Noble, company-contracted (a.k.a. white hat) hackers and penetration testers take a hands-on approach to finding vulnerabilities in your cybersecurity — by attempting to hack or gain access to your secured Wi-Fi networks. Their jobs are crucial, as testing is the best way to find and solve vulnerabilities in your security before any cyber attacker can take advantage of them. Penetration testers rely on a wide array of tools to help them delve into your systems and uncover any flaws or weak spots in your security measures.
Let’s take a deeper look into some of the complexities of Wi-Fi penetration testing, and the top five resources available to support this testing.
Before we dive into tools for network security testing, it’s important to first understand a few standard industry terms:
- Penetration Testing: the process of attempting to penetrate a security system to identify vulnerabilities in a company’s network security. There are several different ways to conduct penetration testing.
- Packet: a unit of data routed between two places, via the internet or another network.
- Wireless Sniffer: a packet analyzer (also known as a packet sniffer). Wireless sniffers intercept a packet that’s transmitted across your network, and decode the data, putting it into a format that security experts can analyze.
- WEP and WPA: two encryption tools used to secure your wireless connection. WEP stands for Wired Equivalent Privacy and is the lowest security encryption. WPA stands for Wireless Protected Access and is commonly used as a more secure encryption standard.
Now, let’s look at some of the preferred tools available for Wi-Fi penetration testing.
Aircrack is a very popular tool, used for hacking WEP and WPA Wi-Fi connections and recover keys. This tool focuses on multiple areas of Wi-Fi security, including:
- Capturing packets and exporting their data to text files, for further analysis. This type of monitoring allows third-parties (and third-party tools) to take a deeper dive into security monitoring.
- Replaying attacks, performing de-authentication, and creating fake access points via packet injection.
- Performing Wi-Fi card checks and driver capabilities.
- Cracking WEP and WPA-PSK connections.
This popular and free tool supports both Windows and Linux operating systems. AirSnort can decrypt WEP (but not WAP) encryption on a Wi-Fi 802.11b network. It passively monitors transmissions and computes encrypted keys once it receives an acceptable number of packets. Some users in the security industry have been unimpressed with its recent updates, but overall, AirSnort is useful as a basic tool with no cost.
Kismet can be used as a wireless network detector, intrusion detector, and sniffer. Predominantly applied with Wi-Fi networks, users can also use plug-ins to expand this tool to handle additional network types. This software supports Linux, OSX, Windows, and BSD platforms. Kismet not only collects packets but also detects standard and hidden networks. Features include the live export of packets to other tools, XML output (for better integration with additional tools), multiple capture source support, a Client/Server modular architecture, and more.
As the standard across many government, educational, commercial, and non-profit enterprises, Wireshark is a reliable and trusted agent for penetration testing. It provides insight into network activity, by capturing packets and analyzing the transmitted data. This free, open-source packet analyzer can capture live data from Ethernet, IEEE 802.11, ATM, Bluetooth, and USB.
5. Cain & Able
Cain & Able is widely used for cracking wireless network passwords. This tool is capable of finding the password of wireless networks by analyzing routing protocols. It’s a popular tool because it can crack other kinds of passwords outside of WEP, as well.
Penetration testing can be a complex process, but it’s crucial to maintaining security. Passionate third-party penetration testers understand the intricacies of penetration tools and use them to help test and verify that all of your systems are properly sealed from unauthorized users. Remember, the tools are only as good as the people using them. Hiring experienced, trusted penetration testers who have dedicated their careers to cybersecurity can ensure that your organization remains properly protected.