It seems like more and more often I get asked what equipment I utilize for performing wireless penetration tests (802.11 wireless networking). In this post I will talk about the equipment I use, where to buy it, and some brief information about each tool.
Equipment
Crazyradio PA
- Cost – $37
- Amazon purchase link
- Utilized to perform a MouseJack exploit (keystroke injection) against vulnerable devices. Check out our White Oak Security blog post on this. Due to wireless engagements being onsite, I tend to utilize this tool to demonstrate to clients what a physical presence to the building could be utilized to perform an attack.
Panda Wireless PAU09 N600
- Cost – $40
- Amazon purchase link
- Utilized to test against various wireless technologies (WEP, WPA, WPA2-PSK, WPA2-Enterprise)
- I carry two of these around on my wireless engagements. Utilizing one of the cards to perform monitoring and another card to perform injection attacks.
WiFi Pineapple
- Cost – $99
- Hak5 purchase link
- All in one wireless pentesting platform
- Utilized primarily when targeting WPA2-Enterprise networks. The software included makes it easy to stand up a fake access point in an attempt to capture enterprise credentials.
GlobalSat GPS Receiver
- Cost – $31
- Amazon purchase link
- USB GPS receiver
- Utilized to capture GPS coordinates of logged access points. This can be imported into a mapping software to display the access points around a clients physical building.
Closing
These are the tools I utilize when performing a wireless penetration test (depending on the goal of the assessment). In the next series of wireless blog posts I will dive into executing the toolsets and specific items to look for when performing a wireless penetration test.