Attacks & Threats
Evil Twin Attack
Also known as: Rogue Wi-Fi, Fake hotspot
Definition
A Wi-Fi attack in which an adversary stands up a rogue access point that mimics a legitimate SSID, so victims connect to it and expose traffic or credentials.
Examples
- An attacker in a coffee shop broadcasting "AirportFreeWiFi" to capture roaming devices and intercept their HTTP traffic.
- A targeted enterprise attack using an SSID that matches the corporate Wi-Fi to phish 802.1X credentials.
Related terms
Rogue Access Point
An unauthorised wireless access point connected to a network, either installed maliciously by an attacker or naively by an employee, that bypasses network security controls.
Wi-Fi Pineapple
A commercial wireless auditing platform from Hak5 that automates rogue access point, evil-twin, and man-in-the-middle attacks, widely used in red-team engagements.
Man-in-the-Middle Attack
An attack in which an adversary secretly relays or alters communications between two parties who believe they are talking directly to each other.
SSL Stripping
A man-in-the-middle attack that silently downgrades a victim's HTTPS connection to plain HTTP so the attacker can read and modify the traffic.
WPA3
WPA3 — definition coming soon.
MAC Spoofing
Changing a network interface's hardware MAC address to impersonate another device, bypass MAC-based access controls, or evade tracking.