants.
See salaries and explore the career path for Security Consultant
Cyber Threat Intelligence Analyst
Cyber Threat Intelligence Analysts are responsible for gathering and analyzing information about cyber threats. This course, which covers some of the malicious techniques that can be used to compromise a system or network, may be useful for Cyber Threat Intelligence Analysts to better understand the different ways attackers operate, and thus be more effective at protecting against cyber threats.
See salaries and explore the career path for Cyber Threat Intelligence Analyst
Threat Intelligence Analyst
Threat Intelligence Analysts are responsible for gathering and analyzing information about threats to an organization's security. This course, which covers some of the malicious techniques that can be used to compromise a system or network, may be useful for Threat Intelligence Analysts to better understand the different ways attackers operate, and thus be more effective at protecting against threats.
See salaries and explore the career path for Threat Intelligence Analyst
Cybersecurity Analyst
Cybersecurity analysts are responsible for monitoring and analyzing security events, identifying and mitigating security risks, and developing and implementing security policies. This course, which provides foundational knowledge and hands-on experience with rogue access points, captive portals, and other malicious techniques, may help Cybersecurity Analysts to gain a deeper understanding of a hacker's tactics and use it to better protect against attacks.
See salaries and explore the career path for Cybersecurity Analyst
Malware Analyst
Malware Analysts are responsible for analyzing and identifying malware. This course, which covers some of the malicious techniques that can be used to create malware, may be useful for Malware Analysts to better understand the different ways that malware can be used to compromise a system or network.
See salaries and explore the career path for Malware Analyst
Information Security Analyst
An Information Security Analyst is responsible for protecting an organization's information assets from unauthorized access, use, disclosure, disruption, modification, or destruction. This course would be useful for providing background knowledge on the threats in the field of Information Security and the different types of malicious techniques that can be used to attack an organization's information assets.
See salaries and explore the career path for Information Security Analyst
Security Engineer
A Security Engineer is responsible for designing, implementing, and maintaining security controls to protect an organization's information and systems from unauthorized access, use, disclosure, disruption, modification, or destruction. This course would be useful for providing knowledge on how to better design security controls to protect an organization's information assets from malicious techniques.
See salaries and explore the career path for Security Engineer
Penetration Tester
Penetration Testers, also known as ethical hackers, are responsible for testing the security of networks and systems by simulating real-world attacks. This course, which covers creating rogue access points, captive portals to harvest credentials, and other malicious techniques, could be useful for Penetration Testers to gain better insight into a hacker's tactics and learn to better defend against them.
See salaries and explore the career path for Penetration Tester
Incident Responder
Incident Responders are responsible for responding to and mitigating security incidents. This course, which provides information on malicious techniques and tactics, might be useful for understanding the different ways in which an attacker could compromise a system.
See salaries and explore the career path for Incident Responder
Network Security Specialist
A Network Security Specialist is responsible for securing and protecting networks from unauthorized access, attacks, and breaches. This course, which covers creating rogue access points, captive portals to harvest credentials, and other malicious techniques that hackers can use, may provide valuable information to learn more about the risks associated with network security.
See salaries and explore the career path for Network Security Specialist

Reading list

We haven't picked any books for this reading list yet.
Cover image
Data Breaches
Save
Provides a comprehensive overview of rogue access points, including their detection, mitigation, and prevention techniques. It covers a wide range of topics, including the different types of rogue access points, the threats they pose, and the best practices for protecting your network from them.
Data Breaches
Paperback
Check
Data Breaches
Kindle Edition
Check
Cover image
The Practice of Network Security Monitoring
Save
Provides a practical guide to detecting and mitigating rogue access points. It covers a wide range of topics, including the different types of rogue access points, the threats they pose, and the best practices for protecting your network from them.
The Practice of Network Security Monitoring
Paperback
Check
The Practice of Network Security Monitoring
Kindle Edition
Check
Cover image
Insider Threat: Protecting the Enterprise from...
Save
Provides a comprehensive overview of rogue access points, including their detection, mitigation, and prevention techniques. It covers a wide range of topics, including the different types of rogue access points, the threats they pose, and the best practices for protecting your network from them.
Insider Threat: Protecting the Enterprise from...
Paperback
Check
Insider Threat: Protecting the Enterprise from...
Kindle Edition
Check
Cover image
Building Open Source Network Security Tools
Save
Provides a comprehensive overview of rogue access points, including their detection, mitigation, and prevention techniques. It covers a wide range of topics, including the different types of rogue access points, the threats they pose, and the best practices for protecting your network from them.
Building Open Source Network Security Tools
Paperback
Check
Building Open Source Network Security Tools
Kindle Edition
Check
Cover image
IPv6 Security
Save
Focuses on the security aspects of captive portals. It provides detailed instructions on how to design and implement a secure captive portal. Noted for including information about technology, code, and devices.
IPv6 Security
Kindle Edition
$$
Cover image
T1
Save
Provides an overview of Wi-Fi security and how captive portals can be used to improve security. It covers topics such as authentication methods, encryption, and intrusion detection.
T1
Paperback
Check
T1
Kindle Edition
Check
Cover image
America Online For Dummies
Save
Provides a basic introduction to captive portals. It is written in a clear and concise style, making it ideal for beginners.
America Online For Dummies
Paperback
Check
America Online For Dummies
Kindle Edition
Check
Cover image
The Secret of Think and Grow Rich
Save
Provides a step-by-step guide to deploying and managing captive portals. It is written by a team of experts with years of experience in the field.
The Secret of Think and Grow Rich
Paperback
Check
The Secret of Think and Grow Rich
Kindle Edition
Check
Cover image
Handbook for Evaluating Infrastructure Regulatory...
Save
Focuses on the use of captive portals in public Wi-Fi hotspots. It provides information on how to design and implement a captive portal that is both secure and user-friendly.
Handbook for Evaluating Infrastructure Regulatory...
Paperback
Check
Handbook for Evaluating Infrastructure Regulatory...
Kindle Edition
Check
Cover image
The Frankfurt Book Fair and Bestseller Business
Save
Focuses on the use of captive portals in enterprise networks. It provides information on how to design and implement a captive portal that is both secure and scalable.
The Frankfurt Book Fair and Bestseller Business...
Kindle Edition
$$
Cover image
Designing Networks and Services for the Cloud
Save
Focuses on the use of captive portals in cloud-based networks. It provides information on how to design and implement a captive portal that is both secure and scalable in cloud environments.
Designing Networks and Services for the Cloud:...
Kindle Edition
$$$
Cover image
The Business of Being a Writer
Save
Provides a deep dive into the design of captive portals.
The Business of Being a Writer (Chicago Guides to...
Kindle Edition
$
Cover image
Enterprise Networking, Security, and Automation...
Save
Is written by Cisco, a leading provider of networking equipment. It provides detailed information on how to configure captive portals with WPA/WPA2 Enterprise.
Enterprise Networking, Security, and Automation...
Hardcover
$$$
Enterprise Networking, Security, and Automation...
Paperback
$$
Enterprise Networking, Security, and Automation...
Paperback
$$$$
Enterprise Networking, Security, and Automation...
Kindle Edition
$$$
Cover image
Strategic Latency Unleashed
Save
Focuses on the use of captive portals in healthcare environments.
Strategic Latency Unleashed
Paperback
Check
Strategic Latency Unleashed
Kindle Edition
Check
Cover image
The Posse Comitatus Act and the United States Army
Save
Focuses on the use of captive portals in government environments.
The Posse Comitatus Act and the United States Army:...
Paperback
$
The Posse Comitatus Act and the United States Army:...
Kindle Edition
$
Cover image
The Art of Invisibility
Save
Guide to credential harvesting techniques written by one of the most famous hackers in the world. It fascinating read and provides a lot of insight into how hackers think.
The Art of Invisibility: The World's Most Famous...
Paperback
$$
The Art of Invisibility: The World's Most Famous...
Kindle Edition
$$
Cover image
Social Engineering
Save
Guide to social engineering, which type of attack that uses human interaction to trick people into giving up their credentials. It valuable resource for anyone who wants to learn more about credential harvesting.
Social Engineering
Paperback
Check
Social Engineering
Kindle Edition
Check
Cover image
You Can Read Anyone: Never Be Fooled, Lied To, Or...
Save
Provides a comprehensive overview of deception, including its history, theory, and practice. It valuable resource for anyone who wants to learn more about how to protect themselves from deception.
You Can Read Anyone: Never Be Fooled, Lied to, or...
Paperback
$$
You Can Read Anyone (Never Be Fooled, Lied To, or...
Hardcover
$$
Cover image
Influence, New and Expanded
Save
Explores the psychological principles of persuasion. It valuable resource for anyone who wants to learn more about how to resist persuasion attempts.
Influence, New and Expanded: The Psychology of...
Hardcover
$$
(中文) Influence, New and Expanded: The Psychology of...
Paperback
$$
Cover image
Security Engineering
Save
Provides a comprehensive overview of security engineering. It valuable resource for anyone who wants to learn more about how to build secure systems.
Security Engineering: A Guide to Building...
Hardcover
$$
Personal Medical Information: Security, Engineering...
Kindle Edition
$$$
Security Engineering: A Guide to Building...
Paperback
$$$
Security Engineering, 2ed
Paperback
$$
Security Engineering and Tobias on Locks Two-Book...
Hardcover
$$$$
Security Engineering: A Guide to Building (text...
Unknown Binding
$$$$

Share

Help others find this course page by sharing it with your friends and followers:
Facebook
LinkedIn
Reddit
X
Link
Email

Similar courses

Similar courses are unavailable at this time. Please try again later.
Course image
Via
Pluralsight
Instructor
Ricardo Reimao
This course belongs to a collection called Red Team Tools . It's comprised of 22 courses:
  1. Selecting the Right Tool(s) for Your Red Team Operation
  2. Privilege Escalation and Client Execution with MSFVenom
  3. Initial Access with Aircrack-ng
  4. Initial Access with WiFi-Pumpkin (viewing)
  5. Credential Access with THC Hydra
  6. Command and Control with Covenant
  7. Command and Control with Pupy
  8. Red Team Tools for Emulated Adversary Techniques with MITRE ATT&CK
  9. Technical Information Gathering with theHarvester
  10. Defense Evasion with Invoke-Obfuscation
  11. Credential Access with Hashcat
  12. Credential Access with John the Ripper
  13. Credential Access with Mimikatz
  14. Credential Access with Responder
  15. Discovery with ADRecon
  16. Discovery with BloodHound
  17. Lateral Movement with Mimikatz 2
  18. Lateral Movement with PsExec
  19. Collection with PowerSploit
  20. Technical Information Gathering with Recon-ng
  21. Initial Access with Luckystrike
  22. Lateral Movement with WMIOps
Good to know
Taught by Ricardo Reimao, a well-known expert in computer security and hacking
Provides hands-on training and interactive materials for a comprehensive learning experience
Suitable for intermediate learners who have some familiarity with computer security concepts
Requires learners to have access to a Linux-based computer and some basic knowledge of command-line tools
Focuses on a specific aspect of computer security (network access) and does not cover a wide range of topics
Provides valuable skills for cybersecurity professionals interested in penetration testing and ethical hacking
Share and help others discover this course.
Facebook LinkedIn X Reddit Link Email
Don't miss out
Enroll today to gain access to this course
Enroll in this course
Our mission

OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

Find this site helpful? Tell a friend about us.

Affiliate disclosure

We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

Your purchases help us maintain our catalog and keep our servers humming without ads.

Thank you for supporting OpenCourser.

© 2016 - 2024 OpenCourser