Fast and automated WiFi WPS PIN cracking tool with advanced attack features.
β οΈ Note: WIPWN is optimized for Termux From F-Dorid on Android. For best results and compatibility, use Termux. Kali/Debian support is legacy.
- Python 3.8+
- aircrack-ng suite
- wpa_supplicant
- pixiewps
- Termux
pkg update && pkg upgrade -y
pkg install root-repo -y
pkg install git python wpa-supplicant pixiewps iw openssl -y
pkg install tsu -y || pkg install sudo -y
git clone https://github.com/anbuinfosec/wipwn
cd wipwn
chmod +x main.py# Remove wipwn
rm -rf /path/to/wipwn# Remove sessions/data (optional)
rm -rf ~/.Wipwn/sudo python3 main.py -i wlan0sudo python3 main.py -i wlan0 -b AA:BB:CC:DD:EE:FF -Ksudo python3 main.py -i wlan0 -b AA:BB:CC:DD:EE:FF -Bsudo python3 main.py -i wlan0 -b AA:BB:CC:DD:EE:FF --dictionary-attack --wordlist /path/to/wordlist.txtsudo python3 main.py -i wlan0 -K -wsudo python3 main.py -i wlan0 -K --auto-vuln-listsudo python3 main.py -i wlan0 --resume-session mysessionsudo python3 main.py -i wlan0 -b AA:BB:CC:DD:EE:FF -K-i wlan0: WiFi interface-b AA:BB:CC:DD:EE:FF: Target BSSID-K: Pixie Dust attack
sudo python3 main.py -i wlan0 --online-bruteforce --bruteforce-threads 8 --pin-limit 5000sudo python3 main.py -i wlan0 --detect-weak-algosudo python3 main.py -i wlan0 --advanced-recon --signal-analysissudo python3 main.py -i wlan0 -b AA:BB:CC:DD:EE:FF -K --detect-rate-limit --bypass-rate-limitsudo python3 main.py -i wlan0 \
-K \
--advanced-recon \
--detect-weak-algo \
--spoof-mac \
--html-report \
--auto-vuln-list# Create session
sudo python3 main.py -i wlan0 -b AA:BB:CC:DD:EE:FF -K -s session1
# Resume session
sudo python3 main.py -i wlan0 --resume-session session1
# List sessions
sudo python3 main.py --list-sessionssudo python3 main.py -i wlan0 --html-report --detailed-report --report-dir ./reportssudo python3 main.py -i wlan0 -b AA:BB:CC:DD:EE:FF -p 12345678sudo python3 main.py -i wlan0 --pbc-K, --pixie-dust Pixie Dust attack
-B, --bruteforce Online bruteforce
-F, --pixie-force Pixiewps force mode
--pbc Push button connect
--pin PIN Use specific PIN
--dictionary-attack Dictionary password attack-i, --interface Interface (required)
-b, --bssid Target BSSID
--session ID Save/restore session
--channel-hop Enable channel hopping
--spoof-mac Spoof MAC address--detect-rate-limit Check for rate limiting
--bypass-rate-limit Attempt bypass
--detect-weak-algo Find weak algorithms
--advanced-recon Network fingerprinting-w, --write Save credentials
--auto-vuln-list Add to vulnerability list
--html-report Generate HTML report
--json-output FILE Save results as JSON
--csv-output FILE Save results as CSV-t, --timeout SEC Receive timeout
-d, --delay SEC Delay between attempts
-l, --lock-delay SEC Wait after lock
--bruteforce-threads N Number of threads~/.Wipwn/
βββ sessions/ # Saved sessions & cracked networks
βββ wordlists/ # Dictionary files
βββ reports/ # Generated reports
vulnwsc.txt # Vulnerability list
[+]= Success[i]= Information[!]= Warning[-]= Error[?]= Question
Networks are marked with color indicators during scanning:
- π’ Green - Possibly vulnerable (WPS enabled, no protection detected)
- π΄ Red - WPS locked (AP is actively blocking WPS attempts)
- π‘ Yellow - Already stored (Network credentials cracked and saved in vulnwsc.txt)
- βͺ White - Maybe vulnerable (WPS unclear, needs further analysis)
iwconfig
sudo airmon-ngsudo python3 main.py -i wlan0sudo python3 main.py -i wlan0 -b BSSID -K -t 20sudo python3 main.py -i wlan0 -b BSSID -K --bypass-rate-limit# Scan only
sudo python3 main.py -i wlan0
# Quick attack (Pixie Dust + Save)
sudo python3 main.py -i wlan0 -b BSSID -K -w
# Full test with reports
sudo python3 main.py -i wlan0 --advanced-recon --html-report -w
# Bruteforce
sudo python3 main.py -i wlan0 -b BSSID -B --bruteforce-threads 8
# Dictionary attack
sudo python3 main.py -i wlan0 -b BSSID --dictionary-attack --wordlist wordlist.txtThis tool is for authorized security testing ONLY.
- Only test networks you own or have permission to test
- Unauthorized access is illegal
- User assumes all responsibility
OneShot v0.0.2 | Modified by @anbuinfosec