WPA PSK online bruteforce EAPOL M2

[s0i37]

In the case when the access point has no clients, no PMKID and no WPS, then the classic attacks end there. And the access point is considered impregnable.
However, the access point's password may be 12345678 or another dictionary password. And it wouldn’t be bad to be able to brute online WPA PSK. Not all access points block an attacker and this can be successful. Moreover, some access points allow you to do this in two or more threads. But even greater success happens when there are hundreds of WPA PSK networks around and we test one-two weak passwords. In the case of pentest of real company, you can almost always find unprotected printers this way.
This can be implemented very easily using wpa_supplicant (https://github.com/s0i37/wifi/blob/main/wpa_brute.sh and https://github.com/s0i37/wifi/blob/main/wpa_brute-width.sh). I also have a not very stable implementation in python scapy (https://github.com/s0i37/wifi/blob/main/auth.py). But I believe that bettercap will do it better and faster.
I haven’t seen any ready-made tools for this, and bettercap seems to me to be an ideal candidate.