So, you want to use Wifite to efficiently attack WiFi networks, eliminating the need for manual setup and configuration?
Whether you’re learning about WiFi hacking or the security of wireless devices, this tool streamlines the process so you can jump right into action as it automates several WiFi hacking techniques allowing you to capture WPA handshakes and attempt to crack passwords with minimal effort.
This article will show you how to use Wifite. We’ll introduce you to the tool, explain the hardware you need, and show you how to set up your own lab to perform these attacks.
Finally, we’ll walk you through capturing and cracking a WPA handshake and explain some pros and cons of using Wifite.
If you're ready to start, let's begin.
Disclaimer
Everything in this article is for practicing your hacking skills ethically in your home lab environment.
Remember: hacking into someone else's WiFi network without explicit permission is unethical and illegal and could result in serious consequences.
Ethical hacking focuses on learning and improving security through authorized testing—never for causing harm or pursuing malicious intent.
To use tools like Wifite on networks other than your own, you must have full written consent and authorization from the network owner.
Your respect as an ethical hacker is worth more than a few hacked WiFi networks.
If you decide to hack without explicit permission, you could face hefty penalties and potentially jail time, depending on where you live. These laws include:
- The Computer Fraud and Abuse Act (United States)
- Sections 184, 342.1, 380, and 430 of the Criminal Code of Canada (Canada)
- Computer Misuse Act 1990 (England)
- Sec. 202a and 202b of the German Criminal Code (Germany)
- Information Technology Act Sec. 43 and 66 (India)
- The Act on the Prohibition of Unauthorised Computer Access (Japan)
Before We Begin Our Wifite Tutorial
Before we begin hacking with Wifite, there’s some information we need to go over, including the required hardware and how to set up your lab.
What is Wifite?
Wifite is a Python hacking tool that automates various attacks against WiFi networks aiming to retrieve the password—e.g., pixie dust attacks against WPS and PMKID attacks on WPA encrypted wireless networks without client connections. It’s designed for use with Kali Linux and Parrot OS.
Attacks include:
WPS attacks
- The Offline Pixie-Dust attack
- The Online Brute-Force PIN attack
- The Offline NULL PIN attack
WEP attacks
- Fragmentation
- Chop-chop
- Aireplay
WPA attacks
- The WPA Handshake Capture
- The PMKID Hash Capture
With just a few commands, Wifite scans for WiFi networks, captures handshakes, and attempts to crack passwords.
Under the hood, it utilizes other popular wireless security tools, such as Aircrack-ng suite, reaver, tshark, coWPAtty, and Hashcat, to perform these tasks efficiently and effectively.
This makes it a powerful tool for testing the security of WiFi networks and identifying potential vulnerabilities.
Required Hardware
To use Wifite, you'll need a wireless adapter that supports packet injection and monitor mode.
For this demo, we’ll be using an ALFA AWUS036NHA adapter. You can check out our list of the best WiFi adapters for Kali Linux to find others that will work with Kali.

We’ll run our demos from a Kali 2024.1 virtual machine inside VMWare.
If you prefer to use VirtualBox instead of VMware, refer to the following two articles to get everything set up, and you’ll be ready to follow along with our demo.
How to Install Kali Linux on VirtualBox & Start Hacking Now
How to Hack WiFi With Kali Linux Like a Pro
Setting Up Kali
Before we begin, we must ensure our adapter is connected to Kali.
If you need help installing Kali on VMware, see How to Install Kali Linux on VMware: The Ultimate Guide.
To get started, with Kali open, simply plug your adapter into any open USB port, and VMware should detect it and ask if you want to connect it to the host computer or one of the virtual machines.
Choose “Connect to a virtual machine” and select the corresponding machine with which you wish to use it. Then, select “OK” to continue.

You can verify the adapter is connected in a couple of different ways. The first way of checking is by going to “VM” and then “Removable Devices.” This way, your adapter should be listed with a checkmark indicating a successful connection.

The second way to verify is to go to the terminal and type ip a
. If you see a WLAN network interface, Kali has the wireless network adapter installed.

If you have issues connecting your adapter, you’ll likely need to install drivers. Refer to the adapter manufacturer’s website or documentation for more information.
Our Wireless Hacking Lab
To use Wifite, we'll set up a WiFi hacking lab to practice using it in a controlled environment. This will allow us to test it safely and legally.
In addition to the wireless adapter, we’ll also need a router to use as an access point. For our demo, we’re using a Linksys WiFi 5 Router.

You can use any capable router. You don’t need the router to be connected to the internet or other devices, and you only need it to be able to broadcast a WiFi signal.
While we won’t be able to show how to set up every router, most have similar options and settings that can be adjusted similarly.
You must log in to your router’s interface and ensure a few settings are configured correctly.
In your wireless settings, set a name for your wireless access point. We’re choosing “Another Brick in the Firewall.”

Then, in the wireless security settings, choose WPA2 Personal and set a passphrase. We used “SuperSecretPassword.”

Finally, ensure the network is visible, and you’ll be ready to begin.

Wifite Download and Install
Wifite is installed in the current version of Kali, which is 2024.1 as of this writing.
If you need to install Wifite on Kali Linux, you can follow these steps:
First, ensure your Kali Linux repositories are up-to-date by running the command:
sudo apt update -y
Once the repositories are updated, you can install Wifite by running the command:
sudo apt install wifite
How to Use Wifite
Now that everything is set up let’s see how to use Wifite.
Wifite Settings and Options
Before we start Wifite, let’s look at some options you can use with this automated wireless auditing tool.
You can see all of the available options by using the command:
wifite -h
The first thing you’ll see is a list of settings.

Some of the settings include:
-v, --verbose: This will increases the information Wifite displays during operation. The more "verbose" it is, the more it tells you about what it’s doing at any given moment.
-i {interface}: This specifies which wireless interface to use, like wlan0mon. If you don’t specify, Wifite will ask you which interface you want to use if you have more than one when it starts.
-c [channel]: This sets the wireless channel to scan. This can be a single channel, like 6, or a range, like 1–6. If you're looking for a specific network, you might know the channel and can set it here to speed up the scan.
-mac: This allows you to randomize the MAC address of the wireless card.
--kill: This terminates processes that could conflict with its operation, such as other network managers or instances of Airodump.
-pow [min_power]: This filters out all targets below a certain signal strength, measured in decibels (dB). It's a way to ignore networks that are too far away and likely unreachable.
--skip-crack: This tells Wifite to only capture handshakes or PMKIDs and not attempt to crack them. It’s useful if you want to use a different tool or method for cracking.
--clients-only: This option shows only targets with currently connected clients, which can be necessary for certain attacks.
--num-deauths [num]: This specifies the number of de-authentication packets to send to clients connected to the target network.
You also have other options for WEP, WPS, WPA, and PKMID.

WEP (Wired Equivalent Privacy)
--wep: Targets only WEP-encrypted networks
--pps [pps]: Sets the speed of packet injections, which is important for speeding up data collection
--wept [seconds]: The time to attempt the attack before giving up
WPA (WiFi Protected Access)
--wpa: Focuses only on WPA-encrypted networks
--hs-dir [dir]: Designates where to store captured handshakes
--dict [file]: Specifies the dictionary file for cracking the WPA handshake
--wpadt [seconds]: The interval between de-authentication attacks to disassociate clients and capture handshakes
--wpat [seconds]: The time to wait before considering the WPA attack as failed
WPS (WiFi Protected Setup)
--wps: Shows only networks with WPS enabled
--pixie: It uses the Pixie-Dust attack to exploit WPS vulnerabilities
--bully: Chooses the Bully tool for performing WPS attacks
--reaver: Chooses the Reaver tool for performing WPS attacks
--ignore-locks: Continues the WPS attack even if the access point has locked WPS after failed attempts
PMKID (Pairwise Master Key Identifier)
--pmkid: Focuses on capturing PMKID only, which can be used to crack the network password without needing a full handshake
--pmkid-timeout [sec]: Sets how long to wait for a PMKID capture
General Commands
--cracked: Lists all previously cracked access points
--check [file]: Analyzes a .cap file to check if it contains valid handshakes
--crack: Provides commands for cracking captured handshakes with a different tool
Starting Wifite
To start Wifite, you must run it as the root user or with sudo. The easiest way to begin using Wifite is by running the command without any other flags:
sudo wwifite -hifite

Here, we’re given some information that processes running could interfere with Wifite, specifically NetworkManager—which manages network connections in Linux—and wpa_supplicant—which manages WiFi security and connections.
Wifite suggests killing these processes to prevent conflicts and rerunning Wifite with the --kill
flag to automatically stop conflicting processes.
It also provides us with interface information. One interface, wlan0 (our network adapter), uses the ath9k_htc driver for a Qualcomm Atheros Communications AR9271 chipset that supports 802.11n.
As you can see, Wifite enabled monitor mode for the adapter, simplifying the process and saving us from manually entering commands in the terminal.
By enabling monitor mode, the adapter can monitor network traffic without being associated with an access point.
Wifite Scanning
Wifite will now begin scanning the area for any wireless networks.
It’ll display the information in a table format with information including the name of the wireless network or the MAC address if the SSID is hidden, the channel the network is operating on, the type of encryption used, the power level of the signal (higher dB means a stronger signal), whether WPS is enabled and the number of clients connected to the network.

To stop Wifite from scanning, hit CTRL + C.
Wifite Attacks
Wifite will now prompt you to select the target(s) you want to attack. You can enter targets separated by commas or use a dash for a range. If you want to select all the targets found, enter “all.”
We’ll select target 11, “Another Brick in the Firewall” network.
It’ll now start its attacks, and if WPS is enabled, it’ll begin these attacks first.
If you want to skip an attack, hit CTRL + C. You’ll be shown how many attacks remain. To continue the attacks, enter “c” or exit by entering “e.”

With default settings, Wifite will attempt five attacks: WPS Pixie-Dust, WPS NULL PIN, WPS PIN Attack, PMKID capture, and WPA Handshake capture.

Cracking WPA Handshake With Wifite
If Wifite can capture a handshake, it’ll attempt to crack it with Aircrack-ng, using the wordlist at /usr/share/dict/wordlist-probable.txt.
You can always provide your own wordlist using the flag --dict [file].--kill
flag to

Wifite was able to crack the network's pre-shared key.
Pros and Cons of Wifite for Hacking
Let’s look at some pros and cons of using Wifite compared to other tools such as Aircrack-ng.
Wifite is often praised for being relatively simple to use, as it takes the complexities of WiFi attacks and puts them into a simple command-line interface.
However, the automation that makes Wifite user-friendly can also be its most problematic aspect. In fact, it can encourage a "black box" mentality where you may not fully understand what's happening under the hood.
Conversely, Aircrack-ng is less convenient but gives you more control, which can be important in certain testing scenarios. It also means you can pick the right tool for the job, leading to effective penetration testing.
The choice between Wifite, Aircrack-ng, or other tools depends on the task and objectives.
While Wifite is a great tool for streamlined workflows, learning to use Aircrack-ng and similar tools is necessary for anyone serious about becoming a penetration tester or ethical hacker.
Pros:
Cons:
Conclusion
In this Wifite tutorial we showed you how it makes hacking wireless networks simple and efficient. It can automate various attacks, including capturing and cracking the WPA handshake.
We encourage you to create a home lab and test some of Wifite's other functionalities to see what else it can do.
Now that we've shown you how to use Wifite, why not learn other types of WiFi hacking by joining the StationX Accelerator Program? You can enroll in courses and labs to hone your skills.
We also provide you with access to career roadmaps and mentorship, helping you achieve a successful career in cyber security.
Frequently Asked Questions
Level Up in Cyber Security: Join Our Membership Today!

