Wireless Pentesting Part 4 – Performing an Actual Wireless Pentest

EH-Net - Wylie - Wireless Pentesting Part 4 – Performing an Actual Wireless PentestIn the previous article of this series, “Wireless Pentesting Part 3 – Common Wireless Attacks”, we discussed various scenarios to give you a better grasp of how wireless networks and clients can be attacked. The real possibility of a compromise of your systems is the reason we need to test for vulnerabilities and see if they can be exploited during a wireless pentest. Successful exploitation of wireless vulnerabilities is just the beginning of what a cybercriminal could do or the sensitive information they could access.

In this fourth and final part of the series, we are going to discuss how to conduct a wireless network pentest. This article will bring together what has been discussed up to this point. Once you are finished with this series, you should have a better idea on how to conduct wireless pentests and be prepared to do a pentest after some practice in a lab setting.

Where to Start a Wireless Pentest

In the first article in this series we discussed the Penetration Testing Execution Standard (PTES) and recommended it as a great resource for performing pentests utilizing a proven method. This will give you a good starting point to begin your wireless pentest and provide some guidance through the process. We will follow the seven sections of the pentesting methodology:

  • Pre-engagement Interactions
  • Intelligence Gathering
  • Threat Modeling
  • Vulnerability Analysis
  • Exploitation
  • Post Exploitation
  • Reporting

Pre-engagement Interactions

Scoping the Wireless Pentest

Properly scoping a pentest is going to help you more optimally conduct the pentest and provide your client with a better estimate of time. Pentesting is mainly priced based on hours needed to perform the service. You could lose money or overcharge your client, which are both bad for business.

You will need to meet with your client to better understand their goals (Read more...)

*** This is a Security Bloggers Network syndicated blog from The Ethical Hacker Network authored by Phillip Wylie. Read the original post at: