It seems like more and more often we at Cyber Advisors get asked what equipment we utilize for performing wireless penetration tests (802.11 wireless networking). In this post, I will talk about the equipment I use, where to buy it, and some brief information about each tool.
Wireless Penetration Testing Equipment
Crazyradio PA
- Cost – $37
- Amazon purchase link
- Utilized to perform a MouseJack exploit (keystroke injection) against vulnerable devices. Check out our technical blog post on this. Due to wireless engagements being onsite, I tend to utilize this tool to demonstrate to clients what a physical presence to the building could be utilized to perform an attack.
Panda Wireless PAU09 N600
- Cost – $40
- Amazon purchase link
- Utilized to test against various wireless technologies (WEP, WPA, WPA2-PSK, WPA2-Enterprise)
- I carry two of these around on my wireless engagements. Utilizing one of the cards to perform monitoring and another card to perform injection attacks.
WiFi Pineapple
- Cost – $99
- Hak5 purchase link
- All in one wireless pentesting platform
- Utilized primarily when targeting WPA2-Enterprise networks. The software included makes it easy to stand up a fake access point in an attempt to capture enterprise credentials.
GlobalSat GPS Receiver
- Cost – $31
- Amazon purchase link
- USB GPS receiver
- Utilized to capture GPS coordinates of logged access points. This can be imported into a mapping software to display the access points around a clients physical building.
Wireless Penetration Testing Equipment
These are the tools I utilize when performing a wireless penetration test (depending on the goal of the assessment). In the next series of wireless blog posts, I will dive into executing the toolsets and specific items to look for when performing a wireless penetration test.
MORE FROM OUR TECHNICAL BLOG
Cyber Advisors specializes in providing fully customizable cyber security solutions & services. Our knowledgeable, highly skilled, talented security experts are here to help design, deliver, implement, manage, monitor, put your defenses to the test, & strengthen your systems - so you don’t have to.
