Book Image

Mastering Kali Linux Wireless Pentesting

By : Brian Sak, Jilumudi Raghu Ram
Book Image

Mastering Kali Linux Wireless Pentesting

By: Brian Sak, Jilumudi Raghu Ram

Overview of this book

Kali Linux is a Debian-based Linux distribution designed for digital forensics and penetration testing. It gives access to a large collection of security-related tools for professional security testing - some of the major ones being Nmap, Aircrack-ng, Wireshark, and Metasploit. This book will take you on a journey where you will learn to master advanced tools and techniques to conduct wireless penetration testing with Kali Linux. You will begin by gaining an understanding of setting up and optimizing your penetration testing environment for wireless assessments. Then, the book will take you through a typical assessment from reconnaissance, information gathering, and scanning the network through exploitation and data extraction from your target. You will get to know various ways to compromise the wireless network using browser exploits, vulnerabilities in firmware, web-based attacks, client-side exploits, and many other hacking methods. You will also discover how to crack wireless networks with speed, perform man-in-the-middle and DOS attacks, and use Raspberry Pi and Android to expand your assessment methodology. By the end of this book, you will have mastered using Kali Linux for wireless security assessments and become a more effective penetration tester and consultant.
Table of Contents (16 chapters)
Mastering Kali Linux Wireless Pentesting
About the Authors
About the Reviewer


In this chapter, we covered many options available to an attacker if they share the same wireless network with their intended targets. MAC spoofing and ARP poisoning are two attacks that go hand in hand to get between a client and the router on a wireless network. The victim is tricked into sending their outbound traffic through the attacker and the router is also tricked into sending traffic destined for the victim through the attacker in kind. This attack can be very effective for clients that are already connected to a wireless network that an attacker also has access to, such as a public hotspot or after an attacker has defeated a pre-shared key authentication technique on WPA-personal or WPA2-personal networks. DHCP and DNS were also demonstrated as services that can be manipulated by an attacker to either redirect traffic through your attacking workstation to capture sensitive traffic or to unwittingly redirect a target's browser or command-line tools to where you may be able...