Login

u/GGAllin43

r/wireshark r/packettracer r/CLI r/tui r/redteamsec r/mikrotik r/networkautomation r/Pentesting r/dotfiles
Built a minimal Bash rogue AP for lab traffic capture
▲ 1 r/Pentesting

Built a minimal Bash rogue AP for lab traffic capture

fake_ap.sh stands up an open Wi-Fi AP on Linux for authorized lab work: hostapd (nl80211 AP mode), dnsmasq (DHCP + DNS forward), iptables MASQUERADE through an uplink, and a live feed of associating clients on stdout.

I got tired of reaching for full Evil Twin frameworks when I only needed association + passive visibility. Five variables at the top (SSID, channel, uplink iface, AP iface, gateway), sudo ./fake_ap.sh, Ctrl+C tears it all down.

README has Wireshark filters for DHCP fingerprinting, SNI extraction, mDNS device ID, and per-client isolation.

https://preview.redd.it/5bqkxu8mf36h1.png?width=1895&format=png&auto=webp&s=e611a9e0c66b96546882f3ae20ae2ce78b4bc254

https://github.com/RiccardoCataldi/access-point

reddit.com
u/GGAllin43 — 1 day ago
▲ 8 r/wireshark

One bash script: open fake AP + DHCP/DNS + NAT for lab traffic sniffing

For authorized Wi‑Fi security labs I wanted a minimal setup to stand up an **open rogue AP**

and capture what connected devices leak (DNS queries, DHCP hostnames, plain HTTP, TLS SNI, etc.)

without dragging in full Evil Twin frameworks.

This repo is a single bash script that:

- creates the AP interface and starts **hostapd** (open SSID, nl80211)

- runs **dnsmasq** (DHCP + DNS forwarding, query logging)

- enables **NAT** to an uplink so clients get real connectivity while you sniff on the AP iface

- prints **connected clients** live (MAC / lease info)

- **cleans up** on Ctrl+C (hostapd, dnsmasq, iptables, interface)

Requirements: Linux, root, WiFi card with AP mode (`iw phy`), hostapd + dnsmasq + iptables.

**Legal:** only on networks and devices you own or have written permission to test.

Repo (MIT): https://github.com/RiccardoCataldi/access-point

If you use a different workflow (airbase-ng, bettercap, etc.) I’m curious what you prefer for lab APs.

reddit.com
u/GGAllin43 — 6 days ago
▲ 8 r/packettracer+3 crossposts

One bash script: open fake AP + DHCP/DNS + NAT for lab traffic sniffing

For authorized Wi‑Fi security labs I wanted a minimal setup to stand up an **open rogue AP**

and capture what connected devices leak (DNS queries, DHCP hostnames, plain HTTP, TLS SNI, etc.)

without dragging in full Evil Twin frameworks.

This repo is a single bash script that:

- creates the AP interface and starts **hostapd** (open SSID, nl80211)

- runs **dnsmasq** (DHCP + DNS forwarding, query logging)

- enables **NAT** to an uplink so clients get real connectivity while you sniff on the AP iface

- prints **connected clients** live (MAC / lease info)

- **cleans up** on Ctrl+C (hostapd, dnsmasq, iptables, interface)

Requirements: Linux, root, WiFi card with AP mode (`iw phy`), hostapd + dnsmasq + iptables.

**Legal:** only on networks and devices you own or have written permission to test.

Repo (MIT): https://github.com/RiccardoCataldi/access-point

If you use a different workflow (airbase-ng, bettercap, etc.) I’m curious what you prefer for lab APs.

u/GGAllin43 — 22 hours ago
▲ 3 r/Pentesting

One bash script: open fake AP + DHCP/DNS + NAT for lab traffic sniffing

For authorized Wi‑Fi security labs I wanted a minimal setup to stand up an **open rogue AP**

and capture what connected devices leak (DNS queries, DHCP hostnames, plain HTTP, TLS SNI, etc.)

without dragging in full Evil Twin frameworks.

This repo is a single bash script that:

- creates the AP interface and starts **hostapd** (open SSID, nl80211)

- runs **dnsmasq** (DHCP + DNS forwarding, query logging)

- enables **NAT** to an uplink so clients get real connectivity while you sniff on the AP iface

- prints **connected clients** live (MAC / lease info)

- **cleans up** on Ctrl+C (hostapd, dnsmasq, iptables, interface)

Requirements: Linux, root, WiFi card with AP mode (`iw phy`), hostapd + dnsmasq + iptables.

**Legal:** only on networks and devices you own or have written permission to test.

Repo (MIT): https://github.com/RiccardoCataldi/access-point

If you use a different workflow (airbase-ng, bettercap, etc.) I’m curious what you prefer for lab APs.

reddit.com
u/GGAllin43 — 7 days ago
▲ 11 r/dotfiles

dotty – a TUI that gives you a unified view of all your dotfiles in one command

github.com/RiccardoCataldi/dotty

https://preview.redd.it/qo6v4ieic25h1.png?width=1800&format=png&auto=webp&s=43a4f301699d7ada23c95efed219a4f53436a59f

My home directory has 140+ hidden files and folders. AWS credentials here, SSH config there, Cursor rules somewhere else. Every time I needed to tweak something I had to remember where it lived, cd there, grep around, open it.

So I built dotty: run it from anywhere, get an instant expandable tree of every dotfile and dot-directory in ~, with live preview on the right and fuzzy search (/) to jump to any config in seconds. Press e to open in $EDITOR.

Built with Go + Bubble Tea + Lipgloss. Single static binary, zero config, works over SSH and inside tmux.

Would love feedback from the TUI community.

reddit.com
u/GGAllin43 — 7 days ago
▲ 25 r/tui+1 crossposts

dotty – a TUI that gives you a unified view of all your dotfiles in one command

github.com/RiccardoCataldi/dotty

https://preview.redd.it/wyg8xt7y925h1.png?width=1800&format=png&auto=webp&s=2f0abfa7e178a887151ffd55c76f36d60c529e26

My home directory has 140+ hidden files and folders. AWS credentials here, SSH config there, Cursor rules somewhere else. Every time I needed to tweak something I had to remember where it lived, cd there, grep around, open it.

So I built dotty: run it from anywhere, get an instant expandable tree of every dotfile and dot-directory in ~, with live preview on the right and fuzzy search (/) to jump to any config in seconds. Press e to open in $EDITOR.

Built with Go + Bubble Tea + Lipgloss. Single static binary, zero config, works over SSH and inside tmux.

Would love feedback from the TUI community.

reddit.com
u/GGAllin43 — 7 days ago