3 Levels of WiFi Hacking

nordvpn is bad
edit: please don't hack me I love your videos

Hi

Info in these videos is great! 100% Just, WAY too much beard and face, way too close to the camera.
I like to listen without watching. .. the visuals are really distracting and unappealing.

I am a big fan, and your videos has already given me a head start in IT. But could you please do more hacking videos using MacOS? I don't have linux, and I do not have enough storage for a virtual machine.

by far the smooothest use of a sponsor.

Alfa, Hak5, NordVPN, Alienware, and BearCaveCoffee all real happy right about now

If more ads were like this, I wouldn't mind them so much. lol

Yeah.. just use your own router to setup a vpn, free and no company involved you need to trust!

@@hahhahahahha Well… basically who owns the endpoints, owns your data as well.

@@andrasbradacs6016 yes, so that's why I said better own it yourself

specify a safer DNS or two, use vpn, use vlans, harden Harden HARDNER

Don't let facts get in the way of an ad segment. NordVPN know this... as do the rest. Fine in 2001, virtually useless in 2024.

Mate this is for regualr folks. You talk like that to the users i deal with and its like speaking mandarin. 😂 sure they might see (this website is not secured) but they dont give a fuck. They dont know, are not smart enough.

@@diegoe.4639 i get it, I guess my point is, if we need to get one learning from the video, I would rather read « do not bypass ‘website not secure’ warnings, especially on a public WiFi » than « be scared, spend a monthly fee on my sponsor and feel secured »

​@@diegoe.4639really? In my experiences, normal people will see that message and not go through with it because it's unusual.

@@diegoe.4639 Still, he has a point. If you surf the web on some public wifi and start seeing a bunch of 'red flag' warnings (Chrome is an example, that will shout 'unsafe web site'), the only thing the 'regular folks' need to know is 'STOP, do NOT continue... wait until you get home'.

my thoughts the whole time, 99% of traffic is gonna be HTTPS in the first place

Still very cool content. A good start to undertand some technique. I am sure it makes you more scared once you think about the posseblility to crack decription on the fly.. what might be a thing in the future.

Https can be hacked. Https does not stop an evil twin.
Https only encrypts the data between you and the website. It can be broken.

I'm still making a Pwnagotchi this weekend.

there arent any more hacking techniques that really work

No cap

Yea, after seeing this strong force is pushing me to reflash my old esp8266 deauther to spam ssids with "dont use nordvpn" 😀

@@joshfixall7938 as a noob and gen-xer I originally thought "no cap" was referring to no cap on the amount of money Nord is paying out. after a quick google search i learned it means no lie, not being deceitful from not capping one’s teeth with gold. in the future i’ll just hover over the word and it will tell me its origin.

this is like 99% a ad no cap

Extremely well, dude just casually skip the fact that wifi has its own password and encryption for promoting Nord vpn

Right? Vs. an OpenVPN or WireGuard video using your home router. Hah, gotta pay the bills. The one advantage to NordVPN is that it's super simple to use for the lazy with money to spare.

NordVPN, dont get hecked give your information away for free, I mean fu pay and get owned.

Is that so bad? The techniques are really well explained and show the real usecase for tunneling your traffic.. Better than VPN providers trying to tell you that you need VPN to browse the web anonymously.

Lmao yeah this guy has a nice beard, but he is one of these apple hipsters lmao
Btw didn't even know there's promo spam in this because I use sponsorblock and yeah sure I can see two green bars.

True. Any decent VPN will work though

Can depend how clueless the person having their traffic diverted is, the person doing the man in the middle could do something to get the user to click on a special page to install a custom certificate from the attackers machine and set it as trusted source, that way the attacker can then decrypt the incoming pages and re-encrypt the traffic with their custom certificate, the certificate being trusted on the end users device means that they wont see any errors and the attacker can then see all the data in the encrypted pages. This get used already in corporate/education environments where they have a web filter and want to inspect says a users search traffic for words/terms that they want to block (Proxies, adult content, etc.) and they only way to do this is via HTTPS decrypt and inspect.

@@MrTwoZZT what's the point? if they can get the user to install something on the machine, they can pull out information even if they have a VPN anyway.

Thanks for saving me the time. NEXT!

I am networkchuck fun😊😊😊

No that only stops man in the middle attacks. You need endpoint protection

yeah... oh also he forgot to mention that your internet traffic is most definitely encrypted so most of the attacks here dont work anyways

this happened to me i feel much better now tho

...and the WiFi Pineapple...lol

The point of the video is not to be informative but to sell and be entertaining.

yeah, also known as "mislead" and "lie"@@Qornv

No shit

@@Qornvthat’s completely inaccurate. It’s to bait the wannabe hackers, mostly teens, entice them to purchase the equipment and watch more of his videos to understand more. It’s called bullshit not entertainment.

@@jmax8692 can u teach me or tell me where to learn it

Bro mind be minding

Would love to see you tricking a dns provider

Then you become a sponsorship of 2020

@@abdelbakiberkati Tricking a DNS is easy if you are man in the middle. You simply don't have to reroute the traffic back through the router as it was, you can switch around certain key addresses kind of like with a hosts file. No need to trick a DNS at all.
The problem lies with encryption. If the encryption keys (which you don't have) don't match, the VPN app will throw a hissy fit. As such we have to rely on the next best thing. You route the data as usual however when the target tries to connect to a VPN, you can simply time out the traffic. The target may think their VPN is down, or not responding or blocked by an ISP or thousands of other things. Meanwhile - chances are they are not going to give up Internet browsing and simply temporarily stop using their VPN.

@@Telhias thats new for me thanks for the lesson! But i guess « pretending to be a NordVPN server » requires tricking the global DNS registrars not one victim

“Nord VPN can stop these attacks” sure i guess but if you know what you’re doing it’s pretty easy to get around

Found the video, thanks!

​@@roachdoggjr2988, please explain to us in detail how you're going to decrypt an encrypted VPN connection and steal the user's data. No, it's not not "easy" and you're not getting around it.

Yes, if you are using a modern browser and https connections only - what should be standard, this kind of dns spoofing to his own server will be detected by the browser. Giving you an unoverseeable hint that you have unsafe connection. This kind of attack will only work if the victim will click through the warnings, that he wants to take the risk or the hacker has stolen the private key of the https of the web server. So this vid is somehow an propaganda or just a not very nice NordVPN commercial.

@@roachdoggjr2988 Nordvpn can indeed stop these attacks and would not be easy to get around even if you knew what you were doing
However nordvpn does not need to stop these attacks because HTTPS stops them for you
All of the attacks shown in this vid (except captive portal) are completely and utterly useless

Do 50 for health 😂

Do a push up for all the same comments you left on multiple channels for likes🤣🤣🤣
Edit: The clown couldn't do 1 push up irl💀

@@numb0t Ngl this is the first time i did it lol. Actually crazy the numbers😂😂

@@robertlemonsjr lmao

When do we get our pushups

Agree

We need comments like this, so people won't be falsely lead on.

I've used everything in this video (responsibly) and it works just fine

Internet outage in 2025

@@samonKBM You sure did, lil Timmy and we're soooo proud of our big boy, growing up so fast to be the neighborhood's biggest 1337 h4xX0r of White Hat sorcery! No one messes with lil Timmy in this part of town where we'll have you know he remains undefeated and un-pwn't!!!!!!!!!!!111oneone

Mostly yes

Indeed. man in the middle attacks wont yield much. DNS spoofing is still a threat. Though your web browser should start complaining that the website it reached isn't the website on the certificate.

@@joshuapettus6973 Most browsers have DNS over TLS enabled by default as well now anyways

@@joshuapettus6973 I'm disappointed he didn't mention that if you get connected to a cloned webpage via DNS spoofing, your browser will tell you your connection is not secure.

Its an add. Lazy noobs will get scared and get nordvpn

Me too. But im from south texas.

will one day move there myself

I totally agree to this comment. Very code idea and even not that hard to set up by yourself. But I think there are more than enough people who just want to buy a good VPN subscription with a few simple clicks instead of setting it up and hosting it by them selves.

It should be noted that self hosting, does not stop your ISP from seeing your traffic. The tunnel exists between your network and your client device.
However, while the ip of your device won't be seen, your network activity is still in full view of the ISP, because the door is within your network and the ISPs door is the only way traffic is getting in or out.
Basically wherever the hosted service is located is where encryption ends. If your using a VPN provider, they can protect you from your ISP, however they (the vpn)get to see all your data. Whether or not they share that data with advertisers or authorities is up to them.

Yeah, I have wieguard setup on my raspberry pi through pivpn. My phone and tablet are always connected to that. Helps me feel secure without having to pay for a VPN.

@@unrealzman68 That's why it is also important to use some other DNS service other than the ISPs and point all devices on you self hosted VPN server to use that DNS server. A self hosted DNS recursive server with pihole/unbound is a great tool for this though there are other services you can use. Most websites you visit are HTTPS encrypted. As such, the ISP can only see the DNS requests. Not if you use another DNS.

@@unrealzman68 What's the point of hiding traffic from your own ISP and showing it to the VPN host and their ISP? If you do anything illegal the VPN company will provide data to the authorities just like the ISP would. The real use of a VPN would be to encrypt your traffic in public networks like at a cafe or if your school/work has an insecure network setup. Or to appear in a different location for geolocked services.

That’s right.

You basically man in the middle yourself

Setup your own vpn in your home router :)

wireguard works just fine from your home router. All this nord vpn stuff is just an ad.. though, it's a safe way to do it.

But won't your connection be in clear after it leaves your router home vpn? I dont get it

I used to network into my buddies office printer from about 20 miles away and print in like 40 font "This printer thinks you are gay!". I must have gone through a few reams over the years. I still don't think he knows it was me.. Not really a hack but he had so idea I could simply network in.. lol

Why connect to a "Man in the middle" hacker when you can pay NordVPN( or any other VPN you don't manage your self like Surfshark etc) to provide the same service......Let's just trust Nord/Xvpn is honest.... Shame Chuck! Shame!
ua-cam.com/video/pp-INfssWBo/v-deo.html

Yeah, the usual VPN adds ....

You forgot the bit where "Hacker captures encrypted user data that they can not exploit".. because - TLS - which the snake oil sales teams all pretend doesn't exist. Oh oh but your vacuum cleaner knows you went to your bank website!

​​@@ingmarm8858 but chrome removing the trust https warning is new and people is just dumb. But yeah is hard to do something only connected to the wifi, not even a twin

Thank you god.

@@ingmarm8858 Technically the user did not forget, the content it highlights look a lot like the result of some AI tools that take the transcript and try to write timestamps. Just look at "Hackers demonstrate three levels of hacking". How useless is that timestamp at 0:03?

If they want to actually make timestamps of their own, there are plenty of extensions that are good to MANUALLY timestamp videos. I personally use TimeTags for UA-cam

My thoughts exsactly, i was like wait these tools don't let you understand jack shit because I guarantee both those tools/toys are using the same linux based open source applications.

Yeah, I was going to say the noob knowing all that code is not a noob. But I get how programs would make life easier and would be smarter to use them than to not.

I didn't watch it all yet, but the 'pro'' setup looks like a HAARP station...

What if the NordVPN server gets hacked, then they got all you traffic remotely without even having to be near you with a WiFi spoofer. Scary stuff. BTW. The AircrackNG-Suite is useless with longer random WiFi passwords. This video is trying to make it sound like everything is so easy. liol

a "pro" hacker will respond to HTTPS logins requesting HTTP logins, SOME (not all) apps will respond in HTTP (clear text). App devs clearly put app functionality over security. 100% tried and test method by a.. err.. friend.

its not hard to get a trusted certificate to use for the cloned website

@@marcobaldanza2332 Indeed, but your browser will warn you that you’re now heading towards a non-tls site.

@@marcobaldanza2332 For many years TLS has become the standard and you cannot just "downgrade" this anymore. There is no redirect. The connection starts and the first part the client sends is his supported tls ciphers.
You can block that, but the client wont just retry with http.. why should he? the endpoint was configured as https, not http.
You might be able to fool a browser into allowing this downgrade, but many started to force https and display warnings on http. And pages which were once opened and have HSTS aswell as preloaded-HSTS ones will just deny using http alltogether.

@@SalamanderS337 then do it. you wont be able to get a cert for e.g. my website. You need to proof ownership one way or another.

No mention of https/DoH or any other security feature existing, just to shill out and scare people into buying with his affiliate link. most comments making him a hero.. this is sad

😂😂😂😂😂

Well put

And it's easy to do

@@holdulv Exactly. It’d just combining 2 mentioned methods in the video, and tools exist which automate it. Ontop of this, it’s MUCH easier to phish a wifi password than to bruteforce it (if that’s what you’re after) so I’d prefer this method over the aircrack-ng suite.

Cannot deauth wpa3

@@jackeagle2734 Yes, I said that. Wouldn’t matter anyways due to wpa3’s dragonfly handshake.

No.
Kali will mask your MAC address, and when the hack happens will spoof the MAC address of a device on the hacked network.
It is basically what Chuck is talking about at the 17 minute mark, its one of the reason you want an ALFA or similar device that allows all this MAC address changing on the fly and allows better bigger antennas.

Experts saying VPN is useless are those who recognize that most people are using only HTTPS these days, so a VPN adds little extra. Experts saying VPN is a must have are sponsored by a VPN company.

Well that's because most people don't do stuff that begs the FBI to raid them so VPN isn't really necessary it's only when you need to
1) watch content that's not available in your area or
2) Bypass a firewall
Apart from that a VPN isn't really needed too much or else i might be forgetting some use case.
At the top level VPNs aren't used because if you are really doing something BIG then whoever you are up against has enough tech to bypass a VPN and still trace you out. So simply put
1) For beginners VPN is useless coz you aren't really going to use it for such an advanced shit
2) For higher levels you are gonna be traced out anyways so forget it.

It depends of the context, a VPN is useful if you want to reach some services in your entreprise or your home network. But the VPN as most people understand it now as NordVPN and etc are almost useless except if you want to emulate your localization to reach some services filtered by countries for examples. All security arguments are quite bullshit (it's quite uncommon to have services running on HTTP and not HTTPS) as better privacy too (lot of these companies are suspected to sell private data and IP addresses are not needed anymore to track users since a long time).

Because 99.5% of websites nowadays are already HTTPS encrypted (minus the IP/location). If the NordVPN server gets hacked, then they got all you traffic remotely without even having to be near you with a WiFi spoofer.

I rather spread out my traffic over multiple HTTPS encrypted websites, than getting all my info siphoned off from a central VPN server by hackers of government. Simple as that.

exactly my question... he didn't go over the fact that it is way more complex and outright impossible to perform an evel twen attack with many websites due to many reasons... this stuff that he explains and puts emphasis not to use for evil intent are so outdated that it wouldnt even work in a modern setting! great and entertaining content as usual though

Woot, if he spoof the DNS he can just serve any website? The certificate is there to stop the man in the middle attacks, to read the data going from computer to server. If the you spoof the server, so the client talks to your server instead, you can basically send any website to the client, right?

@@GALENGODIS No, the browser will reject it because it can't prove its the actual owner of the domain (because it doesn't have a certificate)

@@GALENGODIS yes it can send any website without ssl. Browsers show big warning for the sites that doesn't use ssl so it is still nearly impossible.

MitM attacks try to spoof the original web site like fishing and for the dns it'sd true but i never take the lesst bussy my job, icloud or google . so i get many time up event if i'm not on wifi but whit good cat 5

​@benoitmarc-andre1733 I kind of disagree. HTTPS is really robust, and all you can see is URL in SNI during TLS handshake or in DNS request. You would need to change DNS response to spoof the original page, as payload of HTTPS is encrypted until you own certificates privatekey. Mitigate TLS handshake is also super complicated as selfsigned certificate will be automatically refused and no CA will generate cerificate for already existing domain. At the sametime many web sites nowadays use DNSSEC and HSTS, which prevents practically every MiTM attempt of attack on HTTP protocol. So browsing internet over HTTPS is really secure even if there is someone listening as only info he will get is URL (even that can be changed as DNS request can be encrypted and sent using TLS and TLSv1.3 allows SNI encryption)

except there is information disclosure even when SSL is used... ex: the victim is sitting in his pajamas in a motel6 browsing the raunchiest porn imaginable, and you know this because you just watched him spend 3 hours hitting porn sites over and over, occasionally clogging up the network with what is most likely video streams. you add this to your blackmail runbook, you don't know "exactly" what he was viewing, but he doesn't know that... however, had your target been using a VPN you'd have no idea what was going on. zero. ---- separately, and maybe a salient point, there is more on the 'net than websites, and not all mobile apps use encryption like they should.

yeah you're right but I already mentioned that. Using encrypted DNS stops that though, and you can do it for free. Someone could see its video streams, but so what? Without the domain it could just be youtube or any other video streaming website. My point is that not using a VPN is not "insecure" and "dangerous" like how it's portrayed in this video. You are sacrificing a bit of privacy by not using a VPN but there is not really any security risk. My point is not that commercial VPNs are useless (I use a paid commercial VPN myself) but the average person probably does not need one and companies like Nord manipulate the technical details to get people to buy a service they do not need.@@sexyplexie

Well, secure dns exists

"If people are paying attention": they're not
"Packet transfer slows down.." : MY internet is slow!

@@YerBrwnDogAteMyRabit
I had 22 years in I.T. from 1995 at 38 until retirement. I'm also a Disabled Vet living on a meager V.A. Medical Pension. I run an old 2015 HP All-In-One (AOI). There are a lot of reason's why people "think" there Internet is slow. How much I.T. and Computer OS knowledge do you have? I might be able to help you increase the speed of your computer which will increase the data transfer.

If the attacker does it properly there wont be a noticeable delay or transfer slow-down.
But as TLS is nowdays the standard, not very much can be done anymore anyways. Man in the middle on that gets detected, even if you had a validly signed CA, you can notice it.
ARP-spoofing can also be detected, but very few systems actually report this as an anomaly. To be fair, most users wouldnt care either way..

Hey I want to start with cyber security penetrating and securing, what language is good to learn first?

@@Mst.Prototyp English. LOL, I know what you mean. If you're talking about programming. C++

I use to have a phone app that could automate certain tasks, like when GPS co-ordinates are within 50m of "Home" turn on wifi, otherwise disable wifi

Decades later I remember the password to the school's PDP11 but not which class made that relevant. Good times.

Hey do you have any sources to keep up to date with this kind of stuff?

not the HSTS, since the first time you visit website the ip adress is stocked in the cach of your device browser

The issue being most websites don't implement HSTS. And even if they do, it won't protect you if you haven't visited said website yet or not in a while, because even less websites implement HSTS preload.
Browsers tend to enforce upgrading to HTTPS internally, but the behavior is not the same on every browser and there are still gaps in some of them. For instance in Chromium based browsers by default if you click on a link beginning with and the website does not support HSTS (and HSTS preload if you haven't visited it yet or not in a while) the first request will be sent in plaintext.

@@oussamazidane7854 You are thinking about DNS caching, but HSTS stores if this domain should only be accessible via TLS.
So sites you visit which have HSTS configured aswell as HSTS preload lists will keep your browser from connecting to these sites if any TLS errors occur (including connecting via http)

HSTS is essentially to force encryption of web traffic by always using https. You are still vulnerable to MitM with wifi though.

When every other SSID was Linksys and they were all on channel 6. 🤣

Was playing around with an openwrt router recently; discovered that some picked up signals far better than things like my smartphone.. Was sort of surprised to find wifi networks somewhere in the neighborhood that are also - wide open ! That was - in January 2024 !

IIRC, the enterprise version have dual band (2.4 GHz and 5 GHz) and a stronger signal overall. So, the difference is in the hardware in this case, not the software. You'll want that dual band plus the stronger signal to increase the chances of devices connecting to your "evil twin" router instead of the original router.

yes

I'd say it depends. For example on what type of data the attacker is targeting and what kind of control they already have. The legit encrypted traffic will be useless for the attacker. But Chuck also mentioned captive portal or dns hijacking with the fake website. If the attacker uses that with a valid ssl certificate which is trusted by the victim's browser, an oblivious victim might not notice that they are visiting a fake website. For example if they just see the padlock icon and assume it's safe while never verifying the certificate. This is still a type of mitm that can work to steal passwords or other form data. Please correct me if I'm wrong though.

Sure until you connect to a site that isn’t using SSL, and they inject malware into your web traffic giving them remote control over your PC.

@@pablodavico No, it doesn't depend
Captive portal doesn't use https and does not have a domain associated with it
DNS hijacking is completely prevented by https (ssl) because the site cannot prove it is the owner of the domain (because it doesn't have an ssl cert)
The only worthwhile attack showcased in this vid was the captive portal attack

My eyes genuinely glazed over

Bro is the quintessential version of a hipster too 😂

If you really want an coffee shop WiFi password all you need to just use dictionary attack. Simple

So by sophisticated stuff you mean:
1.Creds phishing (Could be very sophisticated)
2.Trolling
3.Trying to get the user to download and run malware
4.Using the webcam or mic (oh no so scary)
and that it
You cannot get hacked by just visiting a webpage (includes captive portals). YOU have to do something on the site (give it login info or run malware) to actually get hacked

@@sylussquared9724 yeah absolutely true, most hacking attacks including the networking ones follow a kill chain , like the one you've mentioned

Wifi on a good home internet connection still has a lot of advantages, such as being able to access devices in your local network, often lower latency than mobile and "unlimited" mobile plans not really being unlimited. I'd rather have my traffic run over my own house-wide vpn setup at home than whatever my cell carrier does with it, although it's probably pretty safe there as well

@@game-tea I always use a VPN on my cell, your ISP routes data through the same hubs that cell towers connect to, after all, and I've never had issues with my unlimited plan not being unlimited. Can you explain that last one to me?

Me a decade ago pointing my Yagi Antenna at all my neighbors 🤣

Twin attacks need user interaction when the cloned network has a password.
You cannot spoof the password, because its part of the handshake, proving both parties know it.

Lol, I've also noticed =)
Antenna rods have "blind zones" forward and backward of their axis. So, if you want to minimize signal from/to some target, just point antenna tip on it!

I bought a Panda Wireless PAU0D and it works well for my pi based portable router

What did you end up buying?

Good question. I’d like to know the answer too.

dont use a bad vpn, use mullvad, a foss vpn

Likely, your best recourse would be to have your own private internet connection and be willing to use that instead; like tethering off your smartphone. This is indeed the BEST approach to such restrictive free wifi networks.
But there is a looming question that comes to mind: After you start accessing the internet, is then is the VPN connection still blocked ?
I don't use NordVPN, but Surfshark; it allows both openvpn and wireguard protocols; so trying another protocol might work; for example, I have 4 options with Surfshark; "automatic", OpenVPN using TCP, OpenVPN using UDP, and Wireguard. If I could not get thru using one of those other protocols, I'd resort to tethered internet from my smartphone!!!
Am considering one of the gl.inet Spitz or Spitz AX router with a sim card from a prepaid plan for internet access; currently I have found that the Beryl AX router receives wifi better than my smartphone does, and use one of those to repeat wifi ( and it can handle the vpn as well for all connected devices ). . In the end, I'd resort to using a USB cable and tether my phone up to my computer instead. At a hotel, I might try the Beryl AX to connect to another free wifi and go from there if it works. It does receive signals better than my phone or laptop does; so there is that. Am considering this Spitz AX router simply because I am planning on becoming a professional vacationer soon..

am not sure wpa3 is bit complicated

I would speculate that there are more coffee shops without IP binding than with. In fact, I would bet that more than half of coffee shops are using the modem/router their ISP provided.

It will be also prevented by many routers default setting, which not allows clients to see each other in the local network.

Nah but those are weak attacks

@@Georgggg that's default on guest networks

@@xDMG15x yeah would say you are right

Even VPN doesn't help at a certain point. This video was very basic and for entertainment purposes + some basic networking lesson, altho, that knowledge could protect you from 99% of self-proclaimed "hackers". You don't need to know or bruteforce wifi password, Evil Twin Framework can get you the hashed key.
When you connect to a wifi for the first time, you type in a password, send it to a wifi router and it sends you a hashed key, which then you send it to connect to it. When you connect to it to 2nd or 5000th time, you skip the password phase and it gives you access based on the unique hashed key you provide. You can deauth users, let them "connect" to your laptop NIC and send you those keys, then use them for yourself.
VPN isn't a foulproof thing either, it just makes attacks way more complicated, but not impossible. People with enough knowledge can work around different OSI layers and even take over your NordVPN app similar to the demonstration on the browser in this video.
The thing to look out for, is that, any enterprise VPN is also a man in the middle of you and the server you're trying to connect and some of those companies are straight up governmental, while others give up your info to government if government sees it necessary, so in a way, you already agree to be monitored 24/7 when you connect to any company's VPN service. You could set your own VPN at home tho and use it instead. That way, you are your own MITM (man in the middle) instead of someone else.
If you want a deeper knowledge towards these subjects, I can suggest you Cisco books, they're the best networking manuals there is. You can try searching "CCNA pdf download", "CCNP pdf download", "CCiE pdf download" in google and you have 3 completely free pdf books, best of their kind too, noone tops Cisco when it comes to networking + you have a massive community to help you in case you're stuck at some point.
You can also use Cybrary.it and different websites for Cyber Security lessons. Some are free lessons, some cost money, but you can learn almost everything without the need to pay a cent.

My thought also!

Apparently the Noob knowing how to do this on the commandline is worse than the Hipster/Pro that use premade tools.........

That's a really good obsvervation, the default evil twin attack doesnt use https, you can customize it and generate a self signed cert tho. I know a bunch of people fell for evil twin, even if the webpage was marked as secure by the browser with tls encryption, they easily got nervous and frustrated, in order to restore the wireless connectivity, they submit the Wi-Fi password without thinking twice.

@@Francesco-gi8kg Self signed cert won't match the URL though. Your browser will tell you this is happening.

You probably aren't the target then. Most ppl that are tech savvy or work in the industry are able to spot when something looks or feels a bit off. If you know, you know and can react. It's the people who don't know, can't spot irregularities that pass it off as a glitchy system and keep plugging away while giving up all their goods that get targeted. Same reason that phishing and SE are still effective attacks. Doesn't matter how many times you tell them, people still fall for the simplest of methods and are helpless against even the minimally sophisticated attacks.

This was my favorite line in the video 😂😂