Command the WiFi landscape and direct attacks from a live recon dashboard, passively monitoring all devices in the vicinity.
Limit the audit to specified clients and access points within the scope of engagement and ensure zero collateral damage.
Acquire clients with a comprehensive suite of WiFi man-in-the-middle tools specializing in targeted asset collection.
Record and analyze logs, generate emailed reports at set intervals, and identify vulnerable devices in your organization.
Comprehensive WiFi Auditing.
The WiFi Pineapple® NANO and TETRA are the 6th generation auditing platforms from Hak5. Thoughtfully developed for mobile and persistent deployments, they build on over 10 years of WiFi penetration testing expertise.
- WiFi man-in-the-middle platform
- Highly effective rogue AP suite
- Over-the-air apps and modules
- Advanced client and AP filtering
- Intuitive web interface
- Simplified auditing workflow
- Live reconnaissance view
- At-a-glance intelligence
- Device tracking and alerting
- Reports emailed at set intervals
- Built on embedded Linux
- Free software updates
At the core of the WiFi Pineapple is PineAP, an advanced suite of wireless penetration testing tools for reconnaissance, man-in-the-middle, tracking, logging and reporting. Utilizing our unique hardware design, PineAP is the most effective rogue access point suite available.
Simplicity is key to any successful audit, which is why management of the WiFi Pineapple is conducted from an intuitive web interface. Built on modern standards for speed and responsiveness, the beautiful web interface puts the penetration tester in control from any device.
With an emphasis on usability and workflow, detailed information on the WiFi landscape is available at a glance. Advanced attacks are always clicks away with intelligent context menus from clients to access points.
As a platform, the WiFi Pineapple is home to numerous community developed modules which add features and extend functionality. Modules install free directly from the web interface in seconds. Developing modules is made straightforward with an API friendly to coders at any experience level.
The WiFi Pineapple Tetra is thoughtfully designed with an emphasis on performance and usability. Console access is at the ready with an integrated Serial UART from its Micro USB port. Ethernet connectivity is supported by a standard RJ45 port, as well as an onboard USB Ethernet controller from its Micro USB port.
Versatile power options and an efficient thermal design support long term deployment and on-the-go auditing. Either power from the AC wall adapter, from most laptops USB ports with the included Micro USB Y cables, or from a dual-USB battery pack.
Applications and logs are stored on the onboard high speed NAND flash memory while peripherals and expansion via the USB 2.0 host port offers support for modern LTE modems, radios, disks and more.
The WiFi Pineapple Android app simplifies USB Internet connection sharing. Tap to tether and instantly connect to the beautiful new mobile friendly web interface. Root not required.
WiFi Pineapple TETRA
The WiFi Pineapple TETRA is a rock solid dual-band penetration testing base station with exceptional performance.
Its two discrete dual-band (2.4/5 GHz) Atheros radios leverage a PCI Express bus for stability and speed. The four integrated high gain amplifiers provide unparalleled range and radio performance.
Packed with conveniences, like a built-in USB Ethernet network interface for single cable connections to the simple web interface. The integrated USB Serial port provides dedicated under-the-hood access to its Linux shell.
Combined with the 6th generation software platform, the WiFi Pineapple TETRA is the ultimate wireless penetration testing tool.
- 6th generation software featuring PineAP, web interface and modules
- (2x) Dual-Band (2.4/5 GHz) 802.11 a/b/g/n radios (Atheros AR9344 and AR9580 chipsets)
- (4x) Skybridge amplifiers with 800 mW per radio using included antennas (SMA)
- Integrated Power over USB Ethernet Port (Realtek RTL8152B chipset)
- Integrated Power over USB Serial Port (FTDI D2XX chipset)
- 533 MHz MIPS 74K Atheros AR9344 SoC
- 2 GB NAND Flash
- USB 2.0 Host Port
- RJ45 Fast Ethernet LAN Port
Campus wide audit? Strap the WiFi Pineapple NANO Tactical Edition to your bag and hit the pavement. The thoughtfully tailored tactical case houses a robust USB battery pack and WiFi Pineapple NANO while providing convenient access to its USB host port.
The new WiFi Pineapple Android app simplifies USB Internet connection sharing. Tap to tether and instantly connect to the beautiful new mobile friendly web interface. Root not required.
Plug the WiFi Pineapple NANO directly into your laptop’s USB port and immediately get connected over the onboard USB Ethernet adapter.
Long term deployment at the client site? No problem. Plug the WiFi Pineapple NANO into a standard USB power adapter and maintain connectivity remotely over out-of-band LTE with support for many current generation USB modems.
WiFi Pineapple NANO
Hak5 is proud to introduce its 6th generation wireless network auditing tool — the WiFi Pineapple NANO.
Engineered from the ground up, The WiFi Pineapple NANO was first stripped to its core. Then building on the successes and feedback from its predecessors, we developed a platform centered around performance and usability.
The end result is like nothing else that’s come before. It isn’t a simple client radio, nor is it just a router or access point. The WiFi Pineapple NANO is a powerful wireless network auditing tool that leverages its unique hardware and intuitive web interface to integrate with your pentest workflow.
And it fits in your pocket.
- 6th generation software featuring PineAP, web interface and modules
- Dual discrete 2.4 GHz b/g/n Atheros radios
- Up to 400 mW per radio with included antennas
- Integrated Power over USB Ethernet Plug
- Memory expansion via Micro SD (up to 128 GB)
- Optional mobile EDC Tactical case and battery
- USB 2.0 Host accessory expansion port
PineAP is a highly effective rogue access point suite for the WiFi Pineapple. Building on the simple probe request and response nature of Karma, PineAP takes the attack to the extreme. By utilizing its purpose engineered software in conjunction with the unique multi-radio design of the WiFi Pineapple, we’re able to thoroughly mimic preferred networks with precision client targeting. This sophisticated attack can be launched against key individuals or entire organizations, enabling the penetration tester to precisely orchestrate the airwaves. The end result is a man-in-the-middle position, enabling complete network traffic monitoring and control.
From Bring-Your-Own-Device policy management, to remote access penetration testing – the WiFi Pineapple with PineAP is your wireless auditing solution.
Any successful wireless audit begins with good situational awareness. To that end, the PineAP Recon feature provides the penetration tester with a contextual view of the WiFi landscape. Unlike traditional “war driving”, whereby the auditor passively listens for beacons being advertised by Access Points to paint a picture of the surrounding WiFi landscape, the WiFi Pineapple’s Recon Mode goes one giant step further.
Central to the PineAP suite is the self named engine. It combines multiple components to deliver customized attacks. This flexibility gives the penetration tester can gather a wide range of intelligence gathering options. From stealth monitoring to passively honeypots to active and targeted attacks, the PineAP engine is as versatile as it is powerful.
Keeping tabs on the WiFi landscape is made simple with a reporting component, enabling the penetration tester to locally capture, or receive by email, automated reports at set intervals. This is especially useful for unmanned, remotely deployed WiFi Pineapple nodes. Additionally the comprehensive logging engine enables advanced analytics.
Keeping tabs on client devices of interest is also within the realms of PineAP through Tracking. The advanced engine powering the PineAP Recon module enables the penetration tester to execute customized functions whenever devices of interest are seen in the vicinity.
Finally, complementing the PineAP suite is a multitude of community developed modules. Available as free over the air downloads, these modules provide enhancements and additional features to the WiFi Pineapple.
In conclusion, using PineAP on the WiFi Pineapple, the penetration tester is able to immediately identify, audit and analyze vulnerabilities within the wireless landscape.
By monitoring WiFi channels for all data activity, PineAP’s Recon paints a complete picture by showing both Access Points and their respective clients in a parent-child table view. What’s more, the elements of the WiFi landscape, such as SSID and Hardware address, support contextual hooks to PineAP functions and WiFi Pineapple modules. By tapping a client or access point, the penetration tester has full control of the situation. If PineAP is the ammunition, Recon is the battlefield.
Respecting the scope of engagement is critical to a successful wireless audit. Limiting the penetration test to specified clients ensures zero collateral damage. PineAP on the WiFi Pineapple supports advanced filtering and targeting capabilities. With allow and deny lists for both SSID and client Hardware address, the PineAP suite prevents unwanted devices from accessing the honeypot network.
Filter by single client of interest or entire organizations – all from the Recon view. In addition to filtering, PineAP is especially effective at snaring individual clients. The entire PineAP attack can be targeted towards a specific device, concealing the attack to bystanders.