Topic: WLAN Vulnerability Assessment Tools List - My pick!

[F3RL]

Hi again, since I am interested in wireless communication I would like to share my experince
with tools I used to assess my wireless networks. Note that these are UNIX-based software.

Authentication attacks
 . PSK Cracking - coWPAtty, Rainbow Tables, aircrack-ng
 . LEAP Cracking - Anwrap, Asleap, LEAPcracker
 . Password Capture - Dsniff, WinSniffer, wireshark
 . VPN Login Cracking - ike_crack, pptp_bruter
 . HTTP auth Cracking - THC-Hydra

WLAN DoS attacks
 . Radio (RF) Jamming - Alchemy, HyperWRT
 . Beacon Flood - FakeAP
 . Deauth Flood - FATA-Jack, MDK3
 . EAP-of-Death - Libradiate

Station attacks
 . Driver exploits - Metasploit, LORCON
 . Staton probes - WZCOOK, nmap
 . EAP Injection - Void11, LORCON
 . EAP Replay - Airpwn, wnet reinject

Today, IT guys in my school actually wanted me to run a vulnerability assessment just because they
couldnt be bothered to walk around school doing the assessment - lazy tech guys . After lunch time,
the school's IDS was not be able to detect ARP poisoning and decided to use ARPWatch for few days.
They still use WEP for staff's wireless network but they changed to WPA-TKIP now, with randomized
WPA passphrase. Anyway, those were tools I sometimes use for fun

[jake2pointzero]

sir,

where can we download the WLAN Assesment tools

[F3RL]

My apology for late reply,

The easiest way to get those tools are to obtain a copy of BackTrack 3, (BackTrack 4 is on beta).
Which has more than 100 security assessment tools. However it requires basic/intermediate knowledge with UNIX shell - which I have not fully mastered it yet

Here is the link: http://www.remote-exploit.org/backtrack.html