Workshop’s eBook: Advanced wireless penetration testing. How to do a professional security test?

1) Wireless protocol

Introducing to IEEE 802.11 “Wireless protocol”
Introduction to wireless communication
Wireless Encryption
Wireless authentication and De-authentication
Wireless association and re-association
Wireless Modules
How to choose your wireless card

2) Wireless networks

Introduction to Air-crack suite
Wireshark
Introduction to open wireless networks
Packet capturing
Packet Analysis

3) WEP protocol

ARP Packet replay attack
Korek ChopChop attack
Fragmentation Attack
Introduction to WEP protocol
Cracking WEP encrypted Wireless network (Open Authentication)

4) WPA/WPA2 protocol

Cracking WEP encrypted Wireless network (Shared Key Authentication)
MAC Address filtering and how to bypass it
Introduction to WPA/WPA2 protocol
Cracking WPA2 encrypted wireless network with dictionary list
Cracking WPA2 encrypted wireless network with Rainbow tables
How to create your rainbow table
How to capture a valid three way-handshake

Introduction to wireless client side attacks
Rouge access point
Install rouge access point to capture the three way handshake and crack it
Traffic capturing and apply specific filters to get traffic of interest
Introduction to Metasploit
Introduction to karmetasploit attack (Mix between aircrack and metasploit)

Introduction to a complete penetration testing scenario “From wireless to Domain Admin”
Install rouge access point
Force the client connect to it
Scan the client for vulnerability
Get access to client machine
Escalate our privilege
Create domain admin “And this is the flag we need to capture”
The participants will have a solid knowledge about wireless communication and encryption protocols, the ability to crack wireless keys and to carry out wireless penetration testing and integrate it with the infrastructure penetration testing.