Hello, my plan is to create a fake AP with the sam ESSID and the same channel as one of my test-routers in my house. The ssids are hidden although not a problem to detect. Also they are using WPA2. I am using Kali Linux My goal is to figure out the WPA2 valid key. I type: ->airmon-ng -c 6 -e Test -L -W 1 wlan0mon and to set it up with: ->airbase-ng -c 6 -e Test -L -W 1 wlan0mon ->airodump-ng -c 6 -d 00:00:00:00:00:00(SSID of AP) -w capture wlan0mon and hope that someone connects: -> aircrack-ng capture-01.cap my AP is visible and uses WPA2. Although no password needed. should that work to figure out the handshake valid key? (nobody connected yet).