Evil Twin and Karma attacks are both highly effective methods through which shady people can pluck your credentials from thin air. Although progress has been made in preventing these attacks, most existing solutions are expensive and only available to enterprise customers. Fortunately, it turns out that it's actually much simpler to write tools that stop these kinds of attacks than it is to build tools to carry them out. This talk will demonstrate how to use Python, a punk rock DIY mindset, and cheap commodity hardware to detect and mitigate Evil Twin and Karma attacks. Well also explore the limitations of these protective methods, as well as offensive techniques to exploit these weaknesses that have yet to be addressed.