You are previewing Mastering Wireless Penetration Testing for Highly Secured Environments.
O'Reilly logo
Mastering Wireless Penetration Testing for Highly Secured Environments

Book Description

Scan, exploit, and crack wireless networks by using the most advanced techniques from security professionals

In Detail

Penetration testing is a tool for testing computer systems, networks, or web applications to find vulnerabilities that an attacker could exploit. By performing a penetration test, you can proactively identify which vulnerabilities are most critical. This allows your organization to more intelligently prioritize remediation and apply necessary security patches to ensure that they are available.

This book covers how to set up Kali Linux, scan and sniff wireless networks, and crack WEP, WPA, and even WPA2 encryption. By the end of this book, you will feel much more confident when it comes to conducting wireless penetration tests, and you will have a full understanding of wireless security threats.

This book is full of hands-on demonstrations and how-to tutorials. This will benefit you, as the reader, when it comes to security awareness. Having some knowledge of wireless penetration testing would be helpful.

What You Will Learn

  • Learn the wireless penetration testing methodology

  • Crack WEP, WPA, and WPA2 encrypted networks

  • Scan and sniff wireless networks for rogue access points and logins

  • Identify and detect vulnerable hosts

  • Run vulnerability scans and exploit systems

  • Learn to protect yourself from the latest wireless security threats

  • Pivot between networks and systems to access other hosts and networks

  • Downloading the example code for this book. You can download the example code files for all Packt books you have purchased from your account at http://www.PacktPub.com. If you purchased this book elsewhere, you can visit http://www.PacktPub.com/support and register to have the files e-mailed directly to you.

    Table of Contents

    1. Mastering Wireless Penetration Testing for Highly Secured Environments
      1. Table of Contents
      2. Mastering Wireless Penetration Testing for Highly Secured Environments
      3. Credits
      4. About the Author
      5. About the Reviewers
      6. www.PacktPub.com
        1. Support files, eBooks, discount offers, and more
          1. Why subscribe?
          2. Free access for Packt account holders
      7. Preface
        1. What this book covers
        2. Disclaimer
        3. What you need for this book
        4. Who this book is for
        5. Conventions
        6. Reader feedback
        7. Customer support
          1. Errata
          2. Piracy
          3. Questions
      8. 1. Preparing for an Effective Wireless Penetration Test
        1. Benefits
          1. Value and loyalty
          2. Expertise and skills
          3. Who should read this book?
        2. What is Kali Linux?
          1. Downloading Kali Linux
          2. Installing Kali Linux in VMware Player
          3. Updating Kali Linux
        3. Wireless penetration tools
          1. HashCalc
          2. NetStumbler
          3. inSSIDer
          4. Kismet
          5. WEPCrack
          6. Aircrack-ng
          7. Metasploit
          8. Nessus
          9. Armitage
          10. Nmap
          11. Wireshark
          12. Scapy
        4. Wireless terminologies
          1. Why can't I use my built-in Wi-Fi chipset in my laptop?
          2. How can I determine whether my Wi-Fi chipset can be used?
          3. Wireless hardware
            1. Wireless models
            2. Three wireless models
            3. Alfa AWUS036NHR
            4. Alfa AWUS036H
            5. TL-WN722N
        5. Summary
      9. 2. Wireless Security Testing
        1. Wireless penetration testing methodology
          1. Why should I follow this methodology?
          2. Wireless attacks and penetration steps
        2. Wireless attacking techniques and methods
          1. Access control attacks
            1. War driving
            2. Rogue access points
            3. Ad hoc associations
            4. MAC spoofing
            5. 802.11 RADIUS cracking
          2. Confidential attacks
            1. Eavesdropping
            2. WEP key cracking
            3. Evil twin AP
            4. AP Phishing
            5. The man-in-the-middle attack
          3. Credential attacks
            1. Credential harvester
            2. Phishing
          4. Authentication attacks
            1. Shared key guessing
            2. PSK cracking
            3. Sniffing application credentials
            4. Cracking domain accounts
            5. VPN login cracking
            6. 802.11 identify theft
            7. 802.11 password guessing
            8. 802.11 LEAP cracking
            9. 802.11 EAP downgrade attack
            10. Issues with wireless networks
              1. Downloading
        3. Prevention
        4. Summary
      10. 3. Footprinting and Reconnaissance
        1. What is footprinting and reconnaissance?
        2. Wireless network discovery
          1. Nmap
          2. Nmap commands
          3. Zenmap
        3. Wireless scanning
          1. Passive scanning
          2. Active scanning
          3. How scanning works
        4. Sniffing wireless networks
          1. The Wireshark application
          2. Ettercap
          3. dsniff
        5. Identifying your targets
        6. Protecting/preventing yourself from attacks
        7. Summary
      11. 4. Penetrating Wireless Networks
        1. Planning an attack
          1. What you'll need for the attack?
          2. The plan for attacking wireless networks
        2. Wireless password cracking
          1. WEP encryption
          2. Cracking WEP encryption
          3. Cracking WPA and WPA2 encryption
            1. What is Reaver?
            2. How does Reaver work?
            3. Protecting yourself against Reaver
          4. WPA/WPA2 cracking results
        3. Spoofing your MAC address
        4. Protect yourself from wireless attacks
        5. Summary
      12. 5. Gaining Access to the Network
        1. Identifying hosts
          1. Network mapping tools
        2. Determining the network size
          1. Determining the network size in Kali Linux
        3. Detecting vulnerable hosts
        4. Preventing against threats
          1. Preventing the identification of hosts
          2. Preventing others from determining your network size
          3. Protection of vulnerable hosts
        5. Summary
      13. 6. Vulnerability Assessment
        1. Planning an assessment
          1. Components of a vulnerability assessment plan
          2. Planning the process of a vulnerability assessment
        2. Setting up a vulnerability scanner
          1. Downloading Nessus
          2. Installing Nessus
        3. Running the vulnerability scanner
        4. Generating reports
        5. Resolving vulnerabilities
        6. Summary
      14. 7. Client-side Attacks
        1. How client-side attacks work
        2. Types of client-side attacks
        3. Sniffing unencrypted traffic
        4. Honeypot attacking
          1. How do I protect myself from a honeypot or man-in-the-middle attack?
        5. Karmetasploit
        6. Jasager
        7. Preventions
        8. Summary
      15. 8. Data Capture and Exploitation
        1. Capturing unencrypted traffic
        2. Man-in-the-middle attacks
        3. Metasploit
        4. Preventions
        5. Summary
      16. 9. Post-Exploitation
        1. Creating a pivot
        2. Documenting your penetration test
        3. Cleaning up unnecessary work
        4. Prevention
        5. Summary
      17. 10. Reporting
        1. Planning the report
        2. Writing the report
          1. Introduction
          2. Audience
          3. Collect information
          4. Objectives
          5. Assumption
          6. Time entries
            1. Overview of information
            2. Detailed information
            3. Vulnerabilities
            4. Impact, likelihood, and risks
            5. Recommendations
            6. References
            7. Sources
        3. Finishing the report
        4. Summary
      18. Index