I recently started experimenting with Wi-Fi penetration testing using a low-cost ESP32 microcontroller. This project gave me hands-on exposure to wireless vulnerabilities, deauthentication attacks, and basic scripting for embedded devices, all within the context of responsible ethical testing.
⚠️ Ethical Testing Notice
All testing was conducted in controlled environments on my own networks and devices. Unauthorized wireless penetration testing is illegal and unethical. This project is for educational purposes and responsible security research only.
Project Goals
- Simulate basic Wi-Fi attacks (e.g., deauth, beacon spam) in a controlled environment
- Understand how wireless clients respond to spoofed or interrupted access points
- Explore embedded development and automation using the ESP32 platform
- Lay groundwork for more advanced wireless testing with Kali Linux and external adapters
Firmware Selection
ESP32 Marauder by JustCallMeKoko
I used the open-source ESP32 Marauder project, which comes with a prebuilt web interface and a collection of wireless tools out of the box. This firmware provides an accessible entry point for wireless security testing without requiring extensive embedded programming knowledge.
Testing Results & Observations
I tested how different client devices react to wireless interference across several attack vectors:
Deauth Flooding
I simulated a rogue AP by kicking specific devices off a known SSID, watching how and when they reconnected. This revealed different reconnection behaviors across device types and operating systems.
Beacon Spam
I flooded the air with dozens of fake SSIDs to test how devices like smartphones and IoT devices handle overloaded networks. Some devices became confused while others filtered effectively.
SSID Sniffing
The ESP32 picked up probe requests from nearby devices, showing what networks they're looking for. Pretty interesting to see how much devices give away just by being turned on.
Key Learnings
Each test helped me better understand how vulnerable devices respond to basic wireless manipulation, and what protections are (or aren't) in place by default:
- Device Diversity: Different manufacturers implement varying levels of wireless security and reconnection logic
- IoT Vulnerabilities: Many smart home devices showed poor resistance to basic wireless attacks
- Mobile OS Differences: iOS and Android handle wireless interruptions with different strategies and timeouts
- Network Visibility: The amount of information devices broadcast passively is significant
- Attack Simplicity: Many effective wireless attacks require surprisingly little technical sophistication
Future Directions
This ESP32 project serves as a foundation for more advanced wireless security research:
- Integration with dedicated wireless testing distributions like Kali Linux
- Testing with professional-grade wireless adapters for extended range and capabilities
- Development of custom wireless security assessment tools
- Research into emerging wireless protocols and their security implications
The ESP32's low cost and accessibility make it an excellent platform for understanding wireless security fundamentals before moving to more sophisticated testing frameworks.