A small slideshow of a few tools and strategies (from a high-level overview) that I used to setup a recent wireless network penetration test after reconnaissance and using some Open Source Intelligence tools
2. Wireless Security Assessment (WSA) Objectives
➤ To review access control, identify any current vulnerabilities
already on board and determine security posture.
➤ To review the architecture of the wireless network to ensure
best practices are in place.
➤ To test and verify that the wireless network is implementing
strong authentication and encryption methods.
3. NMAP
➤ Usually an internal Nmap Wifi
scan for the client’s wireless
network, you can come across
a desktop that may be
physically accessible to
anyone that has access to that
network.
4. EXTERNAL WIRELESS PENETRATION
TEST➤ This can be tricky as most clients don’t want you messing up
their wireless configurations.
➤ However you can accomplish a security assessment without
compromising a network using a couple of nifty tools.
➤ I prefer to use WireShark to capture packets and decode those
packets to show vulnerabilities and passwords.
➤ I also like to Do a little social engineering and physical
penetration to install a raspberry pi with custom operating
systems and an external wireless card and battery pack to
consistently ping the wireless and wired network in various
ways.