What do you think?
Rate this book
Kali Linux Wireless Penetration Testing: Beginner's Guide: Learn to penetrate Wi-Fi and wireless networks to secure your system from vulnerabilities
Key FeaturesLearn wireless penetration testing with Kali Linux, the latest iteration of BacktrackDetect hidden wireless networks and discover their namesExplore advanced Wi-Fi hacking techniques including rogue access point hosting and probe sniffingDevelop your encryption cracking skills and gain an insight into the methods used by attackers and the underlying technologies that facilitate these attacksBook Description As wireless networks become ubiquitous in our lives, wireless penetration testing has become a key skill in the repertoire of the professional penetration tester. The Kali Linux security distribution comes with a myriad of tools used for networking attacks and detecting security loopholes.
Kali Linux Wireless Penetration Testing Beginner's Guide presents wireless pentesting from the ground up, introducing all elements of penetration testing with each new technology. Learn various wireless testing methodologies by example, from the basics of wireless routing and encryption through to detailed coverage of hacking methods and attacks such as the Hirte and Caffe Latte.
What you will learnCreate a wireless lab for your experimentsSniff out wireless packets and hidden networksCapture and crack WPA-2 keysDiscover hidden SSIDsExplore the ins and outs of wireless technologiesSniff probe requests and track users through SSID historyAttack radius authentication systemsSniff wireless traffic and collect interesting dataDecrypt encrypted traffic with stolen keysAbout the AuthorsVivek Ramachandran has been working in Wireless Security since 2003. He discovered the Caffe Latte attack and also broke WEP Cloaking, a WEP protection schema, publicly in 2007 at DEF CON. In 2011, he was the first to demonstrate how malware could use Wi-Fi to create backdoors, worms, and even botnets. Earlier, he was one of the programmers of the 802.1x protocol and Port Security in Cisco's 6500 Catalyst series of switches and was also one of the winners of the Microsoft Security Shootout contest held in India among a reported 65,000 participants. He is best known in the hacker community as the founder of SecurityTube.net, where he routinely posts videos on Wi-Fi Security and exploitation techniques.
Cameron Buchanan is an experienced penetration tester, having worked in a huge range of industries. He is also the author of Packt's Kali Linux CTF Blueprints.
Table of ContentsWireless Lab SetupWLAN and its Inherent InsecuritiesBypassing WLAN AuthenticationWLAN Encryption FlawsAttacks on the WLAN InfrastructureAttacking the ClientAdvanced WLAN AttacksAttacking WPA-Enterprise and RadiusWLAN Penetration Testing MethodologyWPS and Probes
Kali Linux Wireless Penetration Testing Beginner's Guide presents wireless pentesting from the ground up, introducing all elements of penetration testing with each new technology. Learn various wireless testing methodologies by example, from the basics of wireless routing and encryption through to detailed coverage of hacking methods and attacks such as the Hirte and Caffe Latte.
What you will learnCreate a wireless lab for your experimentsSniff out wireless packets and hidden networksCapture and crack WPA-2 keysDiscover hidden SSIDsExplore the ins and outs of wireless technologiesSniff probe requests and track users through SSID historyAttack radius authentication systemsSniff wireless traffic and collect interesting dataDecrypt encrypted traffic with stolen keysAbout the AuthorsVivek Ramachandran has been working in Wireless Security since 2003. He discovered the Caffe Latte attack and also broke WEP Cloaking, a WEP protection schema, publicly in 2007 at DEF CON. In 2011, he was the first to demonstrate how malware could use Wi-Fi to create backdoors, worms, and even botnets. Earlier, he was one of the programmers of the 802.1x protocol and Port Security in Cisco's 6500 Catalyst series of switches and was also one of the winners of the Microsoft Security Shootout contest held in India among a reported 65,000 participants. He is best known in the hacker community as the founder of SecurityTube.net, where he routinely posts videos on Wi-Fi Security and exploitation techniques.
Cameron Buchanan is an experienced penetration tester, having worked in a huge range of industries. He is also the author of Packt's Kali Linux CTF Blueprints.
Table of ContentsWireless Lab SetupWLAN and its Inherent InsecuritiesBypassing WLAN AuthenticationWLAN Encryption FlawsAttacks on the WLAN InfrastructureAttacking the ClientAdvanced WLAN AttacksAttacking WPA-Enterprise and RadiusWLAN Penetration Testing MethodologyWPS and Probes
215 pages, Kindle Edition
First published March 30, 2015
26 people are currently reading
119 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 6 of 6 reviews
November 3, 2015
Great beginner's guide for Kali Linux with some solid "block and tackle" elements (always good to use a sports analogy with tech stuff). Suffers very slightly from age (it came out waaay back in March).
Interspersed within the chapters and at the end of each are summaries, quizzes and tests - good effective learning tools.
Gives a clear description of a lab setup along with a specific hardware set (a TP-link TL-WR841N router and an Alfa USB wireless adapter along with an attacker and a victim (describes how to do this with VMs as well)). Gives this and the installation of Kali in various forms from download to login. Very helpful.
It has a very (very) brief overview the WLAN frames and the overall 802.11 protocol. Barely enough I think, but it does make it clear where the basic insecurities lie. Gives some usage of ifconfig, iwconfig along with airmon-ng (etc.).
Oh, a quick caution - this book was not written with the latest Kali (2.0 which is quite new as I write this) so be aware that some of the commands need to be tweaked. The main one being how it handles monitor mode designations - for example where the book says:
airmon-ng start wlan1
you won't get a monitor mode interface called mon0, you will get one named wlan1mon.
There's a bit on wireshark, though I think much is left for the leaner to figure out (thank you, youtube) - you can get through the exercises easy enough though. Wireshark is used throughout, so you'll be navigating with relative ease soon (still, it has power that extends well beyond what is used in this book).
So, what else - packet sniffing and injection, understanding regional issues around access point channels and power output - this is key to understanding other attacks that are not completely covered in this book, btw. A section showing how easy it is to defeat hidden SSIDs and MAC filtering.
I don't think, btw, that there's enough coverage of MAC spoofing, which is generally a good idea... generally.
And there are a few sections on cracking WEP (yawn), WPA and WPA2. Worth noting that attacks on the latter two have progressed since this book was published - there is a section at the end of the book covering them, barely. This is the wash/reaver attack routine and also is impacted by Kali 2.0 with regard to naming conventions.
This isn't in the book, but this may help someone to bridge the old to new version of Kali when performing a reaver attack:
airmon-ng start wlan1
ifconfig wlan1mon down
iwconfig wlan1mon mode monitor
ifconfig wlan1mon up
(worked for me)
then wash/reaver
wash -i wlan1mon -C (etc YMMV)
reaver -i wlan1mon -b ......
(and again, you may want to mess with your MAC addy via "ifconfig ... ether...")
What else... cowpatty tool is covered as an exercise to the reader (quite a bit of that, which is fine), aircrack, airdecap (pretty much can be done with wireshark but it's good to know there are options - and there are many), evil twin attacks, DoS, and there's some use of wifi bridge utilities in a few sections (ie MITM attacks).
And there is a nice section on Client attacks (cafe-latte and the Hirte attack as examples), so not everything here is about router compromises. The section on MITM attacks covers eavesdropping and session hijacking; good detail.
Anyway, now I want to be done. Good intro though it scratches the surface of what Kali has - not that it would matter since it would be partially incomplete now anyway. It is still a fine guide with plenty of screen caps and step-by-steps. What it does miss or cover in the "post published update section" is covered in great detail all over the web. Keep an eye out for wlan1mon versus mon0 and you should be fine.
Lastly - don't be mean. Enjoy the read.
Interspersed within the chapters and at the end of each are summaries, quizzes and tests - good effective learning tools.
Gives a clear description of a lab setup along with a specific hardware set (a TP-link TL-WR841N router and an Alfa USB wireless adapter along with an attacker and a victim (describes how to do this with VMs as well)). Gives this and the installation of Kali in various forms from download to login. Very helpful.
It has a very (very) brief overview the WLAN frames and the overall 802.11 protocol. Barely enough I think, but it does make it clear where the basic insecurities lie. Gives some usage of ifconfig, iwconfig along with airmon-ng (etc.).
Oh, a quick caution - this book was not written with the latest Kali (2.0 which is quite new as I write this) so be aware that some of the commands need to be tweaked. The main one being how it handles monitor mode designations - for example where the book says:
airmon-ng start wlan1
you won't get a monitor mode interface called mon0, you will get one named wlan1mon.
There's a bit on wireshark, though I think much is left for the leaner to figure out (thank you, youtube) - you can get through the exercises easy enough though. Wireshark is used throughout, so you'll be navigating with relative ease soon (still, it has power that extends well beyond what is used in this book).
So, what else - packet sniffing and injection, understanding regional issues around access point channels and power output - this is key to understanding other attacks that are not completely covered in this book, btw. A section showing how easy it is to defeat hidden SSIDs and MAC filtering.
I don't think, btw, that there's enough coverage of MAC spoofing, which is generally a good idea... generally.
And there are a few sections on cracking WEP (yawn), WPA and WPA2. Worth noting that attacks on the latter two have progressed since this book was published - there is a section at the end of the book covering them, barely. This is the wash/reaver attack routine and also is impacted by Kali 2.0 with regard to naming conventions.
This isn't in the book, but this may help someone to bridge the old to new version of Kali when performing a reaver attack:
airmon-ng start wlan1
ifconfig wlan1mon down
iwconfig wlan1mon mode monitor
ifconfig wlan1mon up
(worked for me)
then wash/reaver
wash -i wlan1mon -C (etc YMMV)
reaver -i wlan1mon -b ......
(and again, you may want to mess with your MAC addy via "ifconfig ... ether...")
What else... cowpatty tool is covered as an exercise to the reader (quite a bit of that, which is fine), aircrack, airdecap (pretty much can be done with wireshark but it's good to know there are options - and there are many), evil twin attacks, DoS, and there's some use of wifi bridge utilities in a few sections (ie MITM attacks).
And there is a nice section on Client attacks (cafe-latte and the Hirte attack as examples), so not everything here is about router compromises. The section on MITM attacks covers eavesdropping and session hijacking; good detail.
Anyway, now I want to be done. Good intro though it scratches the surface of what Kali has - not that it would matter since it would be partially incomplete now anyway. It is still a fine guide with plenty of screen caps and step-by-steps. What it does miss or cover in the "post published update section" is covered in great detail all over the web. Keep an eye out for wlan1mon versus mon0 and you should be fine.
Lastly - don't be mean. Enjoy the read.
July 11, 2015
Good content
While there were occasional typos, the content us really great for providing a foundation for wireless pentesting. 3 more words required.
While there were occasional typos, the content us really great for providing a foundation for wireless pentesting. 3 more words required.
October 20, 2017
This is the best book so far for wireless pentration that i've read. This books gives step by step method and gudies us on the go. Hope to see these types of book more 😁😁
July 28, 2021
Transport layer goes brrrrr.
It covers KRACK!
It covers KRACK!
October 30, 2016
Kilka ciekawych rzeczy wyjaśnia, ale tak to zawartość standardowa.
Nie jest źle podana, ale bez szału też.
Nie jest źle podana, ale bez szału też.
Displaying 1 - 6 of 6 reviews