Wireless penetration testing is a test to determine the current situation of the client’s wireless infrastructure against attacks that can be done without and after being included in the enterprise wireless networks. A Wireless Penetration test might be an authorized or unauthorized hacking attempt, which is designed to detect and exploit vulnerabilities in security controls employed by a number of wireless technologies and standards, misconfigured access points, and weak security protocols.
Some of our wireless penetration testing steps;
- SSID Discovering in the target enviroment
- Enable wifi adaptor montinotr mode
- Find and try to crack WPS enabled AP
- Hidden SSID discovering
- Information gathering(MAC addr.) on the connected clients
- Identify Wireless Encrytion Methods
- Try to identify mobile devices in the Wireless Network
- Try to identify type of device from MAC address
- Try to discover Wireless Network’s IP subnet
- Security tests on the AP management webinterface
- Security tests on the AP management IP address
- Open/Shared authenticated tests on the AP
- Discovering IP addresses and operating systems of clients
- Check MAC filtering status
- Try to bypass MAC filtering if it is enabled.
- Hotspot bypassing techniques
- DNS tunneling tests
- MITM attack tests for the clients
- Social engineering for connecte clients.
- WEP/WPA/WPA2 password cracking
- Fake SSID broadcasting tests
- Hotspot simulation tests
- Try to get WPA/WEP keys from the connected clients
- De-authentication tests for connected clients
- Arp-replay attack
- Chop-chop attack
- WPS Pin attack
- Well-known issues on the target AP brands.
- Configuration Tests on the AP
- Try to intercept WPA2 handshake and perform brute force
- Automate scanning to connected clients and AP
If you would like to know how Wireless Penetration Testing Service can be beneficial for your company or more information about our service, please contact our security experts to get a free quick consultation.