Wednesday

Wireless Auditing Toolkits



When I saw OSWA Assistant listed on the Darknet website, I remembered a video about it on Defcon. But only after searching for the video, I saw that it was a presentation about wicrawl. An entirely other tool. So let's briefly review the two:

The OSWA-Assistant is a no-Operating-System-required standalone toolkit which is solely focused on wireless auditing. As a result, in addition to the usual WiFi (802.11) auditing tools, it also covers Bluetooth and RFID auditing. Using the toolkit is as easy as popping it into your computer’s CDROM and making your computer boot from it!

This toolkit is a contribution to the wireless security/auditing community and, as the “Assistant” moniker implies, and is designed for the following groups of people:

  • IT-security auditors and professionals who need to execute technical wireless security testing against wireless infrastructure and clients;
  • IT professionals who have responsibility for ensuring the secure operation and administration of their organization’s wireless networks;
  • SME (Small & Medium Enterprise) and SOHO (SmallOffice-HomeOffice) businesses who do not have either the technical expertise or the resources to employ such expertise to audit their wireless networks;
  • Non-technical-users who run wireless networks at home and who would like to audit the security of their wireless home networks and laptops but don’t know how.

You can download OSWA Assistant here:

oswa-assistant.iso

Or read more here. (Source: Darknet)

and let's see about wicrawl:

Wicrawl is a simple wi-fi (802.11x) Access Point auditor with a simple and flexible plugin architecture. The plugins allow us to find out useful information about an AP so we don’t have to manually check each access point. Plugins are implemented for existing common tools, and new plugins can be written in any language. Wicrawl is able to use multiple cards, and eventually will be able to use multiple computers.

The goal is to automate the tedious task of scanning wi-fi access points for interesting information. This can be a useful tool for penetration testers looking to “crawl” through massive numbers of APs looking for interesting data. Plugins will be everything from DHCP and nmap to aircrack or hooks to move a motorized directional antenna around.

More info and downloads at midnightresearch.com.

or have a look at the defcon presentation:




Related posts:

No comments: