Wireless Network Penetration Testing

Virtually every company has wireless networks, making for an attractive target to attackers. This course will teach you how to perform a penetration test in wireless networks.
Course info
Rating
(28)
Level
Intermediate
Updated
Mar 31, 2017
Duration
1h 13m
Table of contents
Description
Course info
Rating
(28)
Level
Intermediate
Updated
Mar 31, 2017
Duration
1h 13m
Description

Wireless networks are everywhere but are they really secure? How easy would it be for an attacker to hack into your network? In this course, Wireless Network Penetration Testing, you'll learn about the most common attack techniques against wireless networks. First, you'll explore the wireless penetration test process. Next, you'll discover how to gather information about your target. With the information gathered, you'll learn how to exploit the most common wireless networks technologies, such as: WEP, WPA, WPA2, and WPS. Finally, you'll cover how to propose recommendations and write a proper wireless penetration test report. When you are finished with this course, you'll have the skills and knowledge about both technical and non-technical aspects of a penetration test, and how to perform a full wireless penetration test engagement for your company or your client.

About the author
About the author

"Ricardo is a Cybersecurity Consultant based in Toronto (Canada). He has 10+ years of IT experience, 6 of them in the IT Security field. His main interests are: SIEM solutions (IBM QRadar), Enterprise Security Risk, Penetration Testing, Security processes/procedures and Network Security.

More from the author
Planning, Deploying, and Maintaining QRadar
Intermediate
2h 50m
20 Sep 2018
SIEM Administration with QRadar
Intermediate
3h 10m
24 May 2018
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone. My name is Ricardo, and welcome to my Wireless Penetration Test course. I'm a cybersecurity consultant and a pen test specialist, and I'll be teaching you everything you need to know to perform wireless penetration testing. But first, I want you to take your phone and check how many wireless networks you see available around you right now. How many of them do you think are secure? How many of them would you really trust? I bet you have a very different perspective after this course. We are going to cover every single step of a wireless penetration test engagement from information gathering to exploitation and reporting. As this is a very hands-on course, you'll learn how to crack several kinds of wireless networks from outdated WEP networks to the latest WPA2 networks. We also cover the most common misconfigurations that could allow an attacker to hack into your wireless network. You see how easy it is to crack a wireless password if the network is not securely configured. By the end of this course, you'll be able to perform a wireless penetration test and deliver to your client a meaningful report. I hope you'll join me on this journey to learn the most advanced wireless exploitation techniques with the Wireless Penetration Test course at Pluralsight.

Information Gathering
Welcome back to the Wireless Penetration Test course. In this module, we'll be discussing about information gathering, which in my opinion is one of the most important parts of the engagement. In this phase, we will try to collect the most information as you can from the target networks. The reason that I say that this part is one of the most important parts is because the main weaknesses are on the unknown. The non-documented wireless networks are usually forgotten by system admins and usually use outdated protocols. I've seen a case where an IT admin plugged a wireless router on the internal company network to perform some tests and simply forgot the wireless router there. As he had created it as a test network, he didn't even bother to setting up a password meaning that anyone could connect to it and have access to the whole company network. Even the company, having spent thousands of dollars in firewalls and IPS systems, a simple mistake can bypass all the securities in the perimeter. So keep that in mind. In any pen test, it can be a wireless pen test, web application pen test, or even a mobile application pen test, gathering information will be the key to success. So, let's take a look on the overview of this course. First, we will discuss about a packet capture. You'll learn about the famous promiscuous mode and the main network cards. We will also discuss about antennas and about the aircrack suite, which is the most used tool for wireless assessments. The second topic is about identifying target networks, in which we will discuss about wireless mapping and about the dangers of a hidden network and rogue access points. The last part of this module is two demos. In the first one, we will learn how to capture traffic in promiscuous mode. In the second one, we will learn how to find hidden networks.

Reporting
Reporting is the last phase of the wireless penetration test process, and it's also the last module of this course. I hope in the last modules you learned about enumeration and exploitation. So now you're ready to take all your hard work and put into a report that will make the difference. Remember, the report is the final product. It is as important as the technical knowledge. It doesn't matter if you found several vulnerabilities and exploited several wireless networks if you don't properly present it to your client. As I mentioned in the previous module, think about your car. For you, the final consumer, it doesn't matter how much the engineers have studied to design your car. What you care about is if your car is reliable and if it brings you value. So make sure you spend some good time preparing your report. As coworkers review your documents, make sure the report tells them a story, or in other words, it's organized in a logical way with the beginning, middle, and end. In this module, we'll be covering the basics of reporting. Our intention here is not providing a full course on report writing even because Pluralsight has some very good courses focused only on report and writing. Also, most likely your company already has a report template and a defining reporting style. With that being said, in this module, you will be learning how to organize your findings and put them in a rational and organized way. The first thing we need to do is to understand what a risk is and how to assign risk levels to your findings. After, we will be taking a look on how to propose recommendations. That can be a little bit tricky since we need to not only understand the technology itself, but also the client's environment. We need to provide them meaningful recommendations so the client will be able to follow it. The third thing we see is what to include and what to not include in your report. Even each company, having their own reports and templates, we need to understand which information is relevant to the client and which information should not be disclosed.