PEN540 – Wireless Pentesting and Network Exploitation introduces students to all manner of reconnaissance, scanning, enumeration, exploitation and reporting for 802.11 networks.
The lab topics expose students to a variety of survey, database creation, scripting, and attack methods that can be used to gain a foothold in to a client’s network during a penetration test.
Penetration testers looking to broaden their overall penetration testing skill set, wireless engineers, system administrators and developers.
Provide in-depth exposure to all facets of 802.11 penetration testing, encryption cracking, post-exploitation pillaging and report writing.
Students will learn how to conduct wireless penetration tests using open source tools against 802.11 a/b/g/n networks. In addition, students will identify characteristics and common vulnerabilities associated with WiFi.
Students will learn to use open source tools and hardware to conduct both mobile and static 802.11 a/b/g/n surveys. Planning and executing surveys will be covered in depth as well as data management and database management techniques.
Students continue their use of Kismet and Airodump-ng to conduct mobile surveys, database the information and create .kml files in order to visualize survey data. Students are then exposed to an in-depth discussion on advanced encryption security processes followed by learning how to use open source tools to exploit the security process.
Building on the skills learned in the first three days, the students will learn how to conduct Man-in-the-Middle attack using easycreds and a fake access point. Students will learn how to conduct various types of attacks, traffic capture, and credential harvesting once a victim connects.
The last day of the course comprises a full-spectrum WiFi penetration test that the students must scope, plan and conduct. Final exercise serves to replicate a variety of network hardware, services and configurations, target website for recon, with multiple WiFi access points and clients using a variety of security mechanisms as provided.