> For the complete documentation index, see [llms.txt](https://repo.4pfsec.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://repo.4pfsec.com/wireless-penetration-testing/wifi-pineapple-tetra/modules.md). # Modules ## Background The WiFi Pineapple was created with modularity in mind. The WiFi Pineapple supports community-developed modules in addition to the system modules supplied with the WiFi Pineapple, such as Recon, Clients, and PineAP. The WiFi Pineapple API is used by several community-developed modules to expand functionality. This API can be used by anybody to build modules for the WiFi Pineapple. ## Modules Let's take a look at some of the community-made modules in this section! ![](/files/-Mga5M_4LQFxBPHy7J9-) {% hint style="warning" %} We'll assume we already got our target to connect to our rogue network beforehand {% endhint %} ### TcpDump ![](/files/-Mga5P_KhQHSnpREN2_S) This module is pretty self-explanatory. It assists us by dumping all network traffic generated by our clients. This module comes in very handy in case when we want to inspect our client's network traffic for some insecure traffic and possibly sniff out some passwords or files that were transferred. #### Demo ![](/files/-Mga5RQcQ-qOjhTSbtcd) * Hit start and we'll be running ![](/files/-Mga5TpIR0H5yruRAyPp) * Once done, hit stop and download the capture for analysis ![](/files/-Mga5Zfic1UisXEM2kHi) ![](/files/-Mga5kWDfyWbAQHx9mKm) #### Analysis We can simply open the capture up with Wireshark and proceed with our analysis. ![](/files/-Mga5rElEdtiaWkGq-h3) ### DWall ![](/files/-Mga5tsyBD9xnkLcRzD6) DWall is similar to TCPdump, but it focuses on web! DWall display's Plaintext **HTTP** URLs, Cookies, POST DATA, and images from browsing clients. This has a similar issue to TCPdump. We will only be able to see insecure traffic! #### Demo ![](/files/-Mga5vfkF6LNgNpvdloe) * Hit start listening to start capturing web traffic from clients ![](/files/-Mga6-SVLTwwx0_uizRf) * As the Clients browse insecure sites, their data would be relayed to us on this page (as shown below) **Client View** ![](/files/-Mga64GjkMQNFnkX7mrb) **Wifi 🍍 View** ![](/files/-Mga67kQq8ancBk4nPDQ) ### DNSMasq Spoof ![](/files/-Mga6CcFtQtC-IAvnXZF) This module forges replies to arbitrary DNS queries using DNSMasq. #### Demo ![](/files/-Mga6GGWZarg4_KQrcSX) * Hit Start to run the spoofer ![](/files/-Mga6NMFYf3xXmp7E-cZ) * Add a custom host entry to redirect hosts ![](/files/-Mga6Pb0hOvCN0gxvbou) I'll be adding a fake entry for `example.com`. `example.com` is an actual site that people can access on the web. The real site looks like the following: ![](/files/-Mga6S4JwNG98-Q9Y4Dv) Now that we have pointed it to a different IP address containing our "evil portal", let's see what happens to the clients connected to our rogue network. #### Live DNS Attack Here we can see one of the rogue network's clients navigating to `example.com` but its totally different from what the actual website is. This shows that an attacker/man-in-the-middle is able to easily reply falsely to your DNS queries and this is highly likely to end up as a phishing attack. {% embed url="" %} ## Conclusion Those were some of the ways the community modules could be used in a lab environment! --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://repo.4pfsec.com/wireless-penetration-testing/wifi-pineapple-tetra/modules.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.