> For the complete documentation index, see [llms.txt](https://cybersec.th4ntis.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://cybersec.th4ntis.com/wireless/wifi-pineapple/pineap.md).

# PineAP

PineAP is PineAP is the center of the WiFi Pineapple's rogue access points, client management and filtering. - More info on PineAP [here](https://docs.hak5.org/wifi-pineapple/ui-overview/pineap#pineap-settings).

Our FIlter list here is VERY important as if this is not configured right, we can end up with targets that we are not authorized to be testing. More info on filtering is [here on their docs](https://docs.hak5.org/wifi-pineapple/ui-overview/pineap#filtering). I choose Allow for both filters by default as to not allow any unwanted/unallowed connections.

<figure><img src="/files/2Qk5LjbgZvUHR5r6NoDW" alt=""><figcaption></figcaption></figure>

### Client Filter

This chooses what devices may or may not connect.

* Allow - Only the allowed listed devices can connect.
* Deny - All devices can connect except the listed devices.

### SSID Filter

This specifies the spoofed networks for which the WiFi Pineapple will allow associations.

## Open AP

The WiFi Pineapple can advertise a single Open SSID, or respond for any requested SSID that matches the filter rules.

<figure><img src="/files/xSpCK32ZEGGgIPuf8DEX" alt=""><figcaption></figcaption></figure>

Multiple Open Access Points. When "Impersonate All Networks" is enabled, the WiFi Pineapple will answer for all SSIDs which are permitted by the filter configuration. Filters can be used to tune the responses for your engagement, by either allowing all SSIDs in the filter list, or denying all SSIDs not in the filter list.

<figure><img src="/files/cWwgAKcq92EB8dioabDm" alt=""><figcaption></figcaption></figure>

## Evil WPA

The Evil WPA access point is used to impersonate a WPA (or WPA2) PSK network. It can also be used to collect partial handshakes for use with external cracking tools when the PSK is not known.

<figure><img src="/files/aRfYLW96qf8aYYHIi5yS" alt=""><figcaption></figcaption></figure>

Here we want to name our Evil WPA SSID after our target(s), and spoof the target(s) MAC address as well. Be sure to add the target(s) SSID to the SSID Filter.


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://cybersec.th4ntis.com/wireless/wifi-pineapple/pineap.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.