WiFi Security Audit · REST API · PDF Reports

PCAP in. Compliance report out.

Upload a WPA/WPA2 handshake capture and get a professional security audit PDF in seconds. Built for IT teams, pentesters and MSPs who need NIS2, ISO 27001 or SOC2 documentation.

Get Free API Key → See how it works
WiFi Audit API — quick start
# 1. Submit your PCAP file curl -X POST https://api.wifiaudit.io/v1/jobs \ -H "X-API-Key: wai_your_key" \ -F "pcap=@handshake.pcap" -F "ssid=CorpWifi" # 2. Poll until done (~15 seconds) curl https://api.wifiaudit.io/v1/jobs/$JOB_ID -H "X-API-Key: wai_..." → { "status": "done", "result": "found", "password": "***" } # 3. Download the PDF report curl .../jobs/$JOB_ID/report -o audit-report.pdf
14M+
passwords tested per audit
~15s
average audit time
4
API endpoints
NIS2
compliance ready
NIS2 Article 21 ready
ISO 27001 aligned
SOC 2 evidence
PDF reports included
REST API · any language

From packet capture to compliance report in 3 steps

No software to install. No GPU required. Just an HTTP call.

1

Capture the handshake

Use airodump-ng, Wireshark or any standard tool to capture a WPA/WPA2 handshake from your network. Save as .pcap, .pcapng or .cap.

2

Upload via REST API

POST the file to our API with your SSID and client name. We extract the handshake and run a dictionary attack against 14M+ known passwords.

3

Download the PDF report

In ~15 seconds, download a professional audit PDF with findings, risk rating, remediation steps and NIS2 compliance documentation.

Professional audit documentation

Every audit generates a signed, compliance-grade PDF ready for your auditor or NIS2 authority.

WiFi Security Audit Report

22. 02. 2026 · Job ID: a1b2c3d4 · wifiaudit.io

⚠️
VULNERABLE Password found in dictionary
Network (SSID)CorpWiFi
ClientAcme Corp s.r.o.
Found password●●●●●●●●
Passwords tested14,344,391
Audit duration14.35 s
NIS2 Article 21✓ Documented
🔑

WPA/WPA2 cracking

Dictionary attack with 14M+ passwords via hashcat.

📄

PDF reports

Compliance-grade documentation, ready for auditors.

~15s per audit

GPU-accelerated — results in seconds, not hours.

🏷️

White-label

Add your company and client name to every report.

🔌

REST API

4 simple endpoints. Integrate in any language.

🔒

Auto-delete

Uploaded files deleted within 24 hours. No data retention.

Built for regulatory frameworks

WiFi Audit reports are structured to satisfy the documentation requirements of major security frameworks.

NIS2

Maps to Article 21(2)(a) and 21(2)(e) — network security policies and risk analysis.

ISO 27001

Supports control A.8.20 (Network security) and A.5.37 (Documented procedures).

SOC 2

Evidence for CC6.7 (Logical access) and CC7.1 (System monitoring) trust criteria.

PCI DSS

Supports Requirement 11.3 — penetration testing for wireless networks.

Built for security professionals

Whether you run one audit a month or hundreds, WiFi Audit API fits your workflow.

🔍

Pentesters

Automate WiFi audit reports for client engagements. Upload the PCAP, download the signed PDF. Done.

🏢

MSPs & IT Consultants

Offer WiFi security audits as a service. White-label PDFs with client names, delivered via API.

🛡️

Compliance Teams

Document wireless security controls for NIS2, ISO 27001 and SOC2 auditors. Ready to sign off.

💻

IT Security Engineers

Integrate recurring WiFi audits into your security stack. REST API, any language, any CI/CD.

Four endpoints. That's it.

Simple HTTP API with API key auth. Full OpenAPI spec available.

Submit audit job
POST /v1/jobs X-API-Key: wai_your_key Content-Type: multipart/form-data pcap=capture.pcap ssid=CorporateWiFi client_name=Acme Corp
Response
202 Accepted { "job_id": "a1b2c3...", "status": "pending", "ssid": "CorporateWiFi" }
Check status
GET /v1/jobs/{job_id} { "status": "done", "result": "found", "found_password": "***", "crack_duration_seconds": 14.35 }
All endpoints
GET /v1/health # API status + wordlists POST /v1/jobs # Submit PCAP → returns job_id GET /v1/jobs/{id} # pending / running / done GET /v1/jobs/{id}/report # Download PDF

Simple, transparent pricing

Start free. No credit card required. Scale when you need to.

Free
$0 / month
For evaluation and personal use
  • 3 audits per month
  • PDF reports included
  • WPA/WPA2 support
  • REST API access
  • Community support
Start Free
Enterprise
Custom
For MSPs, MSSPs and enterprises
  • Unlimited audits
  • White-label reports
  • Custom wordlists
  • On-premise deployment
  • SLA + dedicated support
Contact Sales

Frequently asked questions

What is a WiFi security audit?
A WiFi security audit tests whether your WPA/WPA2 network password can be found in known password databases (dictionary attack). It is a required security control under NIS2, ISO 27001 and SOC2 frameworks. A passing audit demonstrates that your wireless network meets minimum password strength requirements.
Is this legal to use?
Yes, when used on networks you own or have explicit written permission to test. Our audit reports include an authorization declaration section for compliance documentation. Testing networks without authorization is illegal in most jurisdictions.
How do I capture a WPA handshake?
Use airodump-ng on Linux/Kali to put your wireless adapter into monitor mode and capture traffic. When a client connects (or reconnects after a deauth), the 4-way handshake is saved to a .cap file — that's what you upload to our API.
What happens to my PCAP file after upload?
Uploaded PCAP files and generated reports are automatically deleted 24 hours after the audit completes. We do not share or retain your data beyond the audit window.
What if the password is not found?
The report documents this as a passing result. The network is not vulnerable to dictionary attacks using known passwords. The PDF includes passwords tested and duration as compliance evidence.
Does it support WPA3?
WPA3 uses SAE which is significantly more resistant to offline attacks. We currently focus on WPA/WPA2-PSK. WPA3 support is on our roadmap.

Start your first WiFi audit today

Free plan · 3 audits/month · No credit card required

Request Early Access →