> For the complete documentation index, see [llms.txt](https://cybersec.th4ntis.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://cybersec.th4ntis.com/wireless/wifi-pineapple/recon.md). # Recon To start Recon we select the binocular icon on the left.

We can choose which frequency we wanna scan on, how long we want to scan, and other settings, like where to save handshakes, what we want and don't want to see, etc.

To start scanning, just enable the button. Once we start scanning, we will see a list of all AP's and devices around. We can also sort or search it by our filters to help us find our target(s).

Once we have our target(s) in sight, we can select it for a list of options we can do.

* Adding SSID to the PineAP Pool will have the Pineapple Broadcast as that network. This is best used on Open WiFi. * Add SSID to Filter - Allows/Denies the selected SSID to associate with the pineapple. * Add All Clients to Filter - Allows/Denies the selected clients to connect to the pineapple. * Deauthentice All Clients - Will attempt to kick off all clients on that SSID to either reconnect, or force them to connect to another AP they have connected to before. * Capture WPA Handshakes - Attempt to get a handshake. * Clone WPA/2 AP - Attemps to X When we stop scanning, the scans are saved in the Previous Scans section to download a .json file and view.

## Handshakes When we choose to Capture a WPA Handshake, it will keep waiting for a handshake(wait for someoen to connect to the AP), OR we can deauth clients that are connected to the AP and force them to re-connect and capture a handshake.

When attempting to deauth an SSID/AP with Management Frame Protection (MFP) optional/enabled. It will bring up a pop-up explaining it.

When a handshake is captured, we will see a notification in the top right, as well as the Wireless Landscape Dashboard will show us how many handshakes we have captured.

Now we can verify it by either opening the web terminal or SSH, and looking at the `/root/handshakes` folder. ```bash ls /root/handshakes ```

We will need to use either [scp](https://www.geeksforgeeks.org/scp-command-in-linux-with-examples/) or [WinSCP](https://winscp.net/eng/index.php) to copy the files off of the Pineapple for cracking. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://cybersec.th4ntis.com/wireless/wifi-pineapple/recon.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.