|
Wifi WPA WEP Wireless Hacking |
|
|
Recon and Attack tools
|
|
Here is the list of tools we commonly use in pentesting wireless networks or just wardriving for fun and no profit. All these tools are covered in the book in sufficient details. Some of them may become obsolete at the time the book hits the shelf and so are not possible to find anywhere anymore, so they are located on our site. The reason for it is the dialectic approach we endorse: to understand things as they are now, you are ought to know where did they come from and how did they develop. Besides, you may find the snippets of code from these tools to be useful for your own projects.
As to the code, everything on our list is Open Source and is distributed under GPL, BSD or similar licenses. Close Source tools are not included on purpose, even though they may be mentioned in the book where appropriate. This work is not commercial, does not favour particular vendors, and has only became possible due to the work and collaboration within the Open Source community. We are profoundly grateful to the authors of the listed tools for the feats of wonder they performed to make "theoretical" wireless security practical.
|
|
Wireless Network Discovery, Mapping and Traffic Analysis - the "classical" wardriving tools for discovering wireless LANs, positioning them on the map, sniffing, logging and analyzing packets in the air.
|
|
AirFart
|
Local mirror
|
v 0.2.1
|
|
AirTraf
|
Local mirror
|
v 1.1
|
|
Aphunter
|
Local mirror
|
v
|
|
APradar
|
Local mirror
|
v 0.52
|
|
BSD-airtools (dstumbler)
|
Local mirror
|
v 0.2
|
|
Classic Stumbler (mac)
|
Local mirror
|
v 1.7
|
|
Gtkskan
|
Local mirror
|
v 0.2
|
|
HermesAP monitor patch
|
Local mirror
|
v
|
|
iStumbler (mac)
|
Local mirror
|
v 96
|
|
KisMAC (mac)
|
Local mirror
|
v R65
|
|
Kismet
|
Local mirror
|
v 2005-08-R1
|
|
Kismet Log Viewer
|
Local mirror
|
v 0.9.7
|
|
Kismet parse
|
Local mirror
|
v 0.2
|
|
MacStumbler (mac)
|
Local mirror
|
v 075b
|
|
Mognet
|
Local mirror
|
v 1.16
|
|
Perlskan
|
Local mirror
|
v 0.1
|
|
Prismdump
|
Local mirror
|
v 20001122
|
|
Prismstumbler
|
Local mirror
|
v 0.7.3
|
|
Prismsnort
|
Local mirror
|
v 2.0
|
|
SSIDsniff
|
Local mirror
|
v 0.42
|
|
THC-Wardrive
|
Local mirror
|
v 2.3
|
|
WaveStumbler
|
Local mirror
|
v 1.2.0
|
|
Wellenreiter
|
Local mirror
|
v 1.9
|
|
Wellenreiter for OPIE
|
not mirrored
|
v 1.0RC2
|
|
Wi-Find
|
Local mirror
|
v 0.2.1
|
|
WifiScanner
|
Local mirror
|
v1.0.2
|
|
Wispy-Tools
|
Local mirror
|
v 2006-01-R1
|
|
Wistumbler
|
Local mirror
|
v
|
|
Wlan-scan
|
Local mirror
|
v 0.0.1
|
|
|
|
|
|
Client evaluation tools - utilities to check security state of wireless clients.
|
|
Airsnarf Rogue Squadron
|
Local mirror
|
v 0.1
|
|
Hotspotter
|
Local mirror
|
v 0.4
|
|
Probemapper
|
Local mirror
|
v 0.5
|
|
Karma Tools
|
Local mirror
|
v 0.4
|
|
Wlan-webauth
|
Not mirrored
|
|
|
|
|
|
|
RF signal strength monitoring - utilities for monitoring the signal strengh of the WLAN you are associated to.
|
|
Wavemon
|
Local mirror
|
v 0.4.0b
|
|
Wireless Power Meter
|
Local mirror
|
v 0.00
|
|
Wscan
|
Local mirror
|
v 1.00
|
|
Wscan (familiar/linux/ipaq)
|
Local mirror
|
v 1.00
|
|
Wscan (BSD)
|
Local mirror
|
v 2.00experimental
|
|
XnetworkStrength
|
Local mirror
|
v 0.4.2
|
|
|
|
|
|
Wireless-specific encryption cracking - tools for gaining access to protected wireless networks. At the moment include WEP crackers, WEP-encrypted traffic injectors and practical implementations of attacks against certain 802.1x types.
|
|
Airsnort
|
Local mirror
|
v 0.2.7e
|
|
Aircrack
|
Local mirror
|
v 2.41
|
|
Asleap
|
Local mirror
|
v 1.4
|
|
BSD-airtools (dwepcrack)
|
Local mirror
|
v 0.2
|
|
coWPArty
|
Local mirror
|
v 2.0
|
|
Leap
|
Local mirror
|
v
|
|
anwrap (Leapcrack)
|
Local mirror
|
v 0.1
|
|
LucentRegCrypto
|
Local mirror
|
v 0.3
|
|
THC-LEAPcracker
|
Local mirror
|
v 0.1
|
|
weplab
|
Local mirror
|
v 0.1.5
|
|
WEP_Tools
|
Local mirror
|
v
|
|
WepAttack
|
Local mirror
|
v 0.1.3
|
|
WepDecrypt
|
Local mirror
|
v 0.7
|
|
WEPcrack
|
Local mirror
|
v 0.1.0
|
|
WEPWedgie
|
Local mirror
|
v 0.1.0
|
|
Wnet (reinj)
|
Local mirror
|
v
|
|
WPA Cracker
|
Local mirror
|
v 0.1
|
|
|
|
|
|
Wireless custom frame generation - these allow layer two attacks on wireless LANs including a variety of man-in-the-middle attacks and unstoppable denial of service.
|
|
AirJack26
|
Local mirror
|
v 0.1a
|
|
AirJack
|
Local mirror
|
v 0.6.6b
|
|
chopchop
|
Local mirror
|
v 0.1
|
|
Dissassociate
|
Local mirror
|
v
|
|
FakeAP
|
Local mirror
|
v 0.3.2
|
|
FakeAP BSD
|
Local mirror
|
v 0.3.1
|
|
FataJack
|
Local mirror
|
v
|
|
File2Air
|
Local mirror
|
v 0.1
|
|
Libradiate
|
Local mirror
|
v 0.02
|
|
Libwlan
|
Local mirror
|
v 0.1
|
|
Omerta
|
Local mirror
|
v
|
|
Wifitap
|
Local mirror
|
v 0.2.0
|
|
Void11
|
Local mirror
|
v 0.2.0
|
|
Wnet (dinject)
|
Local mirror
|
v
|
|
|
|
|
|
Miscellaneous - difficult-to-categorise software that comes handy in wireless penetration testing.
|
|
Applewepkey
|
Local mirror
|
v
|
|
Airpwn
|
Local mirror
|
v 0.50c
|
|
Airsnarf
|
Local mirror
|
v 0.2
|
|
Auditor Security Collection
|
not mirrored
|
v 200605-02
|
|
AP-utils
|
Local mirror
|
v 1.5
|
|
ApHopper
|
Local mirror
|
v 0.3
|
|
APTools
|
Local mirror
|
v 0.1.0
|
|
DMZS-carte
|
Local mirror
|
v 0.9rc1
|
|
Ethereal/Tetheral
|
not mirrored
|
v 0.10.14
|
|
Ettercap
|
Local mirror
|
v NG-0.7.3
|
|
Gpsd
|
Local mirror
|
v 2.31
|
|
Gpsdrive
|
Local mirror
|
v 2.10pre2
|
|
Orinoco MM Patch
|
not mirrored
|
v
|
|
Macfld.pl
|
Local mirror
|
v
|
|
Morinoco Patch
|
Local mirror
|
v 14.2
|
|
Packetyzer
|
not mirrored
|
v 4.03
|
|
Wifi2eth
|
Local mirror
|
v 0.10
|
|
