Research Update Enhanced src/generic-methodologies-and-resou...

[carlospolop]

🤖 Automated Content Update

This PR was automatically generated by the HackTricks News Bot based on a technical blog post.

📝 Source Information

• Blog URL:
• Blog Title: Research Update Enhanced src/generic-methodologies-and-resources/pentesting-wifi/evil-twin-eap-tls.md
• Suggested Section: Research

🎯 Content Summary

Research Update for src/generic-methodologies-and-resources/pentesting-wifi/evil-twin-eap-tls.md

This PR contains automated research updates including:

• Latest security vulnerabilities and attack vectors
• Updated techniques and tools
• Enhanced explanations and examples
• Additional references and resources

Generated by: HackTricks Research Agent
Timestamp: 2026-06-21...

🔧 Technical Details

Research update for HackTricks content

🤖 Agent Actions

Updated /tmp/hacktricks_update_xo1j0tsk/repo/src/generic-methodologies-and-resources/pentesting-wifi/evil-twin-eap-tls.md.

Added/changed:

• Android Enterprise/MDM outer-identity leakage check with a practical tshark filter.
• Modernized hostapd-wpe tooling note for current Kali, replacing the stale libssl1.0-dev advice.
• New “silent Evil Twin with a trusted cert” subsection covering:
  • empty Connect to these servers
  • Windows 11 SAN-over-CN matching behavior
  • broader wildcard/name-pattern risk
  • overlap with AD CS / trusted-cert abuse
• Added a quick Windows profile triage snippet using netsh wlan export profile.
• Added 2 new references and an internal link to the AD Certificates page.

Validation:

• Diff reviewed
• Basic markdown/code-fence/internal-link sanity checked
• mdbook build could not be run because mdbook is not installed in this environment

Research/source URLs used:

https://www.rfc-editor.org/rfc/rfc9190.txt
https://datatracker.ietf.org/doc/rfc9190/
https://lists.infradead.org/pipermail/hostap/2022-February/040204.html
https://lists.freeradius.org/pipermail/freeradius-users/2024-September/104753.html
https://learn.microsoft.com/en-us/windows-server/networking/technologies/extensible-authentication-protocol/windows-11-changes
https://learn.microsoft.com/en-us/windows-server/networking/technologies/extensible-authentication-protocol/network-access
https://learn.microsoft.com/en-us/troubleshoot/windows-server/networking/certificate-requirements-eap-tls-peap
https://learn.microsoft.com/en-us/intune/device-configuration/templates/ref-wifi-settings-android-enterprise
https://www.kali.org/tools/hostapd-wpe/
https://github.com/OpenSecurityResearch/hostapd-wpe
https://github.com/sensepost/hostapd-mana/wiki/MANA-EAP-Options-(aka-WPE)
https://securityboulevard.com/2024/01/windows-11-changes-you-need-to-know/
https://www.nccgroup.com/research-blog/eap-tls-the-most-secure-option/
https://versprite.com/blog/eap-tls-wireless-infrastructure/

---

This PR was automatically created by the HackTricks Feed Bot. Please review the changes carefully before merging.

[carlospolop]

🔗 Additional Context

Original Blog Post:

Content Categories: Based on the analysis, this content was categorized under "Research".

Repository Maintenance:

• MD Files Formatting: 977 files processed

Review Notes:

• This content was automatically processed and may require human review for accuracy
• Check that the placement within the repository structure is appropriate
• Verify that all technical details are correct and up-to-date
• All .md files have been checked for proper formatting (headers, includes, etc.)

Bot Version: HackTricks News Bot v1.0