Advanced Wi-Fi Security Penetration Testing

This workshop will provide a highly technical and in-depth treatment of Wi-Fi security. The emphasis will be to provide the participants with a deep understanding of the principles behind various attacks and not just a quick how-to guide on publicly available tools. We will start our journey with the very basics by dissecting WLAN packet headers with Wireshark, then graduate to the next level by cracking WEP, WPA/WPA2 and then move on to real life challenges like orchestrating Man-in-the-Middle attacks, creating Wi-Fi Backdoors and solving some live CTF style challenges together!

A non-exhaustive list of topics to be covered include:

• WLAN Protocol Basics using Wireshark
• Bypassing WLAN Authentication - Shared Key, MAC Filtering, Hidden SSIDs
• Cracking WLAN Encryption - WEP, WPA/WPA2 Personal and Enterprise, Understanding encryption based flaws (WEP,TKIP,CCMP)
• Attacking the WLAN Infrastructure - Rogues Devices, Evil Twins, DoS Attacks, MITM
• Advanced Enterprise Attacks - 802.1x, EAP, LEAP, PEAP, IPSec over WLAN
• Attacking the Wireless Client - Honeypots and Hotspot attacks, Caffe-Latte, Hirte, Ad-Hoc Networks and Viral SSIDs, WiFishing
• Breaking into the Client - Metasploit, SET, Social Engineering
• Enterprise Wi-Fi Worms, Backdoors and Botnets
• Wireshark as a Wireless Forensics Tool
• Programming and Scripting Wireless packet sniffers and Injectors for fun and profit

To participate attendees need to get a laptop with Wireshark and the Aircrack suite of tools installed (Backtrack would be recommended).