The term likely originated in early 2010s hacker forums (e.g., Hack Forums, Null Byte) as a blend of "WAP" (Wireless Access Point) and "BOM" (bomb/mayhem), though it never became an official CVE or industry-standard term. WAPBOM exploits the beacon frame —a management frame in Wi-Fi that access points broadcast periodically (typically every 100 ms) to announce their presence, SSID, supported rates, and capabilities.
| Tool | Function | Notes | |------|----------|-------| | | Beacon flood mode ( mdk3 wlan0 b ) | Most famous for SSID flooding; often called "beacon flood" or "fake AP flood". | | Airgeddon | Menu-driven suite includes beacon flood. | Wrapper around MDK3, better UX. | | Bettercap | wifi.ap module with beacon injection. | More modern, supports randomized SSIDs. | | Wifijammer | Deauth + beacon flooding. | Python-based. | wapbom
Example MDK3 command for a WAPBOM-style attack: The term likely originated in early 2010s hacker forums (e
For security professionals, understanding WAPBOM helps in designing resilient wireless networks and educating users about the risks of connecting to unknown open access points. Last updated: 2025. This write-up is for educational and defensive purposes only. Unauthorized use of beacon flooding is illegal. | | Airgeddon | Menu-driven suite includes beacon flood