airdecloak-ng

Remove cloaking from a capture file

$ airdecloak-ng -i [capture.cap] --drop

$ airdecloak-ng -i [capture.cap] --bssid [00:11:22:33:44:55] --drop

$ airdecloak-ng -i [capture.cap] -o [output.cap] --drop

airdecloak-ng -i input [-o output] [--bssid bssid] --drop|--disable

airdecloak-ng filters out WEP cloaking techniques from wireless capture files. Some access points implement cloaking by injecting fake or corrupted packets to confuse WEP cracking tools.
This tool identifies and removes these cloaking packets, producing a cleaner capture file that can be more effectively analyzed or cracked.

-i file

Input capture file

Output capture file

Filter by access point MAC address

Drop cloaking frames

Mark cloaking frames as invalid (keep them)

Only useful for captures from access points using WEP cloaking. Modern networks using WPA/WPA2 don't use these cloaking techniques. May remove legitimate packets if cloaking detection is too aggressive.

airdecloak-ng was added to the aircrack-ng suite to counter specific WEP protection mechanisms that some access point vendors implemented in the late 2000s.

aircrack-ng(1), airodump-ng(1)