Frequently Asked Questions (FAQ)

Here are the most common questions we receive about the Airstrike security distribution. Each card links out to the sections of the site where you can learn even more.

Core Platform

What is Airstrike?

Airstrike is a Flask + Socket.IO web interface that orchestrates Wi-Fi attack tooling (deauth, handshake cracking, Evil Twin) from your browser. It wraps reliable CLI utilities, exposes live Socket.IO logs, and stores captures per BSSID so you can run assessments without juggling multiple terminals.

Which attacks ship with this build?

The UI exposes the three most stable attacks: Deauthentication, Handshake Capture + Cracking (aircrack-ng + configurable wordlist), and Evil Twin (hostapd/dnsmasq, optional captive portal). Experimental modules were removed to keep the codebase lean.

What are the runtime requirements?

Python 3.10+, pip, root access, and a wireless adapter that supports monitor mode + injection. The following binaries must be in $PATH: airmon-ng, airodump-ng, aircrack-ng, iw, ip, ifconfig, hostapd, dnsmasq, iptables, and dnsspoof.

How do I run Airstrike?

Create a virtualenv, install requirements.txt, then launch sudo python run.py. The entry point enforces sudo, exports environment variables, ensures /etc/hosts contains airstrike.local, and binds to 0.0.0.0:5000. Browse to http://airstrike.local:5000.

Where do I change defaults?

Global settings live in web/shared.py inside the config dict (interface, wordlist path, capture directory). Adjust them to match your adapter names or storage paths.

Where are captures stored?

Each attack writes artifacts under captures/<BSSID>. The Results tab also streams Socket.IO logs so you can monitor progress in real time.

Usage & Security

Why does Airstrike require root?

Wireless attacks rely on monitor mode, packet injection, and services such as hostapd. Running as root avoids silent failures and lets the orchestrator manipulate interfaces safely. run.py aborts if it detects non-root execution.

What if a binary is missing?

The attack log pane will show the missing command (e.g., hostapd). Install it via your package manager and restart Airstrike. Until then the attack will not run.

My adapter is stuck in monitor mode, what now?

Use the Settings → Interface tools to return to managed mode or run utils/network_utils.set_managed_mode(). Always verify the adapter supports monitor mode/injection—Atheros or Ralink USB adapters are reliable.

Can I run Airstrike anywhere?

No. Airstrike is for lab use, red-team exercises, and engagements where you have explicit authorization. Using these attacks on unauthorized networks may violate law or policy.

Community & Support

How do I report a bug or request a feature?

Open an issue on GitHub with reproduction steps, adapter details, and relevant logs. Feature ideas should explain the problem you’re solving.

How can I contribute?

Send pull requests for documentation, attack improvements, or new UI features. See the contribution guidelines linked in our repo for coding standards and review flow.

Where can I get help?

Start with this FAQ and the documentation. If you still need assistance, reach out via the channels on the contact page and include your Airstrike version, adapter model, and logs.