Abstract

WiDy is an open source Wi-Fi Attack and Defense platform created to run on the extremely cheap ESP8266 IoT platform. We’ve written a simple framework which you can hack and create your own tools or automate attack/defense tasks. Among the attacks WiDy is able to perform out of the box, include:

• Honeypot Attacks
• Captive Portal Attacks
• Serving Exploits to browsers using DNS redirection
• Wi-Fi Scanner
• Wi-Fi Be Gone (similar to TV-be-gone)
• Sniffing and Injection
• Beacon Floods like MDK
• Deauthentication & Disasscoation
• Client monitoring
• WiFi IDS/IPS functionality … other interesting applications

The key advantage of using the ESP8266 to recreate Wi-Fi attack/defense functionality is that anyone can now build these tools and physically deploy them in under $5 in the field! One can only imagine the kind of projects the community can create once the core code is available to modify and hack. We have also used the Arduino based platform to make it easier to work with our code. Of course, experienced developers can recreate/port this code to work with the manufacturer SDKs or with the Open ESP SDK. The code is written entirely in C.

All code and scripts will be open sourced under MIT license and launched at Black Hat Asia Arsenal!