airodump-ng

TLDR

Scan all wireless networks

$ sudo airodump-ng [wlan0mon]

Capture packets on specific channel

$ sudo airodump-ng -c [6] --bssid [00:11:22:33:44:55] -w [capture] [wlan0mon]

Scan only 5GHz networks

$ sudo airodump-ng --band a [wlan0mon]

Scan with manufacturer info

$ sudo airodump-ng --manufacturer [wlan0mon]

Scan showing WPS information

$ sudo airodump-ng --wps [wlan0mon]

SYNOPSIS

airodump-ng [-c channel] [--bssid mac] [-w prefix] [--band band] [options] interface

airodump-ng is a wireless packet capture and network discovery tool. It displays detected access points and clients in real-time, capturing packets to files for later analysis with aircrack-ng.
The tool shows network names, encryption types, signal strength, channel, MAC addresses, and associated clients, making it essential for wireless reconnaissance.

PARAMETERS

-c channel

Lock to specific channel

--bssid mac

Filter by access point MAC

-w prefix

Output file prefix (creates .cap, .csv, .kismet.csv, .kismet.netxml)

--band band

Band: a (5GHz), b (2.4GHz), g (2.4GHz)

-a

Filter unassociated clients

--write-interval seconds

Time between file writes

--manufacturer

Show manufacturer from OUI

--wps

Show WPS information

--output-format formats

Output formats: pcap, ivs, csv, gps, kismet, netxml

-r file

Read from capture file instead of live capture

CAVEATS

For authorized security testing only. Requires monitor mode interface. Capture files can become very large. Some information requires being on the correct channel.

HISTORY

airodump-ng is a core component of the aircrack-ng suite, first released in 2006. It replaced the original airodump with improved features and stability.