If you have a Mac that’s currently connected to the Wi-Fi network or previously connected to it, you can also look up the password on that Mac. To find the Wi-Fi password on your Mac, press Command+Space to open the Spotlight search dialog, type “Keychain Access” without the quotes, and press Enter to launch the Keychain Access app. Also on the Mac: Wi-Fi Crack. To use those, or Aircrack-ng on the Mac, you need to install them using MacPorts, a tool for installing command-line products on the Mac.
Learn about exploiting wireless networks, including protocols, Wi-Fi authentication and weak points. This skills course also covers
⇒ Tools and techniques used to break into passwords ⇒ Attacking wireless networks ⇒ And more
Start your free trial
Last year, I wrote an article covering popular wireless hacking tools to crack or recover password of wireless network. We added 13 tools in that article which were popular and work great. Now I am updating that post to add few more in that list.
I will not explain about wireless security and WPA/WEP. You can read the existing article on wireless hacking tools to learn about them. In this post, I am updating the existing list to add few more powerful tools. I am adding seven new tools in the existing list to give you a single list of the most used wireless cracking tools.
1. Aircrack
Aircrack is the most popular and widely-known wireless password cracking tool. It is used as 802.11 WEP and WPA-PSK keys cracking tool around the globe. It first captures packets of the network and then try to recover password of the network by analyzing packets. It also implements standard FMS attacks with some optimizations to recover or crack password of the network. optimizations include KoreK attacks and PTW attack to make the attack much faster than other WEP password cracking tools. This tool is powerful and used most widely across the world. This is the reason I am adding it at the top of the list.
It offers console interface. If you find this tool hard to use, you can try the available online tutorials. Company behind this tool also offers online tutorial to let you learn by yourself.
Download: http://www.aircrack-ng.org/
2. AirSnort
AirSnort is another popular wireless LAN password cracking tool. It can crack WEP keys of Wi-Fi802.11b network. This tool basically operates by passively monitoring transmissions and then computing the encryption key when enough packets have been gathered. This tool is freely available for Linux and Windows platform. It is also simple to use. The tool has not been updated for around three years, but it seems that company behind this tool is now interested in further development. This tool is also directly involved in WEP cracking and hence used widely.
Kismet is another Wi-Fi 802.11 a/b/g/n layer 2 wireless network sniffer and intrusion detection system. This tool is basically used in Wi-Fi troubleshooting. It works fine with any Wi-Fi card supporting rfmon mode. It is available for Windows, Linux, OS X and BSD platforms. This tool passively collects packets to identify standard network and also detects the hidden networks. Built on a client server modular architecture, this tool can sniff 802.11b, 802.11a, 802.11g, and 802.11n traffic. It is an open source tool and supports recent faster wireless standards.
Cain & Able is another popular tool used for cracking wireless network passwords. This tool was developed to intercept the network traffic and then use the brute forcing to discover the passwords. This is why this tool helps a lot while finding the password of wireless network by analyzing the routing protocols. This tool can also be used to crack other kind of passwords. It is one of the most popular password cracking tools.
This tool is not just for WEP cracking but various other features are also there. It is basically used for Windows password cracking. This is the reason this tool is so popular among users.
WireShark is a very popular tool in networking. It is the network protocol analyzer tool which lets you check different things in your office or home network. You can live capture packets and analyze packets to find various things related to network by checking the data at the micro-level. This tool is available for Windows, Linux, OS X, Solaris, FreeBSD and other platforms.
If you are thinking to try this tool, I recommend you to first read about networking and protocols. WireShark requires good knowledge of network protocols to analyze the data obtained with the tool. If you do not have good knowledge of that, you may not find this tool interesting. So, try only if you are sure about your protocol knowledge.
Wireshark does is one of the most popular tool in networking and this is why it was included in this list in higher position.
Download Wireshark: https://www.wireshark.org/
6. Fern WiFi Wireless Cracker
Fern WiFi Wireless Cracker is another nice tool which helps with network security. It lets you see real-time network traffic and identify hosts. Basically this tool was developed to find flaws in computer networks and fixes the detected flaws. It is available for Apple, Windows and Linux platforms.
it is able to crack and recover WEP/WPA/WPS keys easily. It can also run other network based attacks on wireless or Ethernet based networks. For cracking WPA/WPA2, it uses WPS based on dictionary based attacks. For WEP cracking, it uses Fragmentation, Chop-Chop, Caffe-Latte, Hirte, ARP Request Replay or WPS attack.
This tool is in active development. SO, you can expect timely update with new features. Pro version of the tool is also available which offers much features.
CoWPAtty is another nice wireless password cracking tool. It is an automated dictionary attack tool for WPA-PSK to crack the passwords. It runs on Linux OS and offers a less interesting command line interface to work with. It runs on a word-list containing thousands of password to use in the attack. If the password is in the password’s word-list, this tool will surely crack the password. But this tool is slow and speed depends on the word list and password’s strength. Another reason for slow process is that the hash uses SHA1 with a seed of SSID. It means the same password will have a different SSIM. So, you cannot simply use the rainbow table against all access points. So, the tool uses the password dictionary and generates the hash for each word contained in the dictionary by using the SSID. This tool is simple to use with available commands.
With the newer version of the tool CoWPAtty tried to improve the speed by using a pre-computed hash file to avoid the computation at the time of cracking. This pre-computed file contains around 172000 dictionary file for around 1000 most popular SSIDs. But for successful attack, your SSID must be in that list. If your SSID is not in those 1000, you are unlucky. Still, you can try this tool to see how it works.
Airjack is a Wi-Fi 802.11 packet injection tool. It is used to perform DOS attack and MIM attack. This wireless cracking tool is very useful in injecting forged packets and making a network down by denial of service attack. This tool can also be used for a man in the middle attack in the network. This tool is popular and powerful both.
WepAttack is another working open source Linux tool for breaking 802.11 WEP keys. Like few other tools in the list, this tool also performs an active dictionary attack. It tests millions of words from its dictionary to find the working key for the network. Only a working WLAN card is required to work with WepAttack to perform the attack. Limited usability but works awesome on supported WLAN cards.
NetStumbler is another wireless password cracking tool available only for Windows platform. It helps in finding open wireless access points. This tool is freely available. Basically NetStumbler is used for wardriving, verifying network configurations, finding locations with a poor network, detecting unauthorized access points, and more.
This tool is not very effective now. Main reason is that last stable release of the tool was back in April 2004 around 11 years ago. So, it does not work with 64-bit Windows OS. It can also be easily detected with most of the wireless intrusion detection systems available. So, you can use this tool for learning purpose on home network to see how it works.
A trimmed down version dubbed as ‘MiniStumbler’ of the tool is also available. This tool is too old but it still works fine on supported systems. So, I included it in this list.
Download NetStumbler: http://www.stumbler.net/
Learn how to attack wireless networks
Learn about exploiting wireless networks, including protocols, Wi-Fi authentication and weak points. This skills course also covers
⇒ Tools and techniques used to break into passwords ⇒ Attacking wireless networks ⇒ And more
Start your free trial
11. inSSIDer
inSSIDer is one of the most popular Wi-Fi scanner for Microsoft Windows and OS X platforms. This tool was released under open source license and also awarded as “Best Open Source Software in Networking”. Later it became premium tool and now costs $19.99. The inSSIDer Wi-Fi scanner can do various tasks, including finding open Wi-Fi access points, tracking signal strength, and saving logs with GPS records. Basically this tool is used by network administrators to find the issues in the wireless networks
Download inSSIDer: http://www.inssider.com/
12. Wifiphisher
Wifiphisher is another nice hacking tool to get password of a wireless network. This tool can execute fast automated phishing attack against a Wi-Fi wireless network to steal passwords. This tool comes pre-installed on Kali Linux. It is free to use and is available for Windows, MAC and Linux.
Download and read more about WiFiphisher: https://github.com/sophron/wifiphisher
13. KisMac
KisMac is tool very much similar to Kismet, we added in the list above. It offers features similar to Kismet and is used as wireless network discovery hacking tool. As the name suggests, this tool is only available for Mac. It scans for networks passively only on supported wireless cards and then try to crack WEP and WPA keys by using brute force or exploiting any flaw.
Download KisMac: http://kismac-ng.org/
14. Reaver
Reaver is an open-source tool for performing brute force attack against WPS to recover WPA/WPA2 pass keys. This tool is hosted on Google Code and may disappear soon if developer has not migrated it to another platform. It was last updated around 4 years ago. Similar to other tools, this tool can be a good alternate to other tools in the list which use same attack method.
Wifite is also a nice tool which supports cracking WPS encrypted networks via reaver. It works on Linux based operating systems. It offers various nice features related to password cracking.
Download Wifite: https://github.com/derv82/wifite
We have a complete article on Wifite. Read wifite walkthrough.
16. WepDecrypt
WepDecrypt is another wireless LAN tool written in C language. This tool can guess the WEP keys by performing dictionary attack, distributed network attack, key generator and some other methods. This tool needs few libraries to work. You can read more details on the download page. Tool is not so popular but it is good for beginners to see how dictionary attack works.
Download and read more about WepDecrypt: http://wepdecrypt.sourceforge.net/wepdecrypt-manual.html
17. OmniPeek
OmniPeek is a packet sniffer and network packets analyzer tool. This tool is only available for Windows platform and is available for commercial use only. It also requires you to have good knowledge of network protocols and understanding of network packets. It works with most of the network interface cards available in market. With available plugins, this tool can become more powerful. Around 40 plugins are already available to extend the functions of this tool.
CloudCracker is an online password cracking tool to crack WPA keys of Wireless network. This tool can also be used to crack various other kind of password hashes. You only need to upload the handshake file and enter the network name to start the attack. With 3000 million words long dictionary, this tool is most likely to crack the password. This tool is also used for MD5, SHA and few other cracking. It is also an effective tool and worth to mention if we talk about wireless cracking tools.
See CloudCracker: https://crack.sh/
19. CommonView for Wi-Fi
CommonView for Wi-Fi is also a popular wireless network monitor and packer analyzer tool. It comes with easy to understand and use GUI to work with. This tool is basically for Wi-Fi network admins and security professionals who want to monitor and troubleshoot network related problems. It works fine with Wi-Fi 802.11 a/b/g/n/ac networks. It captures every single packet and lets you see useful information of the network. You can also get useful information like protocol distribution, access points, signal strength and more. This tool offers key information about a network and has a good value for network admins.
Pyrit is also a very good tool which lets you perform attack on IEEE 802.11 WPA/WPA2-PSK authentication. This tool is available for free and is hosted on Google Code. SO, it could be disappearing in coming months. It works on range of platforms including FreeBSD, MacOS X and Linux.
It performs brute-force attack to crack the WPA/WPA-2 passwords. It is very effective and I recommend you to try it once. Due to its effectiveness, it was necessary to mention this tool in this list.
Download Pyrit: https://code.google.com/p/pyrit/
Ethical Hacking Training
Learn how to attack wireless networks
Learn about exploiting wireless networks, including protocols, Wi-Fi authentication and weak points. This skills course also covers
⇒ Tools and techniques used to break into passwords ⇒ Attacking wireless networks ⇒ And more
Start your free trial
Final words
In this post, I added twenty working wireless cracking tools available for free or in open source licenses. You can try these tools to get access to a wireless network without knowing its password. Most of the tools are capable of cracking wireless network passwords but password cracking time may vary depending on the password’s complexity and length. Few tools cannot be directly used in cracking wireless passwords but packet analysis helps in guessing password.
I also recommend the use of these tools just for learning purpose. We do not encourage illegal activities and do not support these kind of people. Hacking wireless network to get unauthorized access is a cyber-crime. So, do not put yourself into a risk.
If you are into network security profession, you must know about these tools.
I tried my best to provide most of the available popular wireless hacking tools. If you have any suggestion, you can comment below to suggest us.
Your intensions when cracking a Wi-Fi password are no doubt noble—we trust you—so here's how to do it.
We review products independently, but we may earn affiliate commissions from buying links on this page. Terms of use.
Chances are you have a Wi-Fi network at home, or live close to one (or more) that tantalizingly pops up in a list whenever you boot up the laptop.
The problem is, if there's a lock next to the network name (AKA the SSID, or service set identifier), that indicates security is activated. Without the password or passphrase, you're not going to get access to that network, or the sweet, sweet internet that goes with it.
Perhaps you forgot the password on your own network, or don't have neighbors willing to share the Wi-Fi goodness. You could just go to a café, buy a latte, and use the 'free' Wi-Fi there. Download an app for your phone like WiFi-Map (available for iOS and Android), and you'll have a list of over 2 million hotspots with free Wi-Fi for the taking (including some passwords for locked Wi-Fi connections, if they're shared by any of the app's 7 million users).
SEE ALSO: Controversial Startup to Continue Supplying Police With Facial-Recognition Tech
However, there are other ways to get back on the wireless. Some require such extreme patience and waiting that the café idea is going to look pretty good. Read on if you can't wait.
Read next: The Best VPN Services of 2018
Windows Commands to Get the Key
This trick works to recover a Wi-Fi network password (aka network security key) only if you've previously attached to the Wi-Fi in question using that very password. In other words, it only works if you've forgotten a previously used password.
It works because Windows 8 and 10 create a profile of every Wi-Fi network to which you attach. If you tell Windows to forget the network, then it also forgets the password, so this won't work. But most people never explicitly do that.
It requires that you go into a Windows Command Prompt with administrative privileges. To do so, use Cortana to search for 'cmd' and the menu will show Command Prompt; right-click that entry and select 'Run as administrator.' That'll open the black box full of white text with the prompt inside—it's the line with a > at the end, probably something like C:WINDOWSsystem32>. A blinking cursor will indicate where you type. Start with this:
netsh wlan show profile
The results will bring up a section called User Profiles—those are all the Wi-Fi networks (aka WLANs, or wireless local area networks) you've accessed and saved. Pick the one you want to get the password for, highlight it, and copy it. At the prompt below, type the following, but replace the Xs with the network name you copied; you only need the quotation marks if the network name has spaces in it.
netsh wlan show profile name='XXXXXXXX' key=clear
In the new data that comes up, look under Security Settings for the line 'Key Content.' The word displayed is the Wi-Fi password/key you are missing.
On macOS, open up the Spotlight search (Cmd+Space) and type terminal to get the Mac equivalent of a command prompt. Type the following, replacing the Xs with the network name.
security find-generic-password -wa XXXXX
Reset the Router
How To Crack Wep Wifi
Before you do a full router reset just to get on the wireless, try to log into the router first. From there, you can easily reset your Wi-Fi password/key if you've forgotten it.
That's not possible if you don't know the password for the router, either. (They're not the same thing unless you set it up that way). Resetting the router only works if you have access. That access could be over Wi-Fi (which we've just established you don't have) or physically utilizing an Ethernet cable.
Or that access can simply be that you are in the same room as the router. Almost every router in existence has a recessed reset button. Push it with a pen or unfolded paperclip, hold it for about 10 seconds, and the router will reset to the factory settings.
If you've got a router that came from your internet service provider (ISP), check the stickers on the unit before a reset—the ISP might have printed the router and Wi-Fi key right on the hardware.
Once a router is reset, you need another password (plus a username) to access the router itself. Again, you can do this via a PC attached to the router via Ethernet—you'll need that since the reset probably killed any potential Wi-Fi connection you had going in. The actual access is typically done with a web browser.
The URL to type is either 192.168.1.1 or 192.168.0.1, or some variation. Try them randomly; that generally works. To figure out which one, on the PC connected to the router, open a command prompt and type 'ipconfig' without the quotes. Look among the gobbledygook for an 'IPv4 Address,' which will start with 192.168. The other two spaces, called octets, are going to be different numbers between 0 and 255. Note the third octet (probably a 1 or 0). The fourth is specific to the PC you're using to log into the router.
In the browser, type 192.168.x.1, replacing the X with the number you found in the ipconfig search. The 1 in the last octet should point at the router—it's the number one device on the network.
At this point, the router should then ask for a username and password. You can check your manual, but you probably lost it or threw it away. So instead, go to RouterPasswords.com, which exists for one reason: to tell people the default username/password on every router ever created.
You'll need the router's model number, but that's easy enough to find on the back or bottom. You'll quickly see a pattern among router makers of having the username of admin and a password of password. Since most people are lazy and don't change an assigned password, you could try those options before hitting the reset button. (But c'mon, you're better than that—change the password when you access the router's settings via your web browser.)
READ NEXT: How to Change Your Router Settings
Once you've accessed the router interface, go to the Wi-Fi settings, turn on the wireless networks, and assign strong but easy-to-recall passwords. After all, you don't want to share with neighbors without your permission.
Make that Wi-Fi password easy to type on a mobile device, too. Nothing is more frustrating than trying to get a smartphone on Wi-Fi with some cryptic, impossible to key-in-via-thumbs nonsense, even if it is the most secure.
Crack the Code
You didn't come here because the headline said 'reset the router,' though. You want to know how to crack the password on a Wi-Fi network.
How To Crack Wifi Password Using Cmd
Searching on 'wi-fi password hack,' or other variations, nets you a lot of links—mostly for software on sites where the adware and bots and scams are pouring like snake oil. Download them at your own risk, for Windows PCs especially. It's best to have a PC that you can afford to get effed up a bit if you go that route. I had multiple attempts with tools I found just get outright deleted by my antivirus before I could even try to run the EXE installation file.
You could create a system just for this kind of thing, maybe dual-boot into a separate operating system that can do what's called 'penetration testing'—a form of offensive approach security, where you examine a network for any and all possible paths of a breach. Kali Linux is a Linux distribution built for just that purpose. You can run Kali Linux off a CD or USB key without even installing it to your PC's hard drive. It's free and comes with all the tools you'd need to crack a network. It even now comes as an app for Windows 10 in the Windows App Store! If you're only after a Wi-Fi network, the Wifislax distro is a Live CD targets them directly.
If you don't want to install a whole OS, then try the tried-and-true tools of Wi-Fi hackers.
Aircrack has been around for years, going back to when Wi-Fi security was only based on WEP (Wired Equivalent Privacy). WEP was weak even back in the day and was supplanted in 2004 by WPA (Wi-Fi Protected Access).
Aircrack-ng—labeled as a 'set of tools for auditing wireless networks,' so it should be part of any network admin's toolkit—will take on cracking WEP and WPA-PSK keys. It comes with full documentation, but it's not simple. To crack a network you need to have the right kind of Wi-Fi adapter in your computer, one that supports packet injection. You need to be comfortable with the command line and have a lot of patience. Your Wi-Fi adapter and Aircrack have to gather a lot of data to get anywhere close to decrypting the passkey on the network you're targeting. It could take a while. Here's a how-to on doing it using Aircrack installed on Kali Linux. Another option on the PC using the command line is Airgeddon.
If you prefer a graphical user interface (GUI), there is KisMAC for macOS. It's mainly known as a 'sniffer' for seeking out Wi-Fi networks. It's the kind of thing we don't need much of these days since our phones and tablets do a pretty good job of showing us every Wi-Fi signal in the air around us. But, it can crack some keys with the right adapter installed. Also on the Mac: Wi-Fi Crack. To use those, or Aircrack-ng on the Mac, you need to install them using MacPorts, a tool for installing command-line products on the Mac.
Wireless Security Auditor
Cracking the much stronger WPA/WPA2 passwords and passphrases is the real trick.
Reaver-wps is the one tool that appears to be up to the task. You'll need that command-line comfort again to work with it. After two to 10 hours of brute force attacks, Reaver should be able to reveal a password... but it's only going to work if the router you're going after has both a strong signal and WPS (Wi-Fi Protected Setup) turned on. WPS is the feature where you can push a button on the router, another button on a Wi-Fi device, and they find each other and link auto-magically, with a fully encrypted connection. It's also the 'hole' through which Reaver crawls.
(Even if you turn off WPS, sometimes it's not completely off, but turning it off is your only recourse if you're worried about hacks on your own router via Reaver. Or, get a router that doesn't support WPS.)
Hacking Wi-Fi over WPS is also possible with some tools on Android, which only work if the Android device has been rooted. Check out Wifi WPS WPA Tester, Reaver for Android, or Kali Linux Nethunter as options.
READ NEXT: The Best UK Broadband Deals
How To Crack Wifi Password Windows 10
Watch: 1 Cool Thing: Nighthawk LTE Mobile Hotspot Router (AT&T)