Scenarios Guide
Scenarios are pre-built vulnerable network environments for testing.
How Scenarios Work
When you start a session, the platform spins up a virtualized wireless environment based on your chosen scenario. Your DUT (Device Under Test) is then launched with access to a virtual WiFi adapter that can see and interact with the simulated networks.
Virtual Access Points
Each scenario creates multiple simulated APs with different security configurations.
Realistic Vulnerabilities
Target networks have intentional weaknesses like WPS Pixie Dust, weak passwords, or misconfigurations.
Full Tool Support
Monitor mode, packet injection, and all standard pentesting tools work as expected.
DUT Image Requirements
Your DUT image must be configured to work with the virtual WiFi environment:
Interface Configuration
wlan0 | Virtual WiFi adapter - supports monitor mode and injection |
wlan0mon | Created when you run airmon-ng start wlan0 |
eth0 | Management interface - do not use for testing |
Recommended Tools
aircrack-ng bully reaver wifite hashcat nmap mdk4
Artifact Collection
Write any files you want to retrieve to /results/:
# Save captured handshakes
cp capture.cap /results/
# Save scan results
airodump-ng wlan0mon --write /results/scan
# Save your report
echo "Test passed" > /results/report.txtAvailable Scenarios
Network Validator
trivial ~1 minnetwork-validator
A simple validation scenario for CI/CD pipelines. Creates 4 WiFi networks that the DUT should detect. Perfect for smoke testing wireless functionality.
Tags: ci-cd validation automated
Networks
CI_TestNet_1 | Open |
CI_TestNet_2 | Open |
CI_TestNet_3 | Open |
CI_TestNet_4 | Open |
Vulnerable Home Network
beginner ~15 minvulnerable-home-network
A realistic home WiFi environment with a vulnerable target network. Test WPA handshake capture, WPS Pixie Dust attacks, and post-exploitation network reconnaissance.
Tags: wifi wps pixie-dust handshake
Networks
Smith_Family_5G | WPA2-PSK | |
NETGEAR-2G-7842 | WPA2-PSK | |
Verizon_5G_Ultra | WPA3-SAE | |
HomeNet | WPA2-PSK + WPS | Vulnerable |
Checkpoints
- All 4 access points visible
- Target network identified with WPS
- WPA handshake captured
- Password cracked via handshake
- Pixie Dust attack successful
- Connected to target network
- Camera discovered on internal network
Using Scenarios
Via API
curl -X POST https://api.testfirestudio.com/api/v1/tests \
-H "Authorization: ApiKey arena_..." \
-H "Content-Type: application/json" \
-d '{
"scenario_id": "vulnerable-home-network",
"image_id": "YOUR_IMAGE_ID"
}'Via CLI
arena test --scenario vulnerable-home-network --image ./my-dut.tar.gzList Available Scenarios
# API
curl https://api.testfirestudio.com/api/v1/scenarios
# CLI
arena scenarios listCustom Scenarios Enterprise
Enterprise customers can create custom scenarios tailored to their specific testing needs. Custom scenarios support:
- Custom network topologies with any number of APs
- Specific vulnerability configurations
- Simulated IoT devices and services
- Custom validation checkpoints
- Integration with internal security tools
Contact us to discuss custom scenarios โ
Best Practices
โ Start Simple
Use network-validator first to verify your DUT can see networks before moving to complex scenarios.
โ Check Exit Codes
Exit 0 for pass, non-zero for fail. This enables CI/CD integration.
โ Save Artifacts
Write captures, logs, and reports to /results/ for later analysis.
โ Set Timeouts
Use appropriate timeouts - some attacks can take time.