Difference between revisions of "Training Advanced Wi-Fi Pentesting"
From BruCON 2016
(One intermediate revision by the same user not shown) | |||
Line 3: | Line 3: | ||
===Course Description=== | ===Course Description=== | ||
This training is based on the best selling book “Backtrack 5 Wireless Penetration Testing" and will provide a highly technical and in-depth treatment of Wi-Fi security. The emphasis will be to provide participants with a deep understanding of the principles behind various attacks and not just a quick how-to guide on publicly available tools. | This training is based on the best selling book “Backtrack 5 Wireless Penetration Testing" and will provide a highly technical and in-depth treatment of Wi-Fi security. The emphasis will be to provide participants with a deep understanding of the principles behind various attacks and not just a quick how-to guide on publicly available tools. | ||
+ | |||
+ | |||
+ | |||
+ | =Objectives= | ||
During the course of this training participants will do over 25+ hands-on lab sessions and will fight it out against live CTF challenges. These include - cracking WPA Enterprise (PEAP, EAP-TTLS), MITM attacks over Wireless, Creating Wi-Fi Backdoors, Scripting and Attack automation, Wireless Forensics and Security Best Practices. | During the course of this training participants will do over 25+ hands-on lab sessions and will fight it out against live CTF challenges. These include - cracking WPA Enterprise (PEAP, EAP-TTLS), MITM attacks over Wireless, Creating Wi-Fi Backdoors, Scripting and Attack automation, Wireless Forensics and Security Best Practices. | ||
+ | |||
+ | =Course Contents= | ||
A non-exhaustive list of topics to be taught includes: | A non-exhaustive list of topics to be taught includes: | ||
Line 15: | Line 21: | ||
* Breaking into the Client - Metasploit, SET, Social Engineering | * Breaking into the Client - Metasploit, SET, Social Engineering | ||
* Enterprise Wi-Fi Worms, Backdoors and Botnets | * Enterprise Wi-Fi Worms, Backdoors and Botnets | ||
− | |||
− | |||
− | |||
− | |||
=Prerequisites= | =Prerequisites= | ||
Line 28: | Line 30: | ||
=Trainer Biography= | =Trainer Biography= | ||
− | + | Vivek Ramachandran is the Founder and Chief Trainer at SecurityTube.net. He discovered the Caffe Latte attack, broke WEP Cloaking, a WEP protection schema in 2007 publicly at Defcon and conceptualized enterprise Wi-Fi Backdoors. He is also the author of the book “Backtrack 5 Wireless Penetration Testing“. He runs SecurityTube Trainings and Pentester Academy currently taken by infosec professionals in 75 countries. He also conducts in-person trainings in the US, Europe and Asia. Vivek’s work on wireless security has been quoted in BBC online, InfoWorld, MacWorld, The Register, IT World Canada etc. places. He has spoken/trained at top conferences around the world including Black Hat USA, Europe and Abu Dhabi, Defcon, Hacktivity, Brucon, ClubHack, SecurityByte, SecurityZone, Nullcon, C0C0n etc. Twitter: @securitytube | |
''Mon. 22 - Tue. 23 September 2014 (09:00 - 17:00)'' | ''Mon. 22 - Tue. 23 September 2014 (09:00 - 17:00)'' |
Latest revision as of 10:35, 25 August 2014
Contents
Advanced Wi-Fi Pentesting by Vivek Ramachandran
Course Description
This training is based on the best selling book “Backtrack 5 Wireless Penetration Testing" and will provide a highly technical and in-depth treatment of Wi-Fi security. The emphasis will be to provide participants with a deep understanding of the principles behind various attacks and not just a quick how-to guide on publicly available tools.
Objectives
During the course of this training participants will do over 25+ hands-on lab sessions and will fight it out against live CTF challenges. These include - cracking WPA Enterprise (PEAP, EAP-TTLS), MITM attacks over Wireless, Creating Wi-Fi Backdoors, Scripting and Attack automation, Wireless Forensics and Security Best Practices.
Course Contents
A non-exhaustive list of topics to be taught includes:
- Bypassing WLAN Authentication - Shared Key, MAC Filtering, Hidden SSIDs
- Cracking WLAN Encryption - WEP, WPA/WPA2 Personal and Enterprise, Understanding encryption based flaws (WEP,TKIP,CCMP)
- Attacking the WLAN Infrastructure - Rogues Devices, Evil Twins, DoS Attacks, MITM, Wi-Fi Protected Setup
- Advanced Enterprise Attacks - 802.1x, EAP, LEAP, PEAP, EAP-TTLS
- Attacking the Wireless Client - Honeypots and Hotspot attacks, Caffe-Latte, Hirte, Ad-Hoc Networks and Viral SSIDs, WiFishing
- Breaking into the Client - Metasploit, SET, Social Engineering
- Enterprise Wi-Fi Worms, Backdoors and Botnets
Prerequisites
Technical requirements for the training :
- Laptop with at least 3 GB RAM
- Kali Linux installed in Virtualbox with Windows / Linux / Mac as the Host
- 1 working USB 2.0 port on your laptop (important as the Wi-Fi card only works with 2.0 ports)
- Admin / Root on the laptop so you can install software
Trainer Biography
Vivek Ramachandran is the Founder and Chief Trainer at SecurityTube.net. He discovered the Caffe Latte attack, broke WEP Cloaking, a WEP protection schema in 2007 publicly at Defcon and conceptualized enterprise Wi-Fi Backdoors. He is also the author of the book “Backtrack 5 Wireless Penetration Testing“. He runs SecurityTube Trainings and Pentester Academy currently taken by infosec professionals in 75 countries. He also conducts in-person trainings in the US, Europe and Asia. Vivek’s work on wireless security has been quoted in BBC online, InfoWorld, MacWorld, The Register, IT World Canada etc. places. He has spoken/trained at top conferences around the world including Black Hat USA, Europe and Abu Dhabi, Defcon, Hacktivity, Brucon, ClubHack, SecurityByte, SecurityZone, Nullcon, C0C0n etc. Twitter: @securitytube
Mon. 22 - Tue. 23 September 2014 (09:00 - 17:00)