PEAP is an 802.1X “enterprise” wireless authentication method that uses a TLS tunnel to protect an inner authentication exchange (commonly username/password–based mechanisms). In PenTest+ wireless assessments, credential collection against enterprise Wi-Fi is most often attempted through rogue access point / evil twin style attacks combined with social engineering and traffic relaying, where the tester stands up an attacker-controlled AP to entice clients to connect and then captures authentication attempts or harvests credentials via a controlled portal/workflow.

WiFi-Pumpkin is a framework designed to rapidly create rogue APs and support interception and credential-harvesting scenarios, aligning with the objective of collecting credentials during a controlled wireless security test. InSSIDer is primarily for wireless discovery and signal/AP enumeration, not credential collection. HackRF One is SDR hardware useful for radio experimentation and analysis, but it is not a complete PEAP credential-harvesting workflow by itself. Aircrack-ng is most associated with WPA/WPA2-PSK capture/cracking and general 802.11 attacks, but it is not the best fit for PEAP credential collection compared with a rogue-AP framework.