Product Description
The growing Internet of Things is bringing more connected devices to consumers every day. These devices, like smart thermostats and smart speakers, are designed to make life easier. This creates new security concerns, since hackers no longer need physical connection to the networks linking the devices, but only need to be in their proximity, to send malicious data to exploit some vulnerability. Wi-Fi technology has big impacts on security, both in terms of perimeter security and client security. In this course we will discuss the security and privacy issues in today’s wireless network including WPA and WPA2 and also fuzz the scanning, authentication and association process of several IoT devices and non-IoT devices.
Who is this course for?
Security professionals and IoT Enthusiasts are welcome to take this course.
Why take it NOW?
There are roughly 8 billion devices connected to the internet as of now and by early 2020, it’s estimated that there were 25 to 35 billion IoT devices worldwide; however, little attention is being paid to the security of the devices. That’s why Wi-Fi Fuzzing is an important and current skill every hacker and pentester should know.Â
Why this course?
You will learn multiple tools and techniques in one workshop, and practice all skills in unique labs. This course will also demonstrate how to perform the actual hacking against wireless networks and highlight the top vulnerabilities. This course will offer a hands on opportunity to set up your own Wi-Fi fuzzing lab, perform exploitation using open source tools rather than just watching the videos.
Course benefits:
What skills will you gain?​​ ​​​ ​​ ​ ​​​​​
- Setting up a Wi-Fi fuzzing testing lab environment
- Fuzzing with open source tools to learn about the target network
- Advanced Wi-Fi fuzzing techniques
- Analysing packet types with Wireshark
What will you learn about?
- Basic understanding of the 802.11
- Fuzzing techniques from A to ZÂ
- Various method to perform wireless attacks
What tools will you Use?
- Aircrack-ng
- Kismet
- L0phtCrack
- RIP Protocol
- NetStumbler
- WiFi Pilot
- Metasploit
- Libpcap
- Wifuzzit
- OpenWRT
- Scapy
- Sulley
- Metasploit
- TCPdump
- BeSTORM
- AFLplusplus
- IOTFuzzer
- Frankenstein
- bettercap
Course general information:Â
DURATION: 18 hours
CPE POINTS: On completion you get a certificate granting you 18 CPE points.Â
SELF-PACED, PRE-RECORDED.Â
Course format:Â
- Self-paced
- Pre-recorded
- Accessible even after you finish the course
- No preset deadlines
- Materials are video, labs, and text
- All videos captioned
What will you need?
- PC with a preferred operating system (VMware Workstation, Kali Linux)
- Alfa Wi-Fi Adapter
- Esp32
- Raspberry Pi
What should you know before you join?
- Basic knowledge of the Wi-Fi and protocols
- Familiar with Linux OS
- Familiarity with basic hacking and pentesting skills and concepts
YOUR INSTRUCTOR: Â Vaibhav Bedi
Experience in various fields such as Biomedical, Embedded system, Additive and Smart Manufacturing and Internet of Things.
Experience in the security domain.
Delivered lectures to more than 500 students in communities like OWASP, Null Bangalore and Test Tribe.
Love spending most of my free time in making, breaking and securing IoT Devices.
Excel at operating and working with hardware.
The materials presented here do not represent the work done by the instructor for their current employer.
COURSE SYLLABUS
Module 1
Getting started with 802.11 protocol
The 802.11 is perhaps the fastest-changing network protocol around the world. The purpose of this module is to give the basic overview of the 802.11 Standard, in such a way that they will be able to understand the basic concepts, layers, frame structure and protocols. In this module, we will purely focus our efforts on 802.11 protocols.
- 802.11 overview
- 802.11 Architecture
- Components and services
- 802.11 Layer Modules
- 802.11 frame Structure
- 802.11 protocols
Practical graded assignments:
Assignment: We will provide you with multiple choice questions for practice.
Module 2
Introduction to Wi-Fi Fuzzing
The recent rise in complex Wi-Fi vulnerabilities indicates the critical need for effective Wi-Fi protocol testing tools. In this module, we will discuss packet injection for testing Wi-Fi client implementations against vulnerabilities and also introduce some frame fuzzing techniques to capture the packet using Wireshark.
Fuzzing overview
Building a router with a Raspberry Pi and OpenWRTÂ
Setting up a Wi-Fi fuzzing testing Lab environment
Common Wi-Fi vulnerabilities
Wi-Fi Frame Fuzzing
- Beacon fuzzing
- Probe Request
- Authentication & Deauthentication Request/Response
- Association & Reassociation Request & Response
- Disassociation
Access Point Fuzzing
Wi-Fi Raw Packet Injection
- Raw Fake AP
- Raw Glue AP
- Raw Covert
- Python Raw Covert
- WiFi Advanced Stealth Patches
Tools Used:
- NetStumbler
- Kismet
- Wireshark
- WiFi Pilot
- Wifuzzit
- OpenWRT
Practical graded assignments:
Assignment: We will provide the challenges related to the frame fuzzing and to perform the attacks on the live network.
Module 3
Fuzzing with Open Source Tools
In this module, we will discuss a lot of open source tools related to fuzzing and perform the attacks on the Wi-Fi network.
Fuzzing with Scapy
- Scapy Introduction
- Packets handlers in Scapy
- Finding Wi-Fi Devices
- Dictionary Attack on Hidden SSID Networks
Fuzzing with PeachFuzzer
Fuzzing with Sulley
Fuzzing with Metasploit
- TFTP Fuzzer
- IMAP Fuzzer
Fuzzing with libpcap
- Setup libpcap
- Send and verify Probe response
- Authentication and association
- Parsing of Probe response frames
Fuzzing with wifuzzit
Packet analysing using tcpdump
Tools Used:
- Scapy
- Sulley
- Metasploit
- Libpcap
- Wifuzzit
- TCPdump
Practical graded assignments:
Assignment: We will provide the challenges for fuzzing in the live network and apply the injections using the open source tools.
Module 4
Advance Wi-Fi Fuzzing Techniques
With more IoT devices entering the consumer market, it becomes imperative to detect their security vulnerabilities before an attacker does. In this module, we will discuss a novel automatic fuzzing framework, called IoTFUZZER, and find the memory corruption vulnerability in the IoT device. And also we will discuss some Wi-Fi dynamic testing, mutation fuzzing method, and as well as wireless sniffing techniques.
- Wi-Fi Dynamic Testing
- Advance Mutation Fuzzing method
- IoT Devices Fuzzing
- Writing the fuzzer in C
- Wireless HID hijacking
- Fuzzing wireless firmwares
- Wireless Sniffing
Tools Used:
- Wireshark
- BeSTORM
- AFLplusplus
- IoTFuzzer
- Frankenstein
- bettercap
Practical graded assignments:
Assignment: We will provide the challenges and firmware image for fuzzing.
Final exam
FINAL QUIZ :Â Multiple choice questions related to Wi-Fi fuzzing.Â
QUESTIONS?Â
If you have any questions, please contact our eLearning Manager at [email protected].
Reviews
There are no reviews yet.