Credits & Acknowledgments

The security community's open research makes WiFi security education possible.

MalwareZero.org is built on the shoulders of giants — the security researchers, open source developers, and community contributors who have dedicated their work to making wireless security knowledge freely accessible. This page acknowledges the projects and people that make this resource possible.

Open Source Security Tools

The following open source projects are referenced throughout MalwareZero.org. Each represents years of dedicated research and development by the security community. We are grateful for their commitment to open security research.

  • Aircrack-ng — The de facto standard for WiFi security assessment. A complete toolkit for WiFi network security testing, including packet capture, injection, and WEP/WPA cracking. Originally developed by Christophe Devine and now maintained by a dedicated team of volunteers.
  • Wireshark — The world's foremost network protocol analyzer. Essential for understanding packet-level WiFi communication and diagnosing network security issues. Developed by Gerald Combs and thousands of contributors worldwide.
  • hostapd-wpe — Wireless Pwnage Edition of hostapd. Enables IEEE 802.11 access point functionality with support for enterprise authentication attacks. A critical tool for understanding WPA enterprise security.
  • FreeRADIUS-WPE — Wireless Pwnage Edition of FreeRADIUS. Used in conjunction with hostapd-wpe to demonstrate WPA enterprise vulnerabilities. Essential for understanding PEAP and TTLS attack vectors.
  • Bettercap — The Swiss Army knife for network attacks and monitoring. A modular, portable, and easily extensible MITM framework that has largely replaced Ettercap for modern security research.
  • Kali Linux — Offensive Security's Debian-based Linux distribution designed for digital forensics and penetration testing. Provides a pre-integrated environment with hundreds of security tools, including all the tools referenced on this site. Maintained by Offensive Security.
  • Metasploit Framework — The world's most widely used penetration testing framework. Developed by Rapid7, it provides information about security vulnerabilities and aids in penetration testing and IDS signature development. Originally developed by H.D. Moore.
  • Mimikatz — A post-exploitation tool developed by Benjamin Delpy (@gentilkiwi) that focuses on Windows credential harvesting and pass-the-hash attacks. Widely used in red team operations and WiFi attack aftermath analysis.
  • Shodan — The search engine for internet-connected devices. Security researchers use Shodan to identify vulnerable network equipment, misconfigured access points, and exposed enterprise WiFi infrastructure worldwide. Created by John Matherly.
  • Certia — A wireless reconnaissance framework that automates WiFi site surveys and security assessments. Useful for identifying rogue access points and mapping WiFi coverage in enterprise environments.
  • Wifiphisher — A security tool that performs WiFi phishing attacks using custom web pages. Designed for red team engagements and security awareness training to demonstrate the risks of unverified WiFi networks.
  • RouterSploit — An exploitation framework for embedded devices. Includes modules for exploiting default credentials, command injection, and other vulnerabilities common in wireless routers and access points.
  • Hashcat — The world's fastest and most advanced password recovery utility. Supports GPU-accelerated cracking of WPA/WPA2 handshake captures and is an essential tool for WiFi penetration testing.
  • Fluxion — A WiFi security auditing tool that automates Evil Twin attacks using WPA handshake verification. Primarily used in controlled security training environments to demonstrate wireless attack vectors.
  • Reaver — A tool for performing brute force attacks against WiFi Protected Setup (WPS) registered PINs. Demonstrates the severe security weaknesses in the WPS protocol specification.

Hardware & Firmware Security Research

Several hardware platforms are central to WiFi security research. We acknowledge the vendors and researchers who have pushed the boundaries of what's possible in wireless security testing.

  • WiFi Pineapple (Hak5) — A wireless network auditing tool designed for IT professionals and security researchers. The Pineapple has become synonymous with WiFi security testing and red team operations. While it can be used maliciously, in responsible hands it is an invaluable educational and professional tool.
  • TP-Link — Many consumer routers have been researched extensively for firmware vulnerabilities that affect enterprise and home networks alike. Security researchers have responsibly disclosed numerous vulnerabilities that have improved firmware security across the industry.
  • Raspberry Pi — The affordable single-board computer has democratized hardware-based security research. Security researchers worldwide use Raspberry Pi devices as low-cost attack platforms for WiFi penetration testing and red team engagements.
  • ESP32 / ESP8266 — Low-cost WiFi microcontrollers that have been used extensively in security research for creating rogue access points, deauthentication attacks, and WiFi reconnaissance. Their low cost and accessibility have lowered the barrier to entry for wireless security learning.

Security Researchers & Publications

The following researchers and publications have contributed foundational knowledge to the field of wireless security and have informed the content on MalwareZero.org:

  • Martin Beck and Erik Tews — Pioneers in practical WPA-TKIP attacks. Their 2008 paper "Practical Attacks Against WEP and WPA" demonstrated that WPA-TKIP could be broken in practical timeframes, fundamentally changing understanding of TKIP security.
  • Andrea "biorete" Barisani and Daniele Bianco — Creators of tcpkill and contributors to the early tools that made man-in-the-middle attacks against wireless networks practical and demonstrable.
  • Brian " strategis" Carter — Author of numerous articles on WiFi security and the practical application of attack tools in enterprise security assessments.
  • Wigle.net — A crowdsourced database of wireless networks worldwide, maintained by security researchers and wardrivers. An invaluable resource for understanding global WiFi security trends and identifying patterns in wireless network deployment.
  • Wireless DEF CON — The annual WiFi security track at DEF CON brings together the brightest minds in wireless security. Presentations at DEF CON have repeatedly demonstrated new attack vectors and defensive techniques that have shaped the field.

Icons & Visual Assets

The visual language of MalwareZero.org uses carefully chosen iconography. We acknowledge the following resources:

  • Lucide Icons — A collection of clean, consistent open source icons used throughout the MalwareZero.org interface. Licensed under the ISC License. https://lucide.dev/
  • Heroicons — A set of free SVG icons created by the Tailwind CSS team. Used in some sections of the site interface. https://heroicons.com/
  • Google FontsInter and JetBrains Mono are used throughout MalwareZero.org for body text and code blocks respectively. Licensed under the SIL Open Font License. https://fonts.google.com/

Website & Infrastructure

  • Pagefind — The static site search library used to power the search functionality on MalwareZero.org. Zero JavaScript, privacy-respecting, and designed for documentation sites. https://pagefind.app/
  • GitHub — Hosting and version control for the MalwareZero.org project, enabling collaboration and open contribution from the security community. https://github.com/

Contributing to MalwareZero.org

MalwareZero.org is an ongoing project. We welcome contributions from the security community — especially corrections to technical content, additional attack technique documentation, and defensive strategy updates. If you've identified a gap in our coverage or a factual error, we want to hear from you.

To contribute, please visit our GitHub repository or reach out via our contact page. All contributors will be acknowledged here with their permission.

When contributing technical content, please note:

  • All attack techniques must include corresponding defensive countermeasures
  • Content must be technically accurate and cite primary sources where possible
  • The educational purpose of the site must be clearly stated
  • No step-by-step instructions that could be directly used for unauthorized access

Responsible Disclosure

If you discover a security vulnerability in the MalwareZero.org website or infrastructure, we follow a coordinated responsible disclosure process. Please report vulnerabilities to security@malwarezero.org with PGP encryption when possible. We commit to:

  • Acknowledging reports within 48 hours
  • Providing a timeline for remediation
  • Crediting researchers who report valid vulnerabilities (with permission)
  • Not taking legal action against researchers following responsible disclosure guidelines

Contact

For questions about content licensing, contribution opportunities, or partnership inquiries, please reach out via our contact page.