diff --git a/Captive-Portal-Attack.md b/Captive-Portal-Attack.md
index ab8a230..c8d3d19 100644
--- a/Captive-Portal-Attack.md
+++ b/Captive-Portal-Attack.md
@@ -1,6 +1,6 @@
-The `Captive Portal` attack attempts to retrieve the target access point WPA/WPA2 key by means of a rogue network with a border authentication captive portal. It's recommended this attack is done in close to semi-close proximity to the target access point. This is due to the fact the attack host will be serving the captive portal, meaning clients will need to have a decent Wi-Fi connection to the host machine. 
+The `Captive Portal` attack attempts to retrieve the target access point’s WPA/WPA2 key by means of a rogue network with a border authentication captive portal. It is recommended this attack is done in close, to semi-close, proximity to the target access point. This is due to the fact the attack host (your machine) will be serving the captive portal, meaning, clients will need to have a decent Wi-Fi connection to your machine. 
 
-To successfully execute a `Captive Portal` attack with Fluxion, the following steps must be completed.
+To successfully execute a `Captive Portal` attack with fluxion, the following steps must be completed.
 
 * From the fluxion directory, execute fluxion, optionally including special `flags`:
 ```
@@ -12,19 +12,26 @@ or with flags:
 export FLUXIONWIKillProcesses=1; ./fluxion.sh
 ```
 
-* When prompted, select a network interface which supports injection.
-* Run a scan utilizing the selected wireless interface & select a target network.
-* Select an attack on the target network.
-The `Captive Portal` attack requires the handshake `.cap` file from the target access point. This file may be given to Fluxion manually (by inputting the path when prompted), or automatically by running and retrieving it with the `Handshake Snooper Attack` at which point Fluxion will auto-detect the handshake file and will not ask for it.
-**If you do not have the `.cap` file, you must first complete the `Handshake Snooper` attack.**
-**Once you've got the handshake file, select the `Captive Portal` attack.**
-* When prompted, select an access point service (recommendations are there for a reason).
-* When prompted, select an SSL certificate option for the captive portal.
-If you've got a personal certificate, you must save it at `fluxion/attacks/Captive Portal/certificate/server.pem` and the attack will automatically detect it. If you don't have a personal certificate, select the option to automatically generate one.
-* When prompted, select a UI for the captive portal.
-By default, Fluxion comes with the generic interfaces only. Extra interfaces may be downloaded from [the sites' repository](https://github.com/FluxionNetwork/sites).
-Select an interface suitable to the manufacturer of the device (scroll up if you don't see the manufacturer).
+1) When prompted, select a network interface which supports injection.
+2) Run a scan utilizing the selected wireless interface & select a target network.
+3) Select an attack on the target network, in this case, we’ll use the `Captive Portal` attack.
+* The `Captive Portal` attack requires the handshake `.cap` file from the target access point. This file may be given to fluxion manually (by inputting the path when prompted), or automatically by running and retrieving it with the `Handshake Snooper` attack at which point fluxion will auto-detect the handshake file and will not ask for it again.
+* **If you do not have the `.cap` file, you must first complete the `Handshake Snooper` attack.** Once you've got the handshake file, select the `Captive Portal` attack.
+4) When prompted, select an access point service (recommendations are there for a reason).
+* We recommend avoiding `airbase-ng`, since it is essentially a “hack”, using packet injection and monitor mode to mimick master mode.
+5) When prompted, select an SSL certificate source for the captive portal, or select to disable SSL.
+* SSL is a method of encryption used to establish a secure connection between two points. In this case, the two points are the captive portal’s web server, and the target client.
+* If you've got a personal certificate, you must save it at `fluxion/attacks/Captive Portal/certificate/server.pem` and the attack will automatically detect it and auto-select it. 
+* If you don't have a personal certificate, you may select to automatically generate one. **The downside is that the certificate, having been created by a random individual, will not be trusted by any device, which will likely trigger warnings for clients attempting a secure connection to the captive portal.**
+* If you would rather not bother with SSL, you can choose to disable it. Once disabled, the captive portal’s web server will only accept unencrypted connections, which exposes the information clients send to fluxion. This can be particularly unsafe if someone’s spying on network traffic. **This might also trigger warnings for some clients, since the browser will need to send forms over an unencrypted connection.**
+6) When prompted, select wheather the captive portal web server should attempt emulating an internet connection. 
+* **This option only affects iOS clients, and some Android clients.**
+* This could be useful for people that don’t want to make the captive portal obvious. The clients will connect, but will be fooled into believing internet access is available. This will cause all iOS clients, and some Android clients to not show the captive portal immediately upon connecting to the rogue network, however, the captive portal will still show up once the clients try accessing any web site.
+* **Warning: This could cause clients to hang while trying to load sites, including iOS clients.** The issue occurs when this option is selected, and SSL is disabled. The cause is clients attempting to access an SSL capable site, such as google.com, but hanging while waiting for a connection from the captive portal’s web server. The hanging is caused by the clients believing there’s internet access, but no responses received for SSL enabled sites.
+7) When prompted, select a UI for the captive portal.
+* By default, fluxion comes with the generic interfaces only. If cloned properly, all the interfaces, including some manufacturer specific, and some custom ones are included. These extra interfaces can be downloaded separately from [the sites' repository](https://github.com/FluxionNetwork/sites).
+* Select an interface suitable to the manufacturer of the device (scroll up if you don't see the manufacturer).
 
-After selecting a suitable interface, the attack will start. The rogue network will be created and the captive portal will be accessible through it. **Fluxion can only find the WPA/WPA2 key if the clients enter the corresponding password.** If a client enters an invalid/wrong password, the captive portal will notify the client of the invalid password and will give the option to renter a new password.
+After selecting a suitable interface, the attack will start. The rogue network will be created and the captive portal will be accessible through it. Note, **fluxion can only find the WPA/WPA2 key if the clients enter the corresponding password.** If a client enters an invalid/wrong password, the captive portal will notify the client of the invalid password and will give the option to enter a new password.
 
 Once a corresponding password has been given and Fluxion detects it, the rogue network will be killed, the deauthenticator will stop jamming the target access point, and the clients will be allowed to reconnect to the original access point.
\ No newline at end of file