# airodump-ng [airodump-ng](https://www.aircrack-ng.org/doku.php?id=airodump-ng) "is used for packet capture, capturing raw 802.11 frames." ## Find APs to attack with a CERTAIN word in their names ``` sudo airodump-ng mon0 --essid-regex CORP --band abg -w inscope --output-format csv ``` :::tip The columns you see: * **BSSID** - MAC address of access point * **PWR** - signal strength (closer to 0 indicates stronger signal) * **Beacons** - the AP brodcasts these periodically to advertise their presence * **#Data/#s** - number of data frames captured from the AP * **CH** - channel the AP is broadcasting * **MB** - max bitrate of the AP, measured in Mbps * **ENC** - encryption (like WPA3) * **CIPHER** - encryption cipher used to secure data (AES is common in WPA/WPA3 networks) * **AUTH** - authentication method (like SAE for WPA3) * **ESSID** - network name ::: ## Listen for handshake on specific wifi name ``` sudo airodump-ng wlan0mon --essid "Name of Corp Wifi" -w capture.cap ``` :::tip The `#Data` field generally indicates how much traffic or activity is happening on that network, so I *think* it means it's a good target for handshake captures. ::: ## Start listening for a handshake using specific BSSID and specific channel ``` sudo airodump-ng mon0 -c 1 --bssid 00:11:22:33:44:55 -w name-of-file-to-output ``` Now that you're taking a good dump (heh), you could speed the handshake-grabbing process along by disassociating clients using [aireplay-ng](/pentesting/Wifi/aireplay-ng.md)! ### Scan all abg bands for specific wifi name ``` airodump-ng wlan0mon --essid "MEOW" --band abg ``` ## Sort live results See [this page](https://www.aircrack-ng.org/doku.php?id=airodump-ng) for more info, but some general keyboard shortcuts: * **i** - to inverse sort order * **s** - to sort by ESSID, data, beacons, etc. * **Space bar** - pauses/unpauses the live refresh of IDs * **Tab** - enables a mode where you can scroll through AP list ## Extract and crack captured handshakes Check the [hcxpcapngtool](/pentesting/Wifi/hcxpcapngtool) page for more info.