It seems like more and more often we at White Oak Security get asked what equipment we utilize for performing wireless penetration tests (802.11 wireless networking). In this post, I will talk about the equipment I use, where to buy it, and some brief information about each tool.
Wireless Penetration Testing Equipment
Crazyradio PA
- Cost – $37
- Amazon purchase link
- Utilized to perform a MouseJack exploit (keystroke injection) against vulnerable devices. Check out our White Oak Security blog post on this. Due to wireless engagements being onsite, I tend to utilize this tool to demonstrate to clients what a physical presence to the building could be utilized to perform an attack.
Panda Wireless PAU09 N600
- Cost – $40
- Amazon purchase link
- Utilized to test against various wireless technologies (WEP, WPA, WPA2-PSK, WPA2-Enterprise)
- I carry two of these around on my wireless engagements. Utilizing one of the cards to perform monitoring and another card to perform injection attacks.
WiFi Pineapple
- Cost – $99
- Hak5 purchase link
- All in one wireless pentesting platform
- Utilized primarily when targeting WPA2-Enterprise networks. The software included makes it easy to stand up a fake access point in an attempt to capture enterprise credentials.
GlobalSat GPS Receiver
- Cost – $31
- Amazon purchase link
- USB GPS receiver
- Utilized to capture GPS coordinates of logged access points. This can be imported into a mapping software to display the access points around a clients physical building.
Wireless Penetration Testing Equipment
These are the tools I utilize when performing a wireless penetration test (depending on the goal of the assessment). In the next series of wireless blog posts, I will dive into executing the toolsets and specific items to look for when performing a wireless penetration test.
MORE FROM WHITE OAK SECURITY
White Oak Security is a highly skilled and knowledgeable cyber security testing company that works hard to get into the minds of opponents to help protect those we serve from malicious threats through expertise, integrity, and passion.