⚠️ FOR SECURITY TRAINING ONLY - ISOLATED LAB USE⚠️
A complete captive portal laboratory for learning wireless security, session management, and authentication vulnerabilities.
git clone https://github.com/516hackers/516-captive-portal-lab.git
cd 516-captive-portal-lab
# Set permissions and setup
chmod +x scripts/setup-lab.sh
./scripts/setup-lab.sh# Start the portal
docker-compose up --build
# Access: http://localhost:5000- Username:
guest - Password:
guest123 - Open any HTTP website to test redirect
# Ubuntu/Debian
sudo apt update
sudo apt install docker.io docker-compose python3 git
# Start Docker
sudo systemctl start docker
sudo systemctl enable docker
# Add user to docker group
sudo usermod -aG docker $USER
newgrp dockergit clone https://github.com/516hackers/516-captive-portal-lab.git
cd 516-captive-portal-lab# Make scripts executable
chmod +x scripts/setup-lab.sh
chmod +x network/*.sh
# Run setup
./scripts/setup-lab.sh# Start all services
docker-compose up --build
# Or run in background
docker-compose up -d# Create access point
sudo ./network/setup-network.sh
# Connect devices to:
# SSID: 516-Hackers-Lab
# Password: TrainingLab123- Secure vs insecure session handling
- Session fixation attacks
- Token-based authentication
Demo: Try session hijacking with fixed session IDs
- CSRF protection mechanisms
- Rate limiting implementation
- Secure form handling
Demo: Test CSRF vulnerabilities in login forms
- MAC address filtering
- HTTPS enforcement
- DNS hijacking detection
Demo: Analyze network traffic and DNS queries
- DNS manipulation techniques
- Proxy detection evasion
- Certificate pinning
Demo: Attempt to bypass portal authentication
# Comprehensive security audit
python scripts/security-test.py --audit
# Specific vulnerability tests
python scripts/attack-simulator.py --test csrf
python scripts/attack-simulator.py --test session
python scripts/attack-simulator.py --test sqlStandard User:
Username: guest
Password: guest123
Admin Access:
Username: admin
Password: 516HackersSecure123
Edit network/hostapd.conf:
interface=wlan0
ssid=516-Hackers-Lab
channel=6
wpa_passphrase=TrainingLab123Edit backend/config.py:
PORTAL_CONFIG = {
'ssid': '516-Hackers-Lab',
'session_timeout': 3600,
'max_devices': 10,
'admin_email': '[email protected]'
}# Start all services
docker-compose up -d
# Stop services
docker-compose down
# View logs
docker-compose logs -f portal-backend
# Restart specific service
docker-compose restart portal-backend# Setup wireless network
sudo ./network/setup-network.sh
# Cleanup network
sudo ./network/cleanup-lab.sh
# Check connected clients
iw dev wlan0 station dump# Complete environment reset
docker-compose down -v
docker system prune -f
./scripts/setup-lab.sh- ✅ HTTPS enforcement
- ✅ CSRF token validation
- ✅ Secure session management
- ✅ Rate limiting
- ✅ Input sanitization
- ✅ Secure headers
- ❌ Session fixation
- ❌ CSRF vulnerabilities
- ❌ Weak authentication
- ❌ Insecure redirects
- ❌ Cookie mishandling
- Understand captive portal concepts
- Practice secure login forms
- Learn session management basics
- Run basic security tests
- CSRF attacks & prevention
- Session hijacking techniques
- Network-level protections
- Analyze attack simulations
- Portal bypass methods
- Wireless security protocols
- Advanced persistence attacks
- Custom exploit development
Wireless adapter not found:
# Check available interfaces
iwconfig
# Install drivers
sudo apt install linux-firmware
# Check USB devices
lsusb | grep -i wirelessDocker permission errors:
# Add user to docker group
sudo usermod -aG docker $USER
newgrp docker
# Restart Docker service
sudo systemctl restart dockerPortal not redirecting:
# Check iptables rules
sudo iptables -t nat -L
# Verify DNS configuration
nslookup google.com 192.168.100.1
# Check service status
docker-compose psServices not starting:
# Check logs
docker-compose logs portal-backend
docker-compose logs portal-db
# Rebuild containers
docker-compose build --no-cache# Application logs
docker-compose logs -f portal-backend
# Database logs
docker-compose logs -f portal-db
# Security monitor
docker-compose logs -f security-monitor
# System logs
journalctl -u hostapd
journalctl -u dnsmasq- 🚫 NEVER deploy on production networks
- 🚫 NEVER expose to the internet
- 🚫 NEVER use real/sensitive data
- ✅ ONLY use in isolated environments
- ✅ ONLY for legitimate security training
- ✅ ALWAYS obtain proper authorization
# Recommended isolation methods
- Dedicated hardware
- Air-gapped networks
- VLAN segmentation
- Physical disconnectionWe welcome contributions from the security community:
- Fork the repository
- Create a feature branch
- Make your changes
- Add tests if applicable
- Submit a pull request
See our Contributing Guide for details.
Educational Use License - See LICENSE for details.
- GitHub Issues: Bug reports and feature requests
- 516 Hackers Forum: Community support and discussions
# Complete lab reset
./scripts/reset-lab.sh
# Network reset
sudo ./network/cleanup-lab.sh
# Docker reset
docker system prune -afBuilt with ❤️ by 516 Hackers for the security community
"Knowledge is power, but responsibility is key"
Need help? Check our documentation or create an issue on GitHub.