In this chapter, we have analyzed the most common attacks against wireless clients, covered how to set up a honeypot AP that impersonates a legitimate one and induces the clients to connect to it (Evil Twin attack). We have also covered the MITM attacks against connected clients and the attacks to recover the WPA and WEP keys (Caffe Latte and Hirte attacks) when the client is isolated from the network.

The next chapter will cover the reporting phase, which will show how to write smart and effective reports of our penetration test.