SEARCH
TOOLBOX
LANGUAGES
Difference between revisions of "Training Advanced Wi-Fi Pentesting"

Difference between revisions of "Training Advanced Wi-Fi Pentesting"

From BruCON 2016

Jump to: navigation, search
(Created page with "=Wireshark - Packet Class by Didier Stevens = ===Course Description=== This training is based on the best selling book “Backtrack 5 Wireless Penetration Testing" and will p...")
 
 
(3 intermediate revisions by the same user not shown)
Line 1: Line 1:
=Wireshark - Packet Class by Didier Stevens =
+
=Advanced Wi-Fi Pentesting by Vivek Ramachandran =
  
 
===Course Description===
 
===Course Description===
 
This training is based on the best selling book “Backtrack 5 Wireless Penetration Testing" and will provide a highly technical and in-depth treatment of Wi-Fi security. The emphasis will be to provide participants with a deep understanding of the principles behind various attacks and not just a quick how-to guide on publicly available tools.  
 
This training is based on the best selling book “Backtrack 5 Wireless Penetration Testing" and will provide a highly technical and in-depth treatment of Wi-Fi security. The emphasis will be to provide participants with a deep understanding of the principles behind various attacks and not just a quick how-to guide on publicly available tools.  
 +
 +
 +
 +
=Objectives=
  
 
During the course of this training participants will do over 25+ hands-on lab sessions and will fight it out against live CTF challenges. These include - cracking WPA Enterprise (PEAP, EAP-TTLS), MITM attacks over Wireless, Creating Wi-Fi Backdoors, Scripting and Attack automation, Wireless Forensics and Security Best Practices.
 
During the course of this training participants will do over 25+ hands-on lab sessions and will fight it out against live CTF challenges. These include - cracking WPA Enterprise (PEAP, EAP-TTLS), MITM attacks over Wireless, Creating Wi-Fi Backdoors, Scripting and Attack automation, Wireless Forensics and Security Best Practices.
 +
 +
=Course Contents=
  
 
A non-exhaustive list of topics to be taught includes:
 
A non-exhaustive list of topics to be taught includes:
Line 15: Line 21:
 
* Breaking into the Client - Metasploit, SET, Social Engineering
 
* Breaking into the Client - Metasploit, SET, Social Engineering
 
* Enterprise Wi-Fi Worms, Backdoors and Botnets
 
* Enterprise Wi-Fi Worms, Backdoors and Botnets
 
===Who should attend===
 
IT Security professionals, network engineers, ..., anyone else who comes into contact with packets with a desire to dissect them.
 
 
=Objectives=
 
During the course, the student will:
 
* Get a thorough overview of Wireshark's features
 
* Learn how to customize Wireshark
 
* Learn how to script Wireshark
 
 
=Course Contents=
 
===Day 1===
 
* Get familiar with the user interface of Wireshark
 
* The art of capturing traffic
 
** Capture traffic at different points in the network
 
** Using network devices to capture traffic
 
** Using  dedicated hardware to capture traffic
 
* Capture filters
 
** Knowing capture filters is an important skill for security professionals. Capture filters are not only used by Wireshark, but many other (security) tools you will encounter in your career.
 
* Display filters (not to be confused with capture filters)
 
* Colorizing traffic
 
* Build-in statistics
 
** Report
 
** Graphs
 
** Customize with display filters
 
* Streams and data
 
* Wireshark's expert system
 
 
===Day 2===
 
* Practical capture analysis
 
** Regular day-to-day traffic
 
*** DNS
 
*** TCP/IP
 
*** HTTP
 
*** SMTP
 
*** WLAN
 
*** …
 
** Irregular traffic
 
*** Network scans (nmap anyone?)
 
*** Network discovery
 
*** Traffic from hacker tools
 
*** Traffic from malware like botnets
 
*** …
 
** Network forensics
 
* Scripting
 
** Command-line scripting with Tshark, Python and Lua
 
** Lua listeners
 
** Lua dissectors
 
*** Use a Lua dissector generator
 
*** Refactor existing Lua dissectors
 
*** New protocol dissectors
 
*** Post dissectors
 
  
 
=Prerequisites=
 
=Prerequisites=
 
+
Technical requirements for the training :
A basic understanding of networking is required.
+
* Laptop with at least 3 GB RAM
Some basic scripting experience is useful, just not to feel overwhelmed when we discuss custom dissectors. If you know what an if-statement and a for-loop is, you will be fine.
+
* Kali Linux installed in Virtualbox with Windows / Linux / Mac as the Host
 
+
* 1 working USB 2.0 port on your laptop (important as the Wi-Fi card only works with 2.0 ports)
A laptop with the latest version of Wireshark installed (Windows/Linux/OSX) and with Python 2.7. Administrative rights are useful to install some Python modules. If you don't have administrative rights, make sure that you can perform a capture and run Lua scripts. If you are in doubt, make sure that you have administrative rights.
+
* Admin / Root on the laptop so you can install software
Make sure that there is no security software running that could interfere with capturing.
 
  
 
=Trainer Biography=
 
=Trainer Biography=
Didier Stevens (Security Consultant, Didier Stevens Labs, Contraste Europe NV) is an IT security professional well known for his security and forensic tools, like the Network Appliance Forensic Toolkit (NAFT). Didier is an experienced Wireshark user, he started using it when it was still known as Ethereal.
+
Vivek Ramachandran is the Founder and Chief Trainer at SecurityTube.net. He discovered the Caffe Latte attack, broke WEP Cloaking, a WEP protection schema in 2007 publicly at Defcon and conceptualized enterprise Wi-Fi Backdoors. He is also the author of the book “Backtrack 5 Wireless Penetration Testing“. He runs SecurityTube Trainings and Pentester Academy currently taken by infosec professionals in 75 countries. He also conducts in-person trainings in the US, Europe and Asia. Vivek’s work on wireless security has been quoted in BBC online, InfoWorld, MacWorld, The Register, IT World Canada etc. places. He has spoken/trained at top conferences around the world including Black Hat USA, Europe and Abu Dhabi, Defcon, Hacktivity, Brucon, ClubHack, SecurityByte, SecurityZone, Nullcon, C0C0n etc. Twitter: @securitytube
 
 
Didier holds many IT certifications and is an MVP Security. Relevant to this training are his CCNP/Security certification (Cisco Certified Networking Professional) and the fact that he is working towards obtaining the Wireshark Certified Network Analyst certification.
 
You can find his tools on his security blog http://blog.DidierStevens.com
 
 
 
 
 
More information is available on [http://blog.DidierStevens.com Didier Stevens Blog]
 
<br>[[Image:300px-twitter-icon.jpg|17px]] [https://twitter.com/DidierStevens @DidierStevens]
 
  
 
''Mon. 22 - Tue. 23 September 2014 (09:00 - 17:00)''
 
''Mon. 22 - Tue. 23 September 2014 (09:00 - 17:00)''

Latest revision as of 10:35, 25 August 2014

Advanced Wi-Fi Pentesting by Vivek Ramachandran

Course Description

This training is based on the best selling book “Backtrack 5 Wireless Penetration Testing" and will provide a highly technical and in-depth treatment of Wi-Fi security. The emphasis will be to provide participants with a deep understanding of the principles behind various attacks and not just a quick how-to guide on publicly available tools.


Objectives

During the course of this training participants will do over 25+ hands-on lab sessions and will fight it out against live CTF challenges. These include - cracking WPA Enterprise (PEAP, EAP-TTLS), MITM attacks over Wireless, Creating Wi-Fi Backdoors, Scripting and Attack automation, Wireless Forensics and Security Best Practices.

Course Contents

A non-exhaustive list of topics to be taught includes:

  • Bypassing WLAN Authentication - Shared Key, MAC Filtering, Hidden SSIDs
  • Cracking WLAN Encryption - WEP, WPA/WPA2 Personal and Enterprise, Understanding encryption based flaws (WEP,TKIP,CCMP)
  • Attacking the WLAN Infrastructure - Rogues Devices, Evil Twins, DoS Attacks, MITM, Wi-Fi Protected Setup
  • Advanced Enterprise Attacks - 802.1x, EAP, LEAP, PEAP, EAP-TTLS
  • Attacking the Wireless Client - Honeypots and Hotspot attacks, Caffe-Latte, Hirte, Ad-Hoc Networks and Viral SSIDs, WiFishing
  • Breaking into the Client - Metasploit, SET, Social Engineering
  • Enterprise Wi-Fi Worms, Backdoors and Botnets

Prerequisites

Technical requirements for the training :

  • Laptop with at least 3 GB RAM
  • Kali Linux installed in Virtualbox with Windows / Linux / Mac as the Host
  • 1 working USB 2.0 port on your laptop (important as the Wi-Fi card only works with 2.0 ports)
  • Admin / Root on the laptop so you can install software

Trainer Biography

Vivek Ramachandran is the Founder and Chief Trainer at SecurityTube.net. He discovered the Caffe Latte attack, broke WEP Cloaking, a WEP protection schema in 2007 publicly at Defcon and conceptualized enterprise Wi-Fi Backdoors. He is also the author of the book “Backtrack 5 Wireless Penetration Testing“. He runs SecurityTube Trainings and Pentester Academy currently taken by infosec professionals in 75 countries. He also conducts in-person trainings in the US, Europe and Asia. Vivek’s work on wireless security has been quoted in BBC online, InfoWorld, MacWorld, The Register, IT World Canada etc. places. He has spoken/trained at top conferences around the world including Black Hat USA, Europe and Abu Dhabi, Defcon, Hacktivity, Brucon, ClubHack, SecurityByte, SecurityZone, Nullcon, C0C0n etc. Twitter: @securitytube

Mon. 22 - Tue. 23 September 2014 (09:00 - 17:00)

Register.jpg

Back to Training Overview