Skip to main content

Let’s Talk Wireless Pentesting Equipment

It seems like more and more often I get asked what equipment I utilize for performing wireless penetration tests (802.11 wireless networking). In this post I will talk about the equipment I use, where to buy it, and some brief information about each tool.

Equipment

Crazyradio PA

  • Cost – $37
  • Amazon purchase link
  • Utilized to perform a MouseJack exploit (keystroke injection) against vulnerable devices. Check out our White Oak Security blog post on this. Due to wireless engagements being onsite, I tend to utilize this tool to demonstrate to clients what a physical presence to the building could be utilized to perform an attack.

Panda Wireless PAU09 N600

  • Cost – $40
  • Amazon purchase link
  • Utilized to test against various wireless technologies (WEP, WPA, WPA2-PSK, WPA2-Enterprise)
  • I carry two of these around on my wireless engagements. Utilizing one of the cards to perform monitoring and another card to perform injection attacks.

WiFi Pineapple

  • Cost – $99
  • Hak5 purchase link
  • All in one wireless pentesting platform
  • Utilized primarily when targeting WPA2-Enterprise networks. The software included makes it easy to stand up a fake access point in an attempt to capture enterprise credentials.

GlobalSat GPS Receiver

  • Cost – $31
  • Amazon purchase link
  • USB GPS receiver
  • Utilized to capture GPS coordinates of logged access points. This can be imported into a mapping software to display the access points around a clients physical building.

Closing

These are the tools I utilize when performing a wireless penetration test (depending on the goal of the assessment). In the next series of wireless blog posts I will dive into executing the toolsets and specific items to look for when performing a wireless penetration test.