|
KARMA Wireless Client Security Assessment Tools
hot!
|
|
Hits: 103 |
|
Date added: 11/27/2006 |
|
KARMA is a set of tools for assessing the security of wireless clients at multiple layers. Wireless sniffing tools discover clients and their preferred/trusted networks by passively listening for 802.11 Probe Request frames. From there, individual clients can be targetted by creating a Rogue AP for one of their probed networks (which they may join automatically) or using a custom driver that responds to probes and association requests for any SSID. Higher-level fake services can then capture credentials or exploit client-side vulnerabilities on the host.
KARMA includes patches for the Linux MADWifi driver to allow the creation of an 802.11 Access Point that responds to any probed SSID. So if a client looks for 'linksys', it is 'linksys' to them (even while it may be 'tmobile' to someone else). Operating in this fashion has revealed vulnerabilities in how Windows XP and MacOS X look for networks, so clients may join even if their preferred networks list is empty.
Currently, these releases are BYOX (Bring Your Own Exploits), although a number of client-side exploits have been written, tested and demonstrated within this framework. Some may be included in a future release. Automated agent deployment is also planned. |
|
|
|
|
|
chopchop 0.1
hot!
|
|
Hits: 98 |
|
Date added: 09/13/2005 |
|
Revolutionary tool that decrypts any kind of WEP encrypted paket byte by byte by probing it against Access point. It is an active wep tool so it may generate some noise in the network traffic.only decodes IP ARP traffic |
|
|
|
|
|
Wireless Power Meter
hot!
|
|
Hits: 93 |
|
Date added: 11/20/2006 |
|
It is intended to give you a nice signal strength meter for analyzing your
wireless connection, and facilitate setting up point-to-point links. |
|
|
|
|
|
|
WifiScanner v1.0.2
hot!
|
|
Hits: 86 |
|
Date added: 01/14/2006 |
|
WifiScanner is an analyzer and detector of 802.11b stations and access points which can listen alternatively on all the 14 channels, write packet information in real time, search access points and associated client stations, and can generate a graphic of the architecture using GraphViz. All network traffic may be saved in the libpcap format for post analysis. It works under Linux with a PrismII card and with the linux-wlan driver. |
|
|
|
|
|
|
Wicrawl v0.3a
hot!
|
|
Hits: 83 |
|
Date added: 01/12/2007 |
|
Wicrawl is a simple wi-fi (802.11x) Access Point auditor with a simple and flexible plugin architecture. The plugins allow us to find out useful information about an AP so we don’t have to manually check each access point. Plugins are implemented for existing common tools, and new plugins can be written in any language. Wicrawl is able to use multiple cards, and eventually will be able to use multiple computers.
The goal is to automate the tedious task of scanning wi-fi access points for interesting information. This can be a useful tool for penetration testers looking to “crawl” through massive numbers of APs looking for interesting data. Plugins will be everything from DHCP and nmap to aircrack or hooks to move a motorized directional antenna around.
Major features:
* o Passive detection of Access Points (This means that if there are clients, we can find out the SSIDs from APs that have broadcast turned off).
* o Support for multiple cards. Discovery can be run from one card, while the plugins can be run from the rest.
* o Simple plugin interface with multiple Plugins (Basic association, DHCP, internet check, network mapping, WEP/WPA-PSK cracking, etc)
* o Profiles to manage card scheduling and wicrawl usage (for example a profile for mobile users, and one for penetration testing).
* o Support for multiple interfaces (GTK and status bar (with themes) now, text UI to come)
* o Reporting and summary output in HTML, XML or Text
* o Traffic packet logging in pcap format |
|
|
|
