Clients of public hotspots are exposed to various threats including a man–in–the–middle attacks. To stress existing threats we created the Evil-AP application for demonstrating a man–in–the–middle attack. The application, installed on an Android phone with root permissions, turns on hotspot services and performs network redirection. We tested as the proposed techniques can be used to eavesdrop, redirect, inject, and strip the Internet traffic. A mobility of the created solution together with the wide functionality creates an extremely dangerous tool. Therefore, we concluded our work with good practices that allow the users to avoid similar threats as described in our work.