mdk4

Flood access points with beacon frames to create fake networks (set interface to monitor mode with sudo airmon-ng start if needed)

$ sudo mdk4 [wifi_interface] b -f [path/to/beacons.txt]

$ sudo mdk4 [wifi_interface] d

$ sudo mdk4 [wifi_interface] d -B [BSSID]

mdk4 <interface> <mode> [<mode_options>]
mdk4 [<options>] <interface> <mode> [<mode_options>]
Example: mdk4 wlan0mon d -a 00:11:22:33:44:55 -c 6

<interface>
    The wireless interface to use, which must be in monitor mode (e.g., wlan0mon).

<mode>
    Specifies the attack mode. Common modes include:
b: Beacon Flood Mode
a: Authentication Flood Mode
d: Deauthentication / Disassociation Flood Mode
p: Probe Request Flood Mode
e: EAPOL-Start Flood Mode (for WPA/WPA2)
w: WPA KICK (WPA Deauthentication)
f: MAC Filter Test Mode

-a <ap_mac>
    Target Access Point MAC address (e.g., in Deauth Mode).

-t <target_mac>
    Target client MAC address (e.g., in Deauth Mode).

-c <channel>
    Set the channel to operate on.

-s <pps>
    Set the attack speed in packets per second (pps).

-D
    Do not deauthenticate/disassociate yourself when targeting a specific client.

-h
    Show help message and exit.

-L
    List available wireless devices and their capabilities.

mdk4 is a powerful and versatile command-line tool designed for testing the security and stability of wireless networks. It is the successor to mdk3, offering a wide range of attack modes for various wireless protocols, primarily focusing on Wi-Fi (802.11). mdk4 can perform denial-of-service (DoS) attacks by flooding networks with various types of packets, such as beacon frames, authentication requests, or deauthentication/disassociation frames. It can also be used for legitimate penetration testing and security auditing to identify vulnerabilities in access points or client devices. The tool requires a wireless network adapter that supports monitor mode and packet injection. Due to its potential for disruption, mdk4 should only be used on networks for which you have explicit permission to test.

Using mdk4 against networks you do not own or have explicit permission to test is illegal and unethical. It can cause significant disruption to wireless services and is detectable. Ensure you comply with all local laws and regulations before using this tool. A wireless adapter capable of monitor mode and packet injection is mandatory.

Before using mdk4, ensure your wireless network adapter supports monitor mode and packet injection. Tools like airmon-ng (part of the aircrack-ng suite) are often used to put the interface into the required monitor mode.

mdk4 is a powerful tool. Misuse can lead to severe legal consequences. Always obtain explicit written permission from the network owner before performing any tests. Use it responsibly for educational or authorized security auditing purposes only.

mdk4 emerged as the successor to mdk3, a well-known wireless network testing tool. It was developed to address limitations and introduce new attack vectors, particularly for modern Wi-Fi standards. Its development is rooted in the open-source community focused on wireless security and penetration testing, aiming to provide robust tools for ethical hacking and security research.

aircrack-ng(8), aireplay-ng(8), airmon-ng(8), airodump-ng(8), iwconfig(8), iw(8)