# Aircrack-ng Suite

## Documentation

Aircrack-ng suite contains more air\* tools, review the documentation on project homepage [https://www.aircrack-ng.org](https://www.aircrack-ng.org/)

## airmon-ng - Monitor Mode

```
airmon-ng <start|stop> <interface> [channel] airmon-ng <check> [kill]
```

### Start monitor for all channels

```
airmon-ng start wlan0

PHY     Interface       Driver          Chipset
phy0    wlan0           88XXau          Realtek Semiconductor Corp. RTL8814AU 802.11a/b/g/n/ac
                (monitor mode enabled)
```

### Stop Monitor

```
airmon-ng stop wlan0
PHY     Interface       Driver          Chipset

phy0    wlan0           88XXau          Realtek Semiconductor Corp. RTL8814AU 802.11a/b/g/n/ac
                (monitor mode disabled)
```

### Start Monitor for a specific channel

```
airmon-ng start wlan0 6
```

## airodump-ng - Display Networks and Associations

```
airodump-ng <options> <interface>[,<interface>,...]
```

## airodump-ng - Dump Traffic into PCAP (-w)

Capture the network traffic on a specific access point (--bssid) and write into pcap files with (-w) prefix.

```
airodump-ng --bssid 6E:C7:EC:62:0D:F9 --channel 6 -w PSK wlan0
```

## aireplay-ng

```
aireplay-ng <options> <replay interface>
```

### --deauth  count

You might want to deasociate client to make it associate again in order to capture more handshakes and IVS.

To collect handshakes use --deauth mode to disassociate client form its base station (access point). The next number is a count. It states whether to disassociate one client (1) or all clients (0).

```
aireplay-ng --deauth 1 -a ACCESS_POINT_MAC -c CLIENT_MAC wlan0
```

## aircrack-ng

Aircrack is the final tool for all attack methods WEP, WPA, WPA2 ...

### WPA2-PSK

You have a pcap file with network traffic, bssid MAC address and a wordlist with password candidates.

```
aircrack-ng -w ./wordlist.txt -b 6E:C7:EC:62:0D:F9 /root/PSK-01.cap    
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://hackerlab.gitbook.io/wiki.hackerlab.cz/wifi-pentesting/aircrack-ng.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.