Pentest Tools

Published on February 4th, 2016 📆 | 5864 Views ⚑


WRAITH — Wireless Toolsuite

text to speech
Wireless reconnaissance, collection and exploitation toolsuite

Attack vectors, rogue devices, interfering networks are best visualized and identified over time. Current tools i.e. Kismet, Aircrack-ng and Wireshark are excellent tools but none are completely suitable for collecting and analyzing the 802.11 environment over a period of time without that is, implementing a custom interface.

While originally intending to develop such a custom interface to one or more Kismet based sensors, Wraith evolved. Kismet did not offer enough information, Wireshark offered too much. Wraith is an attempt to develop a toolsuite that eases the collection, collation and analysis of temporal 802.11 data in order to provide administrators with the ability to view their network(s) from a bird’s eye view and drill down as necessary to a single device. Wraith allows the user to decide what data to view, how to view it and ‘when’ to view it.

Once the reconnaissance and collection development is stable, assault plug-ins will be developed to aid WLAN administrators in the security testing of their networks.

 [adsense size='1']

Wireless Toolsuite wraith Wireless Toolsuite Wireless Toolsuite Wireless Toolsuite



  • linux (preferred 3.x kernel, tested on 3.13.0-43)
    • NOTE: some cards i.e. rosewill usb nics were not fully supported through iw on earlier kernels
  • Python 2.7
  • iw 3.17
  • postgresql 9.x (tested on 9.3.5)
  • pyscopg 2.5.3
  • mgrs 1.1
  • macchanger 1.7.0



Currently consists of four components/modules

[adsense size='2']

Radio (v 0.0.4): 802.11 network interface objects and functions

Objects/functions to manipulate wireless nics and parse 802.11 captures. Partial support of 802.11-2012


  • Currently Supported: 802.11a\b\g
  • Partially Supported: 802.11n
  • Not Supported: 802.11s\y\u\ac\ad\af


DySKT (v 0.1.5) : Dynamic Small Kill Team (Wraith Sensor)

An 802.11 sensor consisting of an optional collection radio (i.e. spotter), a mandatory reconnaissance radio (i.e. shooter) and an RTO which relays collected data to Nidus, the data storage system (i.e. HQ). DySKT collects data in the form of raw 802.11 packets with the reconnaissance (and collection if present) radios, forwarding that date along with any geolocational data (if a gps device is present) to higher.


Nidus (v 0.0.6): Data Storage Manager

Nidus is the Data Storage manager processing data received from DySKT. Nidus is the interface to the backend Postgresql database, processing data in terms of raw 802.11 frames, gps location, and ‘device’ details/status.


GUI: non-operational gui

[adsense size='3']

Source && Download

Comments are closed.