Essential tools for auditing Wi-Fi networks

Wi-Fi network scanner

They can be installed on both Android/iOS mobiles and computers. It is one of the easiest tools to install and learn to use. They allow you to have a complete overview of all the wireless access points that are close to you. You will have access to the most important details, signal level, type of encryption used and the MAC address of the AP.

You can take advantage of stumblers by encountering networks using weak security protocols, such as WEP or the older version of the well-known WPA. If there are APs with hidden or unset SSIDs, some stumblers can reveal them. If you use this tool at the corporate level, you will be able to find out about people who might be wanting the internal network. For Windows operating systems, the best Wi-Fi network scanner is Acrylic WiFiand also Acrylic WiFi professional with more display options and even has the possibility to make your own scripts.

This kind of tools are much more practical to use on cell phones, mainly because of their practicality and mobility. Wherever you go, you can have a tool that scans Wi-Fi networks installed on your cell phone, and have the information you need at the moment. An alternative for Android devices is called WiFi AnalyzerIt is completely free of charge and displays information on nearby access points in both the 2.4 GHz and 5 GHz bands if found.

Download

? Wifi Analyzer

Developer: farproc

Price: Free

If you need to save the information displayed, you can export it in XML format so that you can adapt it to your needs later, or simply share the same file by e-mail. It has graphs detailing the signal level, its history and its usage level. It has a built-in signal meter that allows you to find APs near your location.

If you have any of the iOS mobile options, you can download and try out Network Analyzer Pro. It is not free, but it has a variety of features that makes it quite complete, as is the case with the Android app.

Download

? Network Analyzer Pro

Developer: Techet

Price: 4.49

Tools that display other details of the wireless network

The importance of these tools lies in the fact that they reveal how a breached or stolen device can contain a lot of sensitive information, as well as various documents or files. It also highlights how important it is to use authentication of type 802.1x where users have individual access credentials for the Wi-Fi network, especially in the corporate environment or in places where this connectivity is offered as a service or facility.

WirelessKeyView is a tool that can support you. It is free and lists all the WEP, WPA and WPA2 keys that were stored on your Windows computer at some point.

On the other hand, Aircrack-ng is a suite of open source tools for cracking WEP and WPA/WPA2 keys and is starting to be updated for WPA3 networks. It is compatible with Windows, Mac OS X, Linux and OpenBSD. In addition, you can view access points that are close to you, including those with hidden or unavailable SSIDs. It also has sniffer functions that capture packets, inject and replay traffic, and, of course, it is capable of cracking access passwords, depending on whether you have captured enough packets to do so (in the case of WEP), or whether you have captured the handshake in the case of WPA/WPA2.

Wi-Fi Sniffers

Unlike wireless network scanners, sniffers go a step further by capturing information about the APs, which is used to analyze the packets being transmitted over the wireless network. The captured traffic information can be imported into other tools we may have, such as an aircrack-ng cracker.

There are sniffers that can analyze packets traveling through the network and/or encrypt them. In addition, other types of sniffers report only certain types of network traffic, as well as those that are designed to reveal passwords that are in plain text.

Kismet is a free and open source solution very complete and with full documentation. It has stumbler, packet sniffer and even an intrusion detection system. The latter can run on Windows 10 using the WSL framework, Mac OS X, Linux and BSD. It visualizes the access points, their SSIDs and those that do not have one or are hidden, cannot hide from this tool.

As mentioned, it manages to capture packets, which you can then import into other well-known tools such as Wireshark, TCPdump and others. So far and as an exception if you use Windows, Kismet only works with CACE AirPcap Wi-Fi adapters. This is due to the limitations of the operating system itself. However, it does support a large number of adapters on Mac OS X and Linux.

If you want to go to the next level, we recommend you to CommView Wi-Fi. It is one of the most popular and complete solutions we can find. Although it is not a free tool, you can try all its features with a 30-day trial. One of its strong points is that it has a dedicated module for VoIP, which allows you to perform a detailed analysis that includes SIP recordings and playbacks and H.323 voice communications.

With this solution, packets can be decrypted using WEP or WPA/WPA2-PSK keys and are decoded down to the lowest instance. It has extensive support for more than 100 protocols and its tree-like structure gives you the complete picture of each captured packet, displaying the protocols applied to each layer and their headers. It is quite comprehensive and highly extensible.

Kali Linux: the star of the hacking world

It is impossible not to recommend the hacking-oriented operating system. Kali Linux is quite popular and not only allows you to perform a regular Linux-like installation on a computer, but you can also move it to a boot disk. In addition, you can run it on any other computer as a virtual one using VMWare, Virtual Box and others.

Among the large number of computer forensics tools it contains, you can find some oriented to perform pentesting in Wi-Fi networks. We can highlight that Kismet (already mentioned above) and Aircrack-ng are included. This operating system is totally free, besides, the tools we have suggested, have a high level of support on their website. You have at your disposal all the necessary documentation to start from scratch. Some of the star tools for Wi-Fi network audits are:

• ReaverHack a network that has the WPS PIN type enabled, so if your Wi-Fi network has the WPS enabled we recommend you to disable it.
• FreeRadius-WPE performs man-in-the-middle attacks while performing 802.1x authentication
• Wi-Fi Honey creates a kind of honey pot that attracts people who want to connect to an access point. Therefore, it creates fake APs to capture the traffic they generate and carry out man-in-the middle attacks.

If you want to expand your knowledge in Kali Linux , you can enter in its official website We have a wide range of courses where you can get up to the Kali Linux Certified Professional certification. Are you up for more?

Another Linux-based distribution that we cannot forget for Wi-Fi audits is WiFiSlax, a fundamental distribution that has more tools for Wi-Fi networks than Kali Linux, so if you are going to focus specifically on Wi-Fi wireless networks, better use WiFiSlax which is also totally free.

Remember that it is not necessary to violate the other people's Wi-Fi networks to test your skills. You can experiment with your group of friends or if you are alone, you can try your own network. Getting started in the world of hacking opens doors to knowledge that you can leverage for personal fulfillment.