Wireless Network Penetration Testing

Course Overview
Hi everyone. My name is Ricardo, and welcome to my Wireless Penetration Test course. I'm a cybersecurity consultant and a pen test specialist, and I'll be teaching you everything you need to know to perform wireless penetration testing. But first, I want you to take your phone and check how many wireless networks you see available around you right now. How many of them do you think are secure? How many of them would you really trust? I bet you have a very different perspective after this course. We are going to cover every single step of a wireless penetration test engagement from information gathering to exploitation and reporting. As this is a very hands-on course, you'll learn how to crack several kinds of wireless networks from outdated WEP networks to the latest WPA2 networks. We also cover the most common misconfigurations that could allow an attacker to hack into your wireless network. You see how easy it is to crack a wireless password if the network is not securely configured. By the end of this course, you'll be able to perform a wireless penetration test and deliver to your client a meaningful report. I hope you'll join me on this journey to learn the most advanced wireless exploitation techniques with the Wireless Penetration Test course at Pluralsight.

Information Gathering
Welcome back to the Wireless Penetration Test course. In this module, we'll be discussing about information gathering, which in my opinion is one of the most important parts of the engagement. In this phase, we will try to collect the most information as you can from the target networks. The reason that I say that this part is one of the most important parts is because the main weaknesses are on the unknown. The non-documented wireless networks are usually forgotten by system admins and usually use outdated protocols. I've seen a case where an IT admin plugged a wireless router on the internal company network to perform some tests and simply forgot the wireless router there. As he had created it as a test network, he didn't even bother to setting up a password meaning that anyone could connect to it and have access to the whole company network. Even the company, having spent thousands of dollars in firewalls and IPS systems, a simple mistake can bypass all the securities in the perimeter. So keep that in mind. In any pen test, it can be a wireless pen test, web application pen test, or even a mobile application pen test, gathering information will be the key to success. So, let's take a look on the overview of this course. First, we will discuss about a packet capture. You'll learn about the famous promiscuous mode and the main network cards. We will also discuss about antennas and about the aircrack suite, which is the most used tool for wireless assessments. The second topic is about identifying target networks, in which we will discuss about wireless mapping and about the dangers of a hidden network and rogue access points. The last part of this module is two demos. In the first one, we will learn how to capture traffic in promiscuous mode. In the second one, we will learn how to find hidden networks.

Reporting
Reporting is the last phase of the wireless penetration test process, and it's also the last module of this course. I hope in the last modules you learned about enumeration and exploitation. So now you're ready to take all your hard work and put into a report that will make the difference. Remember, the report is the final product. It is as important as the technical knowledge. It doesn't matter if you found several vulnerabilities and exploited several wireless networks if you don't properly present it to your client. As I mentioned in the previous module, think about your car. For you, the final consumer, it doesn't matter how much the engineers have studied to design your car. What you care about is if your car is reliable and if it brings you value. So make sure you spend some good time preparing your report. As coworkers review your documents, make sure the report tells them a story, or in other words, it's organized in a logical way with the beginning, middle, and end. In this module, we'll be covering the basics of reporting. Our intention here is not providing a full course on report writing even because Pluralsight has some very good courses focused only on report and writing. Also, most likely your company already has a report template and a defining reporting style. With that being said, in this module, you will be learning how to organize your findings and put them in a rational and organized way. The first thing we need to do is to understand what a risk is and how to assign risk levels to your findings. After, we will be taking a look on how to propose recommendations. That can be a little bit tricky since we need to not only understand the technology itself, but also the client's environment. We need to provide them meaningful recommendations so the client will be able to follow it. The third thing we see is what to include and what to not include in your report. Even each company, having their own reports and templates, we need to understand which information is relevant to the client and which information should not be disclosed.