0Pricing
Cyber Security Academy · Lesson

Evil Twin and Captive Portal Attacks

Set up a rogue AP to perform evil twin attacks and credential harvesting via fake captive portals.

Evil Twin Overview

An evil twin is a rogue access point broadcasting the same SSID as a legitimate network. Clients connecting to it send all traffic through the attacker, enabling credential harvesting, traffic interception, and phishing.

How Clients Choose APs

Wi-Fi clients connect to the known SSID with the strongest signal and matching security parameters. By broadcasting at higher power (or deauthing clients from the legitimate AP), an evil twin can attract connections.

All lessons in this course

  1. 802.11 Security Protocols: WEP, WPA2, WPA3
  2. WPA2 Handshake Capture and Cracking
  3. Evil Twin and Captive Portal Attacks
  4. Enterprise Wi-Fi: EAP and RADIUS
← Back to Cyber Security Academy