Version 2.0 Official Documentation

PhiSiFi Security Research Framework

⚠️ CRITICAL DISCLAIMER: This tool is intended SOLELY for authorized security research, penetration testing, and education. Unauthorized use against networks you do not own or have explicit written permission to test is illegal and may violate local, national, and international laws.

Overview

PhiSiFi is a Wi-Fi security research framework built for the ESP8266 microcontroller. It provides a browser-based command-and-control (C2) dashboard that allows you to run various 802.11 attack and defense modules — all from a single cheap development board.

Key Features:

Hardware Requirements

Component Details
Board ESP8266-based (NodeMCU, Wemos D1 Mini, etc.)
Flash Minimum 4MB recommended
Power USB or 3.3V regulated supply
Antenna Onboard PCB antenna (external antenna improves range)

Setup & Flashing

Step 1: Install Arduino IDE

Download and install the Arduino IDE (version 1.8.x or 2.x).

Step 2: Add ESP8266 Board Support

  1. Open File → Preferences
  2. In "Additional Board Manager URLs", add:
    http://arduino.esp8266.com/stable/package_esp8266com_index.json
  3. Go to Tools → Board → Board Manager, search for esp8266 and install.

Step 3: Select Board Settings

SettingValue
BoardNodeMCU 1.0 (ESP-12E Module)
Flash Size4MB (FS: 1MB, OTA: ~1MB)
CPU Frequency160 MHz (recommended)
Upload Speed115200

Step 4 & 5: Flash and Verify

Open ESP8266_PhiSiFi.ino, select the COM port, and Upload. Open Serial Monitor (115200 baud). You should see:

============================
 PhiSiFi v2.0 — Booting...
============================
Dashboard: http://192.168.4.1/phisifi
Ready.

Connecting to the Dashboard

Connect your device to the framework's AP:

Open browser and navigate to: http://192.168.4.1/phisifi

Tip: The dashboard URL is always accessible, even when serving a Captive Portal to victims.

Module Guide

Below are detailed instructions for all 9 operational modules.

📡 1. Network Scanner

Purpose: Discover all nearby Wi-Fi access points and their details.

  • How to Use: Click SCAN on the dashboard.
  • What It Shows: SSID, BSSID, Channel, RSSI, and Encryption type.
  • Important: You must scan first before using targeting modules like Deauth or Evil Twin.

📴 2. Deauth Attack

Purpose: Send 802.11 deauthentication frames to disconnect all clients from a target AP.

  • Prerequisites: Run a scan and select a target.
  • How It Works: Sends both deauthentication (0xC0) and disassociation (0xA0) frames to the broadcast address.
[DEAUTH] Attack started
[DEAUTH] Attack stopped

👯 3. Evil Twin (Captive Portal)

Purpose: Create a fake AP cloning a target network to capture Wi-Fi passwords.

  • How It Works: Shuts down admin AP → Creates Open AP with target SSID → Serves "Firmware Update" portal → Validates entered password by connecting to real AP.
  • Dashboard: Captured credentials appear in a red panel on your C2 dashboard.

📻 4. Beacon Flood (SSID Spoofing)

Purpose: Flood nearby devices' Wi-Fi scan lists with fake network names.

Usage: Click START for random SSIDs, or configure custom names in the "Beacon Config" tab and save before starting.

🕵️ 5. Probe Sniffer

Purpose: Passively capture probe requests to see what networks nearby devices are looking for.

Captures: Client MAC address, requested SSID, RSSI, and Timestamp.

🛡️ 6. Deauth Detector (Blue Team)

Purpose: Detect deauthentication and disassociation attacks happening nearby.

Shows: Attacker MAC, Target BSSID, Count of frames, and Last Seen time.

🪃 7. Karma Attack

Purpose: Automatically respond to probe requests by creating a rogue AP that matches the SSID a device is looking for, causing auto-connection.

⚡ 8. Wi-Fi Jammer

Purpose: Send mass deauth frames to ALL known networks across ALL 13 channels.

Warning: Highly aggressive and illegal in most jurisdictions.

📦 9. PCAP Capture

Purpose: Capture raw 802.11 management frames and save them for Wireshark analysis.

Buffer: Limited to 4096 bytes. Download the .pcap file from the PCAP tab before clearing the buffer.

Configuration (config.h)

#define AP_SSID       "PhiSiFi_C2"    // Control AP Name
#define AP_PASS       "phisifi2026"   // Control AP Password
#define AP_CHANNEL    1               // AP Channel
#define SCAN_INTERVAL 20000           // Auto-scan interval (ms)
#define DEAUTH_INTERVAL 500           // Deauth burst interval (ms)
#define PCAP_BUFFER_SIZE 4096         // Buffer limits

Troubleshooting

Architecture & State Machine

The system runs on a clean state machine pattern. Only one module runs at a time to prevent heap fragmentation.

IDLE ──→ SCAN ──→ IDLE
 │
 ├──→ DEAUTH
 ├──→ EVIL TWIN
 ├──→ BEACON FLOOD
 ├──→ PROBE SNIFF
 ├──→ DEAUTH DETECT
 ├──→ KARMA
 ├──→ JAMMER
 └──→ PCAP CAPTURE

API Endpoints

MethodEndpointDescription
GET/api/statusFull system state JSON (mode, stats, logs)
POST/api/modeChange mode: 0 (idle) through 9 (PCAP)
POST/api/selectSelect target network: idx=0 through idx=15
POST/api/beaconSet custom beacon SSIDs
GET/api/pcapDownload captured .pcap file

👨‍💻 About the Developer

Shaikh Ibrahim Mohammed Rashid

Computer Engineering Student | Cybersecurity Enthusiast

Currently pursuing a B.E. in Computer Engineering at Mahatma Gandhi Mission's College of Engineering and Technology. Passionate about Cybersecurity, Python programming, and building impactful, technical projects from scratch.

🌐 Visit My Portfolio