-
-
KRACK
-
tcpdump
-
Krack Wireshark
-
AP & HOST CONTAINERS
-
4-WAY HANDSHAKE
Inspiration
Wi-Fi is one of the most widely used technologies in the world, yet most people never see what happens behind the scenes when a device connects to a wireless network. I wanted to create a practical cybersecurity research platform that makes WPA2 authentication, cryptographic key generation, and wireless security vulnerabilities easier to understand and analyze.
The project was also inspired by the KRACK (Key Reinstallation Attack) vulnerability (CVE-2017-13077), one of the most significant attacks ever discovered against WPA2. My goal was to build a safe, reproducible environment where students, researchers, and cybersecurity enthusiasts can study both secure WPA2 authentication and real-world attack techniques without requiring specialized wireless hardware.
What it does
WPA2Guard is a containerized cybersecurity research platform that demonstrates and analyzes the complete WPA2 4-Way Handshake process.
The platform:
- Simulates a WPA2 Access Point and Client using Docker containers
- Captures all four EAPOL handshake messages
- Analyzes WPA2 authentication traffic using Wireshark-compatible packet captures
- Derives and verifies PMK, PTK, KCK, KEK, and TK cryptographic keys
- Validates Message Integrity Codes (MICs) mathematically using a custom Python analyzer
- Demonstrates the KRACK attack (CVE-2017-13077) using proof-of-concept attack scripts
- Verifies that modern WPA2 implementations correctly reject PTK reinstallation attacks
The result is a complete educational and research environment for studying wireless network security, cryptography, and protocol vulnerabilities.
How I built it
I built the entire project as a containerized cybersecurity lab using Docker and virtual Wi-Fi hardware simulation.
Core Technologies
- Docker & Docker Compose
- Ubuntu 22.04
- mac80211_hwsim virtual Wi-Fi radios
- hostapd v2.10
- wpa_supplicant v2.10
- tcpdump
- Wireshark
- Python 3
Architecture
The platform consists of:
Access Point Container
- Runs hostapd
- Broadcasts a WPA2-protected wireless network
Client Container
- Runs wpa_supplicant
- Connects to the virtual access point
Packet Capture Layer
- Captures EAPOL traffic during authentication
- Generates packet capture files for analysis
Python Cryptographic Analyzer
- Extracts nonces and MAC addresses
- Derives PMK and PTK values
- Verifies MIC calculations
KRACK Testing Environment
- Replays Message 3 of the WPA2 handshake
- Demonstrates attack behavior in a controlled environment
- Verifies whether clients reinstall encryption keys
This architecture creates a fully reproducible wireless security research environment that can run on a standard Linux machine without requiring dedicated Wi-Fi hardware.
Challenges I ran into
One of the biggest challenges was working with virtual wireless interfaces and creating a stable testing environment.
Initially, I encountered issues such as:
- Interface conflicts between virtual radios
- NetworkManager interference
- Wireless driver configuration problems
- Maintaining consistent behavior across multiple test runs
Another challenge was accurately extracting and validating WPA2 cryptographic parameters. Understanding how PMK, PTK, KCK, KEK, and MIC values are generated required extensive research into the IEEE 802.11i specification and WPA2 security architecture.
Setting up a reliable KRACK testing environment was also difficult because packet captures, replayed handshake messages, and client responses all needed to be synchronized correctly to reproduce the attack behavior.
Accomplishments I'm proud of
- Successfully completed and captured a full WPA2 4-Way Handshake
- Captured all four EAPOL messages in a Wireshark-compatible packet capture
- Built a fully containerized and reproducible wireless security lab
- Developed a custom Python analyzer that mathematically verifies WPA2 cryptographic operations
- Successfully demonstrated KRACK attack replay behavior
- Verified that modern wpa_supplicant v2.10 correctly rejects PTK reinstallation attacks
- Created a platform that requires no specialized Wi-Fi hardware
- Combined networking, cybersecurity, cryptography, and containerization into a single research platform
- Designed, implemented, tested, and documented the entire project independently as a solo developer
What I learned
This project gave me hands-on experience with several advanced cybersecurity and networking concepts:
- WPA2 authentication and IEEE 802.11i security architecture
- Wireless networking fundamentals
- EAPOL and WPA2 4-Way Handshake analysis
- PMK, PTK, KCK, KEK, and TK derivation
- Message Integrity Code (MIC) verification
- Packet analysis using Wireshark
- Linux wireless networking internals
- Docker-based cybersecurity lab design
- KRACK attack mechanics and mitigation strategies
- Building reproducible research environments
Most importantly, I learned that strong cryptography alone is not enough to guarantee security. Correct protocol implementation and secure handling of edge cases are equally important, as demonstrated by vulnerabilities such as KRACK.
What's next for WPA2Guard: A Containerized Cybersecurity Research Platform
Future development plans include:
- Adding WPA3 and SAE authentication analysis
- Creating a web-based dashboard for packet visualization
- Building interactive educational modules for students
- Automating handshake analysis and report generation
- Supporting additional wireless security attacks and defenses
- Adding real-time cryptographic key visualization
- Integrating automated security assessment features
- Expanding the platform into a complete wireless security training environment
My long-term goal is to evolve WPA2Guard into an accessible cybersecurity education and research platform that helps students, researchers, and security professionals understand wireless security through hands-on experimentation in a safe and reproducible environment.
Log in or sign up for Devpost to join the conversation.