O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Kali Linux Wireless Penetration Testing Cookbook

Book Description

Over 60 powerful recipes to scan, exploit, and crack wireless networks for ethical purposes

About This Book

  • Expose wireless security threats through the eyes of an attacker,
  • Recipes to help you proactively identify vulnerabilities and apply intelligent remediation,
  • Acquire and apply key wireless pentesting skills used by industry experts

Who This Book Is For

If you are a security professional, administrator, and a network professional who wants to enhance their wireless penetration testing skills and knowledge then this book is for you. Some prior experience with networking security and concepts is expected.

What You Will Learn

  • Deploy and configure a wireless cyber lab that resembles an enterprise production environment
  • Install Kali Linux 2017.3 on your laptop and configure the wireless adapter
  • Learn the fundamentals of commonly used wireless penetration testing techniques
  • Scan and enumerate Wireless LANs and access points
  • Use vulnerability scanning techniques to reveal flaws and weaknesses
  • Attack Access Points to gain access to critical networks

In Detail

More and more organizations are moving towards wireless networks, and Wi-Fi is a popular choice. The security of wireless networks is more important than ever before due to the widespread usage of Wi-Fi networks. This book contains recipes that will enable you to maximize the success of your wireless network testing using the advanced ethical hacking features of Kali Linux.

This book will go through techniques associated with a wide range of wireless penetration tasks, including WLAN discovery scanning, WEP cracking, WPA/WPA2 cracking, attacking access point systems, operating system identification, vulnerability mapping, and validation of results. You will learn how to utilize the arsenal of tools available in Kali Linux to penetrate any wireless networking environment. You will also be shown how to identify remote services, how to assess security risks, and how various attacks are performed.

By finishing the recipes, you will feel confident conducting wireless penetration tests and will be able to protect yourself or your organization from wireless security threats.

Style and approach

The book will provide the foundation principles, techniques, and in-depth analysis to effectively master wireless penetration testing. It will aid you in understanding and mastering many of the most powerful and useful wireless testing techniques in the industry.

Downloading the example code for this book. You can download the example code files for all Packt books you have purchased from your account at http://www.PacktPub.com. If you purchased this book elsewhere, you can visit http://www.PacktPub.com/support and register to have the code file.

Table of Contents

  1. Preface
    1. What this book covers
    2. What you need for this book
    3. Who this book is for
    4. Sections
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
      5. See also
    5. Conventions
    6. Reader feedback
    7. Customer support
      1. Errata
      2. Piracy
      3. Questions
  2. Kali Linux and Wireless Networking
    1. Introduction
      1. Getting started with Kali
    2. Installing Kali Linux
      1. Getting ready
      2. How to do it...
        1. Virtualized versus physical
        2. Pre-installation checklist
        3. Choosing an installation option
        4. Hard drive selection
        5. Network cards and wireless
    3. Installing Kali Linux on a PC
      1. Getting ready
      2. How to do it...
    4. Installing Kali in a virtual environment
      1. Getting ready
      2. How to do it...
    5. Updating Kali Linux
      1. How to do it...
    6. Preparing for wireless pentesting
      1. How to do it...
      2. There's more...
        1. Bluetooth adapters
  3. Attacking Access Controls
    1. Introduction
      1. Types of access control attacks
    2. Working with war driving
      1. Getting ready
      2. How to do it...
    3. Mapping access points and increasing accuracy
      1. Getting ready
      2. How to do it...
    4. Creating a rogue access point
      1. Getting ready
      2. How to do it...
    5. Evading MAC filtering with MAC spoofing
      1. Getting ready
      2. How to do it...
    6. Identifying promiscuous clients
      1. Getting ready
      2. How to do it...
  4. Attacking Integrity Controls
    1. Introduction
      1. Types of attack
    2. Sniffing on a wireless network
      1. How does sniffing work?
      2. Getting ready
      3. How to do it...
    3. Working with monitor mode and packet injection
      1. Getting ready
      2. How to do it...
    4. Performing a data replay
      1. Getting ready
      2. How to do it...
    5. Cracking WEP
      1. Getting ready
      2. How to do it...
        1. Phase one – configuring monitor mode
        2. Phase two – packet injection
        3. Phase three – capturing IVs
        4. Phase four – performing a fake authentication
        5. Phase five – ARP replay mode
        6. Phase six – obtaining the WEP key
  5. Attacking Confidentiality
    1. Introduction
      1. Types of attack
    2. Creating an evil twin
      1. Getting ready
      2. How to do it...
        1. Step one – monitor mode airmon-ng
        2. Step two – airdump-ng
        3. Step three – create a new AP with the same SSID and MAC address
        4. Step four – forcing a reconnect
        5. Step five – power up
    3. Man-in-the-middle with wireless
      1. Getting ready
      2. How to do it...
    4. Cracking WEP
      1. Getting ready
        1. Step one – monitor mode airmon-ng
        2. Step two – airdump-ng
        3. Step three – airdump-ng and traffic capture
        4. Step four – replay that traffic
        5. Step five – crack that traffic
  6. Attacking Availability
    1. Introduction
      1. Types of attack
    2. Executing a deauthentication flood
      1. Getting ready
      2. How to do it...
    3. Detecting beacon frames
      1. Getting ready
      2. How to do it...
    4. Spoofing beacon frames
      1. Getting ready
      2. How to do it...
    5. Creating a beacon flood
      1. Getting ready
    6. ARP cache poisoning
      1. Getting ready
  7. Authentication Attacks
    1. Attacks against authentication
    2. Types of attack
    3. WEP attacks
      1. Getting ready
      2. How to do it...
    4. WPA and WPA2 attacks
      1. Getting ready
      2. How to do it...
    5. Attacking WPS
      1. Getting ready
      2. How to do it...
  8. Bluetooth Attacks
    1. Introduction
    2. A brief history of Bluetooth
      1. A look at the technology
    3. Bluetooth in operation
      1. Bluetooth protocol stack
    4. Vulnerabilities in Bluetooth
    5. Selecting the Bluetooth hardware
    6. Types of attack
    7. Bluesmacking
      1. Getting ready
      2. How to do it...
    8. Bluejacking
      1. Getting ready
      2. How to do it...
    9. Bluesnarfing
      1. Getting ready
      2. How to do it...