Wraith is a WiFi security auditing tool for the ESP8266 platform. It provides a set of tools for scanning, monitoring, and performing common WiFi attacks through a physical OLED interface and a web-based dashboard.
graph TD
subgraph "User Interfaces"
UI_Buttons[Physical Buttons]
UI_Web[Web Dashboard]
end
subgraph "Core Controller (ESP8266)"
Logic_Main[Main Loop]
Logic_Display[Display Manager]
Logic_WiFi[WiFi Stack]
Logic_Attack[Attack Engine]
Logic_Scan[Scan Engine]
Logic_Web[Web Server / WebSocket]
end
subgraph "Hardware / Environment"
HW_OLED[OLED Display]
HW_Radio[WiFi Radio]
HW_FS[LittleFS Storage]
end
%% Interactions
UI_Buttons -->|Input| Logic_Main
UI_Web -->|WebSocket / API| Logic_Web
Logic_Web -->|Command| Logic_Main
Logic_Main --> Logic_Scan
Logic_Main --> Logic_Attack
Logic_Main --> Logic_Display
Logic_Scan -->|Control| Logic_WiFi
Logic_Attack -->|Packet Injection| Logic_WiFi
Logic_WiFi -->|TX/RX| HW_Radio
Logic_Display -->|Render| HW_OLED
Logic_Web -->|Mirror Buffer| UI_Web
Logic_Scan -->|Results| HW_FS
Logic_Main -->|Settings| HW_FS
- Scanning:
- Access Points: Scans for 802.11 b/g/n networks.
- Stations: Identifies connected client devices.
- Attacks:
- Deauthentication: Sends deauth frames to disconnect targets.
- Beacon Flooding: Broadcasts multiple fake SSIDs.
- Probe Request: Sends probe frames to identify hidden networks.
- Monitoring:
- Packet Monitor: Displays traffic density on a selected channel.
- RSSI Tracking: Monitors signal strength for a specific MAC address.
- Other:
- Captive Portal: Hosts a web server for phishing simulations.
- Remote Control: Mirrors the OLED screen and provides button input via WebSocket.
- Management: Configuration and control of scans and attacks.
- Telemetry: Displays system uptime, memory status, and packet rates.
- MCU: ESP8266 (NodeMCU, Wemos D1 Mini, or ESP-12).
- Display: I2C OLED (128x64).
- Driver Support: SSD1306 (0.96") and SH1106 (1.3").
- Input: 4-button navigation system.
| Component | Pin | GPIO |
|---|---|---|
| OLED SDA | D2 | 4 |
| OLED SCL | D1 | 5 |
| Button UP | D5 | 14 |
| Button DOWN | D6 | 12 |
| Button A | D4 | 2 |
| Button B | D3 | 0 |
Configuration can be modified in src/A_config.h.
Connect via Serial at 115200 baud.
| Command | Description |
|---|---|
scan ap |
Scan for Access Points |
show ap |
List scan results |
attack -d |
Start deauth attack |
set ssid <name> |
Configure SSID for beaconing |
sysinfo |
Show system status |
help |
List all commands |
- Install PlatformIO.
- Upload Filesystem:
pio run --target uploadfs
- Upload Firmware:
pio run --target upload
Caution
This tool is for educational and authorized testing only. Unauthorized use on networks without permission is illegal.
