What Is This Resource?
WiFi (‘Wireless’) hacking is all the rage.
For reasons best known to psychologists it seems that WiFi Hacking is the most popular ‘hacking related content’ on YouTube. Some WiFi Hacking Videos on YouTube have literally millions of views. Perhaps Hacking WiFi is so popular because, firstly, it means that if you master the attacks you’ll be able to secure endless free WiFi, but, secondly, because it is something which appeals an a ‘rite of passage’ for any budding wanna-be Hacker or serious Cybersecurity Professional.
Needless to say, to Hack WiFi is an achievement (if it has been configured absolutely correctly using for example WPA2 Enterprise) and the skills required to defend against such attacks are highly in demand, so to satisfy your curiosity we’ve gone ahead and listed a bunch of WiFi Hacking Software Tools that the Interwebs seems to have fallen in love with!
To submit a tool please click here or for further information on the range of hacking tools and software that we list please follow this link.
Last Updated: September 23rd, 2017
Fern WiFi Wireless Cracker Resources: Books, Courses & Software
What is Fern WiFi Wireless Cracker?
Fern Wifi Cracker is a Wireless attack software and security auding tool that is written using the Python Qt GUI library and Python Programming Language. This tool can can recover and crack WPA/WEP/WPS keys and can run other network based attacked on ethernet or wireless based networks.
Is Fern WiFi Wireless Cracker Free?
Yes Fern Wifi Cracker is free of charge.
Does Fern WiFi Wireless Cracker Work on all Operating Systems?
This works on Kali Linux operating systems.
What are the Typical Uses for Fern WiFi Wireless Cracker?
This tool helps in assisting with Network security by enabling the user to view and discover network traffic in real-time and therefor can identify the hosts and network data discovery. With the network server data features, it will help toughen your server and discover vulnerabilities before they are exploited.
inSSIDer Resources: Books, Courses & Software
What is Inssider?
Inssider is a wireless network scanner and was designed to overcome limitation of another tool which is NetStumbler. Inssider can track signal strength over time, open wireless access points and save logs with GPS records.
Is Inssider Free?
This is now a pay to use application.
Does Inssider Work on all Operating Systems?
It can be used on both Windows and Apple operating systems.
What are the Typical Uses for Inssider?
There are several uses for Inssider. It can collect data from wireless card and software. Assist with selecting the best wireless channel available. Render useful Wi-Fi network information such as SSID, MAC, vendor, data rate, signal strength, and security. Show graphs that signal strength over time. Shows which Wi-Fi network channels overlap. It also offers GPS support and data can be exported as Netstumbler (.ns1) files.
KisMAC Resources: Books, Courses & Software
What is Kismac?
KisMAC is a wireless network discovery hacking tool. Eventhough the codebase is different, this popular wireless stumbler provides several of the features of its namesake Kismet. This tool offers a beautiful GUI and was around even before Kismet was ported to MAC OX X. It also offers mapping, looging and Pcap-format import.
Is Kismac Free?
Yes, the use of this product is free.
Does Kismac Work on all Operating Systems?
No, this hacking tool is exclusively for Mac OS X.
What are the Typical Uses for Kismac?
KisMAC has many uses that are all very similar to, and drew influence from – Kismet (which is the Linux/ BSD version of this hacking tool). This software helps network cybersecurity professionals and is shipped under GNU General Public License regulations. KisMAC scans for networks passively on supported wireless cards – including Apple’s AirPort, and AirPort Extreme, and many third-party cards, and indeed on any other card that is supported by Apple Mac. Cracking of WEP and WPA keys, both by brute force, and exploiting flaws such as weak scheduling and poorly generated keys is supported when a card capable of monitor mode is used, and packet reinjection can be done with a supported card (Prism2 and some Ralink cards). GPS mapping can be performed when an NMEA compatible GPS receiver is attached.
Kismet Resources: Books, Courses & Software
What is Kismet?
Kismet is a packet sniffer, network detector and intrusion detection system for 802.11 wireless local area networks. This tool will work with other wireless card that supports raw monitoring mode and can also sniff 802.11a, 802.11b, 802.11g and 802.11n traffic.
Is Kismet Free?
Kismet is free for use.
Does Kismet Work on all Operating Systems?
The tool work on different systems including Linux, FreeBSD, OpenBSD, NetBSD and MAC OS X. It can also run on Microsoft windows.
What are the Typical Uses for Kismet?
Kismet is used in a number of open source and commercial projects. For an inexpensive wireless intrusion detection system, it can be used with other packages. It has also been used in a number of peer reviewed studies.
Metasploit Resources: Books, Courses & Software
What is Metasploit?
In 2003, H.D. Moore, (a Cyber Security Researcher and Program Developer from the US) started the Metasploit Project with the intention being to create a public and freely accessible resource to obtain exploitable code for research and development. The Metasploit Project is credited with the creation of the Metasploit Framework, which has become an open-source exploit framework used for IT Security penetration testing and research.
In 2009, Metasploit was acquired by Rapid7, but was still managed by HD until 2013 when he handed management of the Metasploit department in order to expand Rapid7’s research capabilities. In early 2016 HD left Rapid7 for a new venture.
Metasploit is awesome. Like the other top ten tools mentioned in our mega post it is a ‘must-learn’ security tool. The Metasploit Framework gives data about security vulnerabilities and helps in IDS signature development and penetration testing.
The tool has been completely rewritten in Ruby. If you are new to Metasploit or are a beginner to the Metasploit Framework then you should consider this tool as being a “Vulnerability Exploitation Tool”.
Is Metasploit Free?
Yes and no…the Metasploit Framework is free and can be downloaded here. Since the tool was acquired by Rapid7 there are two core proprietary editions called Metasploit Pro and Metasploit Express. If you’re new to pentesting and are looking to get started in Cyber Security then we’d highly encourage you to get started with the Metasploit Framework because you’ll absolutely learn a ton.
What’s the Difference between Metasploit Framework and Metasploit Pro Framework?
Whilst Metasploit Framework is free, its’ functionality is relatively basic. Professional security researchers, pentesters and ethical hackers would likely prefer to use Metasploit Pro which is the fully-fledged security solution for security programs and advanced penetration tests for SME’s and enterprise level organizations. Measploit Pro would be used for in-depth IT security auditing.
What Are Vulnerability Exploitation Tools?
Metasploit can be categorized in many ways, but we here at concise like to place this tool, or perhaps better said, ‘Framework’, as being a Vulnerability Exploitation Tool. Vulnerability Exploitation Tools are mainly used to discover if an attacker could find overflow weakness to install malware, or to discover fundamental operating and network system design flaws.
Does Metasploit Work on all Operating Systems?
Metasploit runs on Unix (including Linux and Mac OS X) and on Windows, and the Metasploit Framework has been translated in verbose to dozens of languages.
What are Typical Uses for Metasploit?
We’ve written a seperate blog post on the uses of Metasploit here, but as a summary, there are five uses, or ‘steps’ that a pentester or ethical hacker would use Metasploit for. They are:
Step 1: Choosing and configuring an exploit code
This step requires the professional to select code with the purpose of being able to penetrate a target system by taking advantage of a ‘vulnerability’ that is inherently embedded in the target box or network. Metasploit can pull nearly 1,000 exploits for Windows, Unix/Linux and Mac OS X systems
Step 2: Checking the Target
This step allows the hacker to discover with more accuracy if the target is penetrable with the chosen exploit. If not, then select another!
Step 3: Select and configure a payload to send to the target.
This could include, for instance, a remote shell or a VNC server.
Step 4: Get around the IDS/ IPS system (Intruston Detection System)
This step is all about using Metasploit to encode and encrypt the attack to essential go ‘under the radar.’
Step 5: Executing the exploit
This final step is all about the final and actual hack that can either pwn a box or network and/ or be able to remove data or deface a website (for example).
Recommended Metasploit Courses & Training
Like any learning, especially cyber security hacking/ pentesting training, the more ‘hands-on’ the course is, the more we recommend it. We’ve selected our preferred courses here.
NetStumbler Resources: Books, Courses & Software
What is NetStumbler?
Netstumbler is one of the well-known Windows tool for finding open wireless access points. They also distributed a WinCE version created for PDAs and named it MiniStumbler. Netstumbler uses a more active approach in finding WAPs than other tools. The last time we checked NetStumbler didn’t seem to have been updated – but we could be wrong! If we are please go ahead and drop a comment below – we and our community would really appreciate it.
Is NetStumbler Free?
Yes, this tool is free but no source code is provided.
Does NetStumbler Work on all Operating Systems?
Netstumbler is a Windows-only tool.
What are the Typical Uses for NetStumbler?
Netstumbler is commonly used for Wardriving. Finding locations with poor coverage in WLAN. Verifying network configurations. Helps in detecting causes of wireless inteference. Detects unauthorized access points and aiming directional antennas for long-haul WLAN links.
Wifiphisher Resources: Books, Courses & Software
What is Wifiphisher?
Wifiphisher is a WiFi hacking tool that can execute speedy automated phishing attacks against Wireless/ WiFi networks with the intention of discovering user and password credentials.
The difference with this wireless tool (compared with the others) is that it launches a Social Engineering attack which is a completely different attack vector to take when attempting to breach WiFi networks.
Is Wifiphisher free?
Yes. This WiFi ‘cracking tool’, as it is often referred to – is completely free and available from GitHub.
Does Wifiphisher work on all Operating Systems, and what are the requirements?
1. Kali Linux is the officially supported Linux distribo, but according to the developers GitHub page some users have been able to get the framework to work on other platforms. To be safe though we’d always recommend trying it either on Kali and almost certainly Linux since that is where you’ll get most support.
2. You’ll also need a wireless network adapter that supports ‘Access Point’ (AP) mode; and your driver should also support netlink.
3. Wireless network adapters are required that can be placed in ‘Monitor Mode’ and that are able to perform injection attacks.
What are the Typical Uses for Wifiphisher?
Wifiphisher can be used to a crack WiFi password. This tool takes the following steps: Wifiphisher deauthenticates the user from their legitimate AP. The framework then allows the user to authenticate to the Evil Twin AP that must be setup for the attack to be successful. Wifiphisher will then offer an HTML webpage to the user on a proxy that will notify them that an upgrade on the firmware has taken placed and will ask them to authenticate again. The wifi password is passed to the hacker while the user will continue browsing the web not knowing what happened.
How To Install Wifiphisher
This WiFi hacking tool should ship with Kali Linux, but if it doesn’t then you will need to take the following steps to install the software:
Step 1: apt -get update (good hygience to update your system pre-installation)
Step 2: cd Desktop (done to change to a directory where you can find the software afterward installation)
Step 3: git clone https://github.com/sophron/wifiphisher.git (clones the ‘repo’ from GitHub)
Step 4: cd wifiphisher (change to the newly installed directory))
Step 5: ls (list the items in the directory
Step 6: sudo phython setup.py install (install the python script, password might be required for non-Kali folks)
Step 7: wifiphisher(this will execute the software.)
Enjoy and use responsibly!
[continued from top of page]