0345 4506120

Wi-Fi Security - Offensive Defence

This two day course provides a comprehensive guide to the assessment and testing of an organisation's security posture with regard to its implementation of Wi-Fi communications.

The course spans Wi-Fi standards, their capabilities, operation, intelligence opportunities, threats posed, exploitation and Wi-Fi auditing and pen testing workflow. Attend one day, or all three to suit your needs and or exposure to Wi-Fi security technology and level of hands on required.

We will review the wide range of key processes of Wi-Fi networks from discovery to authentication, association, higher level authentication and dissociation. Each of these areas will examine methods of exploitation as well as mitigation. The course is delivered through presentations, discussions, practical demonstrations and hands on labs.

You will gain practical hands-on experience of implementing and using technical security controls in labs using real world equipment and will be given the skills and tools to create your own Wi-Fi auditing and pen testing suite.

Learning Objectives

  •   Evolution of 802.11 standards
  •   Passive intelligence exploitation
  •   Building COTS Wi-Fi survey kit
  •   Performing Wi-Fi site survey
  •   Testing Wi-Fi encryption strength
  •   Circumventing Wi-Fi encryption through social engineering
  •   Mitigation techniques
  •   Common post exploitation activities
  •   Audit Scoping and Reporting

Pre-Requisites

  •   This course is aimed at security analysts working in public and private sectors who are looking to ensure that they are aware of the vulnerability exposure and defensive countermeasures through the use of Wi-Fi.
  •   Familiarity with Linux command line and basic networking principles is encouraged.

Course Content

Day 1 - Wi-Fi Security Foundation – Risks, Flaws and Bad Design

  •   802.11 Overview
  •   Wi-Fi Fundamentals
  •   Wi-Fi Operating Modes
  •   Wi-Fi Management frames
  •   Wi-Fi Design Flaws
  •   Deauthentication vulnerability
  •   Encryption standards and Vulnerabilities
  •   Intelligence Leakage from Beacons and Probes  
    •     Device Vectoring
    •     Device previous locations
    •     Site Survey    
      •       Choosing Equipment
      •       Kit List
      •       Kit Preparation
  •   Introduction to the aircrack-ng suite

Day 2 - Wi-Fi Security Intermediate – Threats and Countermeasures

  •   Device Vectoring Practical
  •   Site Survey Practical
  •   Rogue access points
  •   Karma Attack
  •   Misconfigured devices
  •   BYOD
  •   Breaking Encryption  
    •     Testing WEP
    •     Testing WPA-TKIP
    •     Testing WPA-AES
    •     Testing WPA2
    •     Encryption circumvention
  •   Post exploitation activities
  •   Device Hardening
  •   Mitigation techniques

Privacy Notice

In order to provide you with the service requested we will need to retain and use your contact information in accordance with our Privacy Notice. If you choose to provide us with this information you explicitly consent to us using the information as necessary to provide the request service to you. If you do not agree please do not proceed to request the service from us.

Marketing Permissions

Would you like to receive our newsletter and other information on products and services which we think will be of interest to you by email. We will always treat your information with care and in accordance with our Privacy Notice. You are free to withdraw this permission at any time.

 

Online Courses

You may prefer an online course if you are looking for a flexible and cost-effective solution. Online courses allow you to study at your own pace, at a time that suits you.

We have the following eLearning options available:

Our Customers Include