The top three Wi-Fi pen testing tools in Kali Linux
Every hacker and security researcher loves Kali Linux. The developers of Kali Linux ethical hacking distro have released the second Kali Rolling ISO release i.e. Kali 2016.2. Just like the previous one, Kali promises to deliver lots of new updates and changes in this release. Over the course of past few months, Kali developers have been busy adding new tools to Kali and fixing multiple bugs. For example, they have added HTTPS support in busybox that allows secure installation over SSL.
Kali Linux provides you the flexibility to install your favorite desktop environment and personalizing your experience. However, Kali developers note that users often talk about how they would love to see another desktop environments instead of GNOME.
With the Kali Linux 2016.2 release, you can download your favorite ethical hacking distro in additional desktop flavors like KDE, MATE, LXDE, Xfce, and e17. It should be noted that these flavors are only available as 64-bit releases.
But what’s really cool about Kali Linux is the set of pentesting tools it offers. Here’re the top Kali Linux Wi-Fi hacking tools.
Without a doubt, this is the big daddy of Wi-Fi pen testing. Aricrack-ng is a powerful suite of tools for wireless password cracking, generating traffic, client de-authentication, packet capture, and setting up fake access points. Aircrack-ng’s tools are run from the command line which allows for heavy scripting and cover:
- Monitoring: Packet capture and export of data to text files for further processing by third party tools.
- Attacking: Replay attacks, deauthentication, fake access points and others via packet injection.
- Testing: Checking WiFi cards and driver capabilities (capture and injection).
- Cracking: WEP and WPA PSK (WPA 1 and 2).
If you want to mount an attack on multiple wireless networks using WEP/WPA/WPA2 and WPS you’re going to want to automate your assault which is what Wifite excels at:
- sorts targets by signal strength (in dB); cracks closest access points first
- automatically de-authenticates clients of hidden networks to reveal SSIDs
- numerous filters to specify exactly what to attack (wep/wpa/both, above certain signal strengths, channels, etc)
- “anonymous” feature; changes MAC to a random address before attacking, then changes back when attacks are complete
- all captured WPA handshakes are backed up to wifite.py’s current directory
- smart WPA de-authentication; cycles between all clients and broadcast deauths
- displays session summary at exit; shows any cracked keys
- all passwords saved to cracked.txt
Some Kali Linux users may rate Wireshark as the top Wi-Fi pentesting tool. Wireshark is the world’s foremost network protocol analyzer. It lets you see what’s happening on your network at a microscopic level. It is the de facto (and often de jure) standard across many industries and educational institutions.Wireshark is one of the best network [protocol] analyzer tools available, if not the best. With Wireshark you can [analyze] a network to the greatest detail to see what’s happening. Wireshark can be used for live packet capturing, deep inspection of hundreds of protocols, browse and filter packets and is multi-platform.
Top Wireshark’s features are:
- Deep inspection of hundreds of protocols, with more being added all the time
- Live capture and offline analysis with powerful display filters
- Captured network data can be browsed via a GUI or via the TTY-mode TShark utility
- Read/write many different capture file formats: tcpdump (libpcap), Pcap NG, WildPackets EtherPeek/TokenPeek/AiroPeek … it’s a long list. You can also export to XML, PostScript®, CSV, or plain text
- Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platform)
- Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2