Cyber Security Technical Blog

Let’s Talk Wireless Penetration Testing Equipment

Written by Brett DeWall | Mar 4, 2021 11:04:00 AM

It seems like more and more often we at Cyber Advisors get asked what equipment we utilize for performing wireless penetration tests (802.11 wireless networking). In this post, I will talk about the equipment I use, where to buy it, and some brief information about each tool.

Wireless Penetration Testing Equipment

Crazyradio PA

  • Cost – $37
  • Amazon purchase link
  • Utilized to perform a MouseJack exploit (keystroke injection) against vulnerable devices. Check out our technical blog post on this. Due to wireless engagements being onsite, I tend to utilize this tool to demonstrate to clients what a physical presence to the building could be utilized to perform an attack.

Panda Wireless PAU09 N600

  • Cost – $40
  • Amazon purchase link
  • Utilized to test against various wireless technologies (WEP, WPA, WPA2-PSK, WPA2-Enterprise)
  • I carry two of these around on my wireless engagements. Utilizing one of the cards to perform monitoring and another card to perform injection attacks.

WiFi Pineapple

  • Cost – $99
  • Hak5 purchase link
  • All in one wireless pentesting platform
  • Utilized primarily when targeting WPA2-Enterprise networks. The software included makes it easy to stand up a fake access point in an attempt to capture enterprise credentials.

GlobalSat GPS Receiver

  • Cost – $31
  • Amazon purchase link
  • USB GPS receiver
  • Utilized to capture GPS coordinates of logged access points. This can be imported into a mapping software to display the access points around a clients physical building.

Wireless Penetration Testing Equipment

These are the tools I utilize when performing a wireless penetration test (depending on the goal of the assessment). In the next series of wireless blog posts, I will dive into executing the toolsets and specific items to look for when performing a wireless penetration test.

MORE FROM OUR TECHNICAL BLOG

Cyber Advisors specializes in providing fully customizable cyber security solutions & services. Our knowledgeable, highly skilled, talented security experts are here to help design, deliver, implement, manage, monitor, put your defenses to the test, & strengthen your systems - so you don’t have to.

Read more from our technical experts...